qqel.cesajiol.com Open in urlscan Pro
2606:4700:3036::6815:190f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qqel.cesajiol.com/
Effective URL:
https://qqel.cesajiol.com/
Submission: On March 01 via api (March 1st 2023, 7:31:44 am UTC) from US — Scanned from US

Summary HTTP 160 Redirects Links 67 Behaviour Indicators

Summary

This website contacted 48 IPs in 5 countries across 44 domains to perform 160 HTTP transactions. The main IP is 2606:4700:3036::6815:190f, located in United States and belongs to CLOUDFLARENET, US. The main domain is qqel.cesajiol.com.
TLS certificate: Issued by GTS CA 1P5 on February 17th 2023. Valid for: 3 months.

This is the only time qqel.cesajiol.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:dd90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:190f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a02:6ea0:c40... 2a02:6ea0:c400::12	60068 (CDN77 ^_^) (CDN77 ^_^)
10	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
9	2a02:6ea0:c40... 2a02:6ea0:c400::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	75.2.45.24 75.2.45.24	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
3	143.204.144.76 143.204.144.76	16509 (AMAZON-02) (AMAZON-02)
3	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1 3	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
1	108.138.105.32 108.138.105.32	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
3	2602:803:c002... 2602:803:c002:200::52	26667 (RUBICONPR...) (RUBICONPROJECT)
4	8.2.110.31 8.2.110.31	46636 (NATCOWEB) (NATCOWEB)
2	2600:141b:13:... 2600:141b:13:785::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	23.66.193.23 23.66.193.23	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
2	108.138.128.34 108.138.128.34	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
1 8	185.15.245.82 185.15.245.82	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
9	8.2.110.24 8.2.110.24	46636 (NATCOWEB) (NATCOWEB)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.21.186.137 52.21.186.137	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4006:806::200a	15169 (GOOGLE) (GOOGLE)
5 5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a07:d5b4:f192:17b5:1772	14618 (AMAZON-AES) (AMAZON-AES)
2 2	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	192.35.249.138 192.35.249.138	11742 (SPOTX-IAD) (SPOTX-IAD)
3 3	8.28.7.82 8.28.7.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1 1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	23.3.115.102 23.3.115.102	16625 (AKAMAI-AS) (AKAMAI-AS)
5 8	168.119.149.178 168.119.149.178	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	80.77.87.162 80.77.87.162	46636 (NATCOWEB) (NATCOWEB)
1	3.213.224.199 3.213.224.199	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.98.26.246 172.98.26.246	399668 (E-PLANNING-) (E-PLANNING-)
2 2	68.67.161.182 68.67.161.182	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	199.187.193.182 199.187.193.182	47043 (SMARTADSE...) (SMARTADSERVER)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2006	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:809::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
9	185.15.245.80 185.15.245.80	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
2 2	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
1 1	173.223.56.249 173.223.56.249	16625 (AKAMAI-AS) (AKAMAI-AS)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	54.83.15.219 54.83.15.219	14618 (AMAZON-AES) (AMAZON-AES)
1 2	199.187.193.181 199.187.193.181	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	18.207.57.90 18.207.57.90	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.232.64.79 3.232.64.79	14618 (AMAZON-AES) (AMAZON-AES)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
1 1	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
2 2	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
9	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
160	48

1 2606:4700:3034::ac43:dd90 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qqel.cesajiol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:190f (United States)

ASN13335 (CLOUDFLARENET, US)

qqel.cesajiol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

cdn.tudoreceitas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

cdn0.tudoreceitas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.45.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad522a66075307272.awsglobalaccelerator.com

www.tudoreceitas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.144.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-144-76.ewr52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.105.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-105-32.jfk50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c002:200::52 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.2.110.31 (United States)

ASN46636 (NATCOWEB, US)

pub.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13:785::1931 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.66.193.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-193-23.deploy.static.akamaitechnologies.com

cdn-statics.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

94b4842e4bdfc3a6e55653ffd0d35471.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dfe7a8bdbf231c74b7b0adf2c69de1a7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.15.245.82 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)

sync.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.186.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-186-137.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:806::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.249 (Frederick, United States) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:d5b4:f192:17b5:1772 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.186 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.138 (Ashburn, United States) 1 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.82 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.84 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.3.115.102 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-115-102.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 168.119.149.178 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.162 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.224.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-224-199.compute-1.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.98.26.246 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.182 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.182 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2006 (Nutley, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:809::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80d::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.15.245.80 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

api.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.43 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.56.249 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-249.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.81 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.83.15.219 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-15-219.compute-1.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.187.193.181 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.207.57.90 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-57-90.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.232.64.79 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-64-79.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.33.138 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.117 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	tudoreceitas.com cdn.tudoreceitas.com cdn0.tudoreceitas.com www.tudoreceitas.com — Cisco Umbrella Rank: 474263	549 KB
21	googlesyndication.com 94b4842e4bdfc3a6e55653ffd0d35471.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 dfe7a8bdbf231c74b7b0adf2c69de1a7.safeframe.googlesyndication.com	108 KB
17	theadex.com 1 redirects dmp.theadex.com — Cisco Umbrella Rank: 21019 api.theadex.com — Cisco Umbrella Rank: 18814	20 KB
16	admanmedia.com 1 redirects pub.admanmedia.com — Cisco Umbrella Rank: 33503 cdn-statics.admanmedia.com — Cisco Umbrella Rank: 148808 sync.admanmedia.com — Cisco Umbrella Rank: 8131 cs.admanmedia.com — Cisco Umbrella Rank: 972	68 KB
15	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 pubads.g.doubleclick.net — Cisco Umbrella Rank: 441	341 KB
8	richaudience.com 5 redirects sync.richaudience.com — Cisco Umbrella Rank: 1872 s.richaudience.com Failed	2 KB
6	pubmatic.com 6 redirects image8.pubmatic.com — Cisco Umbrella Rank: 623 image2.pubmatic.com — Cisco Umbrella Rank: 846 image4.pubmatic.com — Cisco Umbrella Rank: 938 image6.pubmatic.com — Cisco Umbrella Rank: 725	2 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	3 KB
6	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 450 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 844 eus.rubiconproject.com — Cisco Umbrella Rank: 533 token.rubiconproject.com — Cisco Umbrella Rank: 541	3 KB
6	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 878 trc.taboola.com — Cisco Umbrella Rank: 669 trc-events.taboola.com — Cisco Umbrella Rank: 1831	197 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	110 KB
5	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 296	3 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 378 bidder.criteo.com — Cisco Umbrella Rank: 714 mug.criteo.com — Cisco Umbrella Rank: 2719	8 KB
4	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 377 ib.adnxs.com — Cisco Umbrella Rank: 203	4 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 442 fonts.googleapis.com — Cisco Umbrella Rank: 36	567 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1183 bcp.crwdcntrl.net — Cisco Umbrella Rank: 858	21 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 282 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 476	50 KB
3	smartadserver.com 2 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 782 sync.smartadserver.com — Cisco Umbrella Rank: 1273	1 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439 cms.analytics.yahoo.com — Cisco Umbrella Rank: 848 ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	2 KB
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 459 pixel.mathtag.com — Cisco Umbrella Rank: 991	2 KB
3	tapad.com pandg.tapad.com — Cisco Umbrella Rank: 1775 pixel.tapad.com — Cisco Umbrella Rank: 424	3 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2661 log.pinterest.com — Cisco Umbrella Rank: 3821	19 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	59 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 591	701 B
2	id5-sync.com 2 redirects id5-sync.com — Cisco Umbrella Rank: 404	3 KB
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1027	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 198	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	942 B
2	gstatic.com fonts.gstatic.com csi.gstatic.com Failed	31 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 361	893 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 342	842 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 709	893 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
2	cesajiol.com 1 redirects qqel.cesajiol.com	12 KB
1	creative-serving.com 1 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3915	469 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	17 KB
1	e-planning.net sync.e-planning.net — Cisco Umbrella Rank: 6569	104 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 708	636 B
1	gumgum.com usersync.gumgum.com — Cisco Umbrella Rank: 1749	250 B
1	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 2625	667 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1261	661 B
1	pghub.io pghub.io — Cisco Umbrella Rank: 1704	5 KB
0	fantoly.com Failed fantoly.com Failed
160	44

	Domain	Requested by
17	cdn.tudoreceitas.com	qqel.cesajiol.com cdn.tudoreceitas.com
10	tpc.googlesyndication.com	qqel.cesajiol.com securepubads.g.doubleclick.net tpc.googlesyndication.com
10	securepubads.g.doubleclick.net	qqel.cesajiol.com securepubads.g.doubleclick.net cdn-statics.admanmedia.com
9	pagead2.googlesyndication.com	qqel.cesajiol.com securepubads.g.doubleclick.net tpc.googlesyndication.com
9	api.theadex.com	dmp.theadex.com api.theadex.com
9	sync.admanmedia.com	cdn-statics.admanmedia.com sync.admanmedia.com
9	cdn0.tudoreceitas.com	qqel.cesajiol.com
8	sync.richaudience.com	5 redirects sync.admanmedia.com
8	dmp.theadex.com	1 redirects cdn-statics.admanmedia.com qqel.cesajiol.com api.theadex.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	match.adsrvr.org	5 redirects
4	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
4	pub.admanmedia.com	cdn.tudoreceitas.com qqel.cesajiol.com cdn-statics.admanmedia.com
3	cm.g.doubleclick.net	3 redirects
3	image8.pubmatic.com	3 redirects
3	x.bidswitch.net	3 redirects
3	imasdk.googleapis.com	cdn-statics.admanmedia.com imasdk.googleapis.com
3	trc-events.taboola.com	qqel.cesajiol.com
3	fastlane.rubiconproject.com	cdn.tudoreceitas.com
3	gum.criteo.com	1 redirects cdn.taboola.com static.criteo.net
3	c.amazon-adsystem.com	qqel.cesajiol.com c.amazon-adsystem.com
2	www.google.com	tpc.googlesyndication.com
2	static.criteo.net	cdn.tudoreceitas.com static.criteo.net
2	sync-tm.everesttech.net	2 redirects
2	id5-sync.com	2 redirects
2	ps.eyeota.net	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.smartadserver.com	1 redirects api.theadex.com
2	c1.adform.net	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	ib.adnxs.com	2 redirects
2	px.ads.linkedin.com	1 redirects sync.admanmedia.com
2	idsync.rlcdn.com	2 redirects
2	sync.search.spotxchange.com	1 redirects sync.admanmedia.com
2	secure.adnxs.com	2 redirects
2	sync.mathtag.com	2 redirects
2	pixel.tapad.com	pandg.tapad.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	tags.crwdcntrl.net	cdn-statics.admanmedia.com sync.admanmedia.com
2	cdn-statics.admanmedia.com	pub.admanmedia.com cdn-statics.admanmedia.com
2	assets.pinterest.com	cdn.tudoreceitas.com assets.pinterest.com
2	cdn.taboola.com	qqel.cesajiol.com cdn.taboola.com
2	www.google-analytics.com	qqel.cesajiol.com www.google-analytics.com
2	qqel.cesajiol.com	1 redirects
1	mug.criteo.com
1	dfe7a8bdbf231c74b7b0adf2c69de1a7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	ads.creative-serving.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	token.rubiconproject.com	api.theadex.com
1	pixel.mathtag.com	1 redirects
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	log.pinterest.com	qqel.cesajiol.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	s0.2mdn.net	imasdk.googleapis.com
1	ssbsync.smartadserver.com	1 redirects
1	sync.e-planning.net	sync.admanmedia.com
1	pippio.com	1 redirects
1	usersync.gumgum.com	sync.admanmedia.com
1	cs.admanmedia.com	1 redirects
1	spl.zeotap.com	1 redirects
1	eus.rubiconproject.com	sync.admanmedia.com
1	secure-assets.rubiconproject.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	pandg.tapad.com	pghub.io
1	pghub.io	cdn-statics.admanmedia.com
1	94b4842e4bdfc3a6e55653ffd0d35471.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bidder.criteo.com	cdn.tudoreceitas.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	trc.taboola.com	cdn.taboola.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.tudoreceitas.com	qqel.cesajiol.com
0	fantoly.com Failed	qqel.cesajiol.com
0	s.richaudience.com Failed	imasdk.googleapis.com
0	csi.gstatic.com Failed	imasdk.googleapis.com
160	79

This site contains links to these domains. Also see Links.

Domain
www.tudoreceitas.com
www.facebook.com
twitter.com
wa.me
www.instagram.com
www.youtube.com
www.pinterest.com
www.linktomedia.com

Subject Issuer	Validity	Valid
*.cesajiol.com GTS CA 1P5	`2023-02-17` - `2023-05-18`	3 months	crt.sh
1885190603.rsc.cdn77.org R3	`2023-01-09` - `2023-04-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
1533073095.rsc.cdn77.org R3	`2023-01-09` - `2023-04-09`	3 months	crt.sh
tudoreceitas.com Amazon RSA 2048 M01	`2023-02-13` - `2023-10-06`	8 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2022-04-21` - `2023-05-23`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
dmp.theadex.com R3	`2023-02-23` - `2023-05-24`	3 months	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.e-planning.net R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
api.theadex.com R3	`2023-01-11` - `2023-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://qqel.cesajiol.com/
Frame ID: A81E31DEE2A007428B5B85CCB8C6EBF4
Requests: 79 HTTP requests in this frame

Frame: https://94b4842e4bdfc3a6e55653ffd0d35471.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9AC1E126DF83EE97B1E2C5DB3333FAAB
Requests: 1 HTTP requests in this frame

Frame: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Frame ID: D8EA447C5FE91CCBA0880161B88F6A0F
Requests: 19 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fqqel.cesajiol.com%2F&owner=P%26G&bp_id=adman&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js
Frame ID: 1C3311FEE48DD3199404ED84CC2C9760
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.558.0_en.html
Frame ID: 1029E4AAB2A8A9A7DEA2683FE75AE9EA
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs
Frame ID: 1AD05A6F38686AC742DF5CEF99B72054
Requests: 15 HTTP requests in this frame

Frame: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Frame ID: A34D537E0C4265DB6E1B913BFE48C143
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.558.0_en.html
Frame ID: 6180578F1F3A81D75E7F512A5EAC9029
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 157C9E983EBF70BB2DAB616951E682D4
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05433A312563D07D2F03E71EDC7BD07E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ABC4E26EB18CC6F21F049F94B5A334C7
Requests: 2 HTTP requests in this frame

Frame: https://dfe7a8bdbf231c74b7b0adf2c69de1a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8463A91588971BA89F7141F5C0D2A259
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 29D8AEDF2E48CEFFB5CA78963D3C947D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 56C26A96B22DE8A2AE3F226736CD1972
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=qqel.cesajiol.com
Frame ID: 3381FED9CF1B67AA09418CA94AB0269C
Requests: 2 HTTP requests in this frame

Frame: https://fantoly.com/t.js?i=c874wte83omk5fbxowd0k&cb=1820401677655904132
Frame ID: 6AAF8EBF525FFB6D0BDC1FE79815B4F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Torta de Frango com milho - Super recheada!

Page URL History Show full URLs

http://qqel.cesajiol.com/ HTTP 301
https://qqel.cesajiol.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

160
Requests

76 %
HTTPS

35 %
IPv6

44
Domains

79
Subdomains

48
IPs

5
Countries

2209 kB
Transfer

6088 kB
Size

78
Cookies

67 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tudoreceitas.com/receitas-de-pao-e-bolos-16/
Title: Pão e bolos

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-sobremesas-17/
Title: Sobremesas

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-carne-10/
Title: Carne

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-aves-e-caca-11/
Title: Aves e caça

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-peixe-12/
Title: Peixe

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-frutos-do-mar-13/
Title: Frutos do mar

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-legumes-8/
Title: Legumes

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-verduras-7/
Title: Verduras

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-arroz-e-cereais-9/
Title: Arroz e cereais

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-massas-5/
Title: Massas

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-saladas-4/
Title: Saladas

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-sopas-6/
Title: Sopas

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-ovos-e-laticinios-18/
Title: Ovos e laticínios

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-aperitivos-e-petiscos-1/
Title: Aperitivos e petiscos

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-molhos-e-acompanhamentos-14/
Title: Molhos e acompanhamentos

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-coqueteis-e-bebidas-15/
Title: Coquetéis e bebidas

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-comida-de-panela-19/
Title: Comida de panela

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/conselhos-de-cozinha-6146/
Title: Conselhos de cozinha

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.tudoreceitas.com/receita-de-torta-de-frango-com-milho-11161.html

Search URL Search Domain Scan URL

URL: https://twitter.com/share?original_referer=https://www.tudoreceitas.com/receita-de-torta-de-frango-com-milho-11161.html&text=Receita%20de%20Torta%20de%20Frango%20com%20milho&url=https://www.tudoreceitas.com/receita-de-torta-de-frango-com-milho-11161.html&via=TudoReceitasCom

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Receita%20de%20Torta%20de%20Frango%20com%20milho%20-%20https://www.tudoreceitas.com/receita-de-torta-de-frango-com-milho-11161.html

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-torta-de-frango-com-milho-11161.html?print=1

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/ajax/download/id_post/11161

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-frango-1102/
Title: Frango

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-torta-de-liquidificador-de-frango-com-milho-233.html
Title: Torta de liquidificador de frango com milho

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-snack-de-frango-7772.html
Title: Receita de Snack de frango

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-crepe-de-frango-10719.html
Title: Receita de Crepe de frango

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-torta-de-frango-de-liquidificador-6395.html
Title: Torta de frango de liquidificador

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-torta-de-frango-202.html
Title: Torta de frango

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-fricasse-de-frango-com-milho-verde-9352.html
Title: Fricassê de frango com milho verde

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-frango-com-abacaxi-7748.html
Title: Frango com abacaxi

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-coelho-1103/
Title: Coelho

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-file-de-frango-6190/
Title: Filé de frango

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-asas-de-frango-5876/
Title: Asas de frango

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-almondegas-de-frango-5940/
Title: Almôndegas de frango

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-galinha-1107/
Title: Galinha

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-pato-1105/
Title: Pato

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-coxa-de-frango-assada-no-forno-com-maionese-5545.html
Title: Coxa de frango assada no forno com maionese

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-file-de-frango-na-airfryer-9018.html
Title: Filé de frango na AirFryer

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-coxa-e-sobrecoxa-de-frango-na-airfryer-9037.html
Title: Coxa e sobrecoxa de frango na AirFryer

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-creme-de-galinha-com-maizena-6778.html
Title: Creme de galinha com maizena

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-tempero-para-frango-frito-9616.html
Title: Tempero para frango frito

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-filezinho-de-frango-no-forno-8454.html
Title: Filézinho de frango no forno

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-medalhao-de-frango-com-bacon-assado-8814.html
Title: Medalhão de frango com bacon assado

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-frango-a-passarinho-na-airfryer-9235.html
Title: Frango à passarinho na AirFryer

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-sobras-de-frango-com-maionese-10192.html
Title: Sobras de frango com maionese

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-frango-desfiado-simples-4478.html
Title: Frango desfiado simples

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-fricasse-de-frango-com-creme-de-milho-e-requeijao-9255.html
Title: Fricassê de frango com creme de milho e requeijão

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-terrine-de-frango-com-presunto-9788.html
Title: Terrine de frango com presunto

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-taco-com-recheio-de-frango-5660.html
Title: Taco com recheio de frango

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-rocambole-de-frango-low-carb-10045.html
Title: Rocambole de frango low carb

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-tacos-mexicanos-de-frango-6929.html
Title: Tacos mexicanos de frango

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-panqueca-de-frango-com-requeijao-7959.html
Title: Panqueca de frango com requeijão

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/index/politicadeprivacidad
Title: política de privacidade

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/cdn-cgi/l/email-protection#c1a8afa7ae81ada8afaab5aeaca4a5a8a0efafa4b5
Title: [email protected]

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-torta-de-frango-com-milho-11161.html#top
Title: Voltar ao topo da página

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TudoReceitascom

Search URL Search Domain Scan URL

URL: https://twitter.com/TudoReceitasCom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/TudoReceitas

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Tudoreceitas?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/tudoreceitas

Search URL Search Domain Scan URL

URL: https://www.linktomedia.com/

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/quem-somos
Title: Quem somos

Search URL Search Domain Scan URL

URL: https://www.linktomedia.com/?pt#Contacto
Title: Fale conosco

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/index/terminosycondiciones
Title: Termos e Condições

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/index/politicadecookies
Title: Política de cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qqel.cesajiol.com/ HTTP 301
https://qqel.cesajiol.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b7380467-7e2e-48ab-b7c3-f87f9859a326%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness%252522%25253A%252522%252522%25252C%252522brands%252522%25253A%25255B%25255D%25252C%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b7380467-7e2e-48ab-b7c3-f87f9859a326%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness%252522%25253A%252522%252522%25252C%252522brands%252522%25253A%25255B%25255D%25252C%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ca22d85-a644-4e66-8f3f-1e0f170dc8d0&ttd_puid=b7380467-7e2e-48ab-b7c3-f87f9859a326%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D

Request Chain 70

https://sync.mathtag.com/sync/img?mt_exid=10072&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3D2040%26partner_device_id%3D%5BMM_UUID%5D%26ch%3D%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2040&partner_device_id=ce7b63fe-ff59-4600-b62f-48b8ea6b5337&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&gdpr=0&gdpr_consent=

Request Chain 71

https://x.bidswitch.net/sync?ssp=adman&user_id=4c4cf780-8980-4383-84e5-1e768c58841f HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=adman&user_id=4c4cf780-8980-4383-84e5-1e768c58841f HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adman&ssp_user_id=472247f4-31d3-45db-b8c3-b585a2f84572&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-2zQ14J1E2pmKtis7W3AgfE_g_uMWRHNYuCBAmw--~A&expires=5&ssp=adman HTTP 302
https://sync.admanmedia.com/bidswitch.gif?puid=472247f4-31d3-45db-b8c3-b585a2f84572&redir=[RED]

Request Chain 72

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.admanmedia.com%2Fappnexus.gif%3Fpuid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.admanmedia.com%252Fappnexus.gif%253Fpuid%253D%2524UID HTTP 302
https://sync.admanmedia.com/appnexus.gif?puid=8721401424237650012

Request Chain 73

https://sync.mathtag.com/sync/img?mt_exid=SelfService34&redir=https%3A%2F%2Fsync.admanmedia.com%2Fmm.gif%3Fpuid%3D%5BMM_UUID%5D HTTP 302
https://sync.admanmedia.com/mm.gif?puid=797363fe-ff5a-4d00-a701-40dbf1f2bf2a

Request Chain 74

https://match.adsrvr.org/track/cmf/generic?ttd_pid=digqd7p&ttd_tpi=1&gdpr=0&gdpr_consent=[GDPR_CONSENT] HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=digqd7p&ttd_tpi=1&gdpr=0&gdpr_consent=[GDPR_CONSENT] HTTP 302
https://sync.admanmedia.com/ttd.gif?puid=f2192a5d-976a-4339-859d-84ea1a612b9e

Request Chain 75

https://sync.search.spotxchange.com/partner?adv_id=8561&uid=BUYER_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8561&uid=BUYER_USER_ID&__user_check__=1&sync_id=1a0a6ab9-b803-11ed-8c85-1a8a1b120103

Request Chain 76

https://image8.pubmatic.com/AdServer/ImgSync?p=157362&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157362%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.admanmedia.com%252Fpub.gif%253Fpuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=157362&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157362%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.admanmedia.com%252Fpub.gif%253Fpuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkZCQThBNjQtQjE1Ni00Q0ZFLUI4RTAtNTI0RTFEMkI2QTE2&gdpr=-1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkZCQThBNjQtQjE1Ni00Q0ZFLUI4RTAtNTI0RTFEMkI2QTE2&gdpr=-1&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=157362&pmc=1&pr=https%3A%2F%2Fsync.admanmedia.com%2Fpub.gif%3Fpuid%3D2FBA8A64-B156-4CFE-B8E0-524E1D2B6A16 HTTP 302
https://sync.admanmedia.com/pub.gif?puid=2FBA8A64-B156-4CFE-B8E0-524E1D2B6A16

Request Chain 77

https://ums.acuityplatform.com/tum?umid=134&uid=4c4cf780-8980-4383-84e5-1e768c58841f&rurl=https%3A%2F%2Fsync.admanmedia.com%2Fac.gif%3Fpuid%3D___AUID___ HTTP 302
https://sync.admanmedia.com/ac.gif?puid=749222982334

Request Chain 78

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onefortyproof&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=onefortyproof&endpoint=eu

Request Chain 79

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=sZn9xIbZzF&consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2F71da423e3fcc7c87e88ac913d505141d.gif%3Fpuid%3D[PDID] HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=%5BGDPR_CONSENT%5D&referrer=https%3A%2F%2Fsync.admanmedia.com%2F HTTP 303
https://spl.zeotap.com/?zdid=689&env=mWeb&eventType=pageview HTTP 302
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=b15827ab-63f8-413d-5196-0e757d1fa6ac&env=mWeb&eventType=pageview&id_mid_4=b15827ab-63f8-413d-5196-0e757d1fa6ac&reqId=08dba597-f2b3-4ca4-6895-4d60dd20e004&zdid=689

Request Chain 80

https://cs.admanmedia.com/sync/admanmedia?puid=4c4cf780-8980-4383-84e5-1e768c58841f&gdpr=0&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA] HTTP 302
https://usersync.gumgum.com/usersync?b=aad&i=4c4cf780-8980-4383-84e5-1e768c58841f

Request Chain 81

https://idsync.rlcdn.com/711169.gif?partner_uid=4c4cf780-8980-4383-84e5-1e768c58841f&ct=4&cv=[GDPR_CONSENT] HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CIG0KxIwCiwIARCnhAoaJDRjNGNmNzgwLTg5ODAtNDM4My04NGU1LTFlNzY4YzU4ODQxZhAAGg0I2v77nwYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=b2d7606910fb597acd8498b6d05c01564351b311db950d70a22b765c9a6c5d91791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b2d7606910fb597acd8498b6d05c01564351b311db950d70a22b765c9a6c5d91791426b5417dce21&rand=04367447 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b2d7606910fb597acd8498b6d05c01564351b311db950d70a22b765c9a6c5d91791426b5417dce21&rand=04367447&expected_cookie=f6bd7c91-8181-453f-930d-13ae24dfb168

Request Chain 83

https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=[PAGE]&consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2F5adaebfbb9dfe4ba75269cf62a4503e8.gif%3Fpuid%3D[PDID] HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=[PAGE]&consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2F5adaebfbb9dfe4ba75269cf62a4503e8.gif%3Fpuid%3D[PDID]&rd=1 HTTP 303
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID HTTP 302
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=8721401424237650012

Request Chain 84

https://ssbsync.smartadserver.com/api/sync?callerId=29&redirectUri=https%3A%2F%2Fsync.admanmedia.com%2F6ee87f33c866f2a98fb8fdaca65874d4.gif%3Fpuid%3D[ssb_sync_pid]%26gdpr%3D0%26gdpr_consent%3D[GDPR_CONSENT] HTTP 302
https://sync.admanmedia.com/6ee87f33c866f2a98fb8fdaca65874d4.gif?puid=7274724299680949077&gdpr=0&gdpr_consent=[GDPR_CONSENT]

Request Chain 85

https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2Fmm.gif%3Fpuid%3D[PDID] HTTP 302
https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2Fmm.gif%3Fpuid%3D[PDID]&rd=1

Request Chain 92

https://dmp.theadex.com/trace.js?adex_consent=1 HTTP 303
https://dmp.theadex.com/trace.js?adex_consent=1&axd_sc=4321118274896255212

Request Chain 114

https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D1%26axd_fuid%3D%24UID HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=1&axd_fuid=8721401424237650012

Request Chain 115

https://c1.adform.net/serving/cookie/match/?party=1010&adx_id=1609 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1010&adx_id=1609 HTTP 302
https://dmp.theadex.com/d/1609/i/2.gif?axd_pid=2&axd_fuid=5492445682907216564

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_sc&google_nid=theadex_dmp&google_cm&axd_cuid=1609&c=4321118274896255212 HTTP 302
https://dmp.theadex.com/d/cm.gif?axd_pid=8&axd_fuid=CAESEOzXrVsHxNHWYozWBmIoB3g&google_cver=1&axd_cuid=1609&c=4321118274896255212

Request Chain 117

https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D10%26axd_fuid%3D%5BMM_UUID%5D HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=10&axd_fuid=797363fe-ff5a-4d00-a701-40dbf1f2bf2a

Request Chain 118

https://match.adsrvr.org/track/cmf/generic?ttd_pid=theadex&ttd_puid=1609&ttd_tpi=1 HTTP 302
https://dmp.theadex.com/d/cm.gif?axd_cuid=1609&axd_pid=12&axd_fuid=1ca22d85-a644-4e66-8f3f-1e0f170dc8d0

Request Chain 120

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D21%26axd_fuid%3D%23PM_USER_ID HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=21&axd_fuid=2FBA8A64-B156-4CFE-B8E0-524E1D2B6A16

Request Chain 121

https://ads.creative-serving.com/cm?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D26%26axd_fuid%3D%24%7BUUID%7D HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=26&axd_fuid=c251008d-2395-452c-9928-5a0ac4b67532

Request Chain 122

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D59%26axd_fuid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=59&axd_fuid=[sas_uid]&cklb=1

Request Chain 123

https://dpm.demdex.net/ibs:dpid=110947&dpuuid=4321118274896255212&redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D97%26axd_fuid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=110947&dpuuid=4321118274896255212&redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D97%26axd_fuid%3D%24%7BDD_UUID%7D HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=97&axd_fuid=32340966325073532160721081448658767834

Request Chain 124

https://ps.eyeota.net/click?pid=6t2b2cv&t=gif&r=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D102%26axd_fuid%3D%7BUUID_6t2b2cv%7D HTTP 302
https://ps.eyeota.net/click/bounce/?pid=6t2b2cv&t=gif&r=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D102%26axd_fuid%3D%7BUUID_6t2b2cv%7D HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=102&axd_fuid=2_RW0hIxOkQN1LvBIwMcTqF4zFhGhpjQVFpGyfZ7ngA8

Request Chain 125

https://cms.analytics.yahoo.com/cms?partner_id=ADEX&axd_cuid=1609 HTTP 302
https://ups.analytics.yahoo.com/ups/58676/cms?partner_id=ADEX&axd_cuid=1609 HTTP 302
https://dmp.theadex.com/d/cm.gif?axd_pid=130&axd_fuid=y-BxmpuB9E2pGDntQti7iWsj2hSJy7K9123A--~A&axd_cuid=1609

Request Chain 126

https://id5-sync.com/s/159/9.gif?callback=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D280%26axd_fuid%3D%7BID5UID%7D&puid=4321118274896255212 HTTP 302
https://id5-sync.com/c/159/159/0/1.gif?puid=4321118274896255212&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=280&axd_fuid=ID5-946f8SKqhQ-SsAJ9gMNpOoHDHbjl8BRW49GQGBj5Wg

Request Chain 127

https://sync-tm.everesttech.net/upi/pid/34ZMEAI0?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D303%26axd_fuid%3D%24%7BTM_USER_ID%7D%20 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/34ZMEAI0?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D303%26axd_fuid%3D%24%7BTM_USER_ID%7D%20&_test=Y-7-WwAAATShCAAF HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=303&axd_fuid=Y-7-WwAAATShCAAF%20&_test=Y-7-WwAAATShCAAF

Request Chain 155

https://gum.criteo.com/sid/json?origin=publishertag&domain=cesajiol.com&sn=ChromeSyncframe&so=0&topUrl=qqel.cesajiol.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=LBMBN3xZYXVIdSs4RjR3dVQ4UFZPUDE4ZGJOWVBTSSsvTmhubWFGWDFTQWI2eDlrdTBrbUJtK3ZYMEpnZ3hxZE9EMkRzUXhmNmlHeXltVS9mL29HR1BONGw0ajJXT3lMQ0ptbkwvcVpiMkFTVlJLcENqNEU4WWdpVTFib2IwOElGbzA0WE5PMjFpTGwrRUVRaXpMM1FzMnRLcWtLeldwQUtteElpU3pHQk5jV2I2TXJHZFB6anFvZW9GbVdxMmdNZWhmdGszWXZCOXg1Zk9vdEhQenRjMFozOUt2OXUrVTE1aHlMU0s0aWxhRk1wVjZtbXR6RXBuMCtVOVhaZE5CajVNSE9aNXZMbytjb1UrWEtYRHJXbDQyQ3pvUT09fA&cppv=2

160 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
qqel.cesajiol.com/
Redirect Chain

http://qqel.cesajiol.com/
https://qqel.cesajiol.com/

53 KB
11 KB

544ms
464ms

Document
text/html

2606:4700:3036::6815:190f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d882e2127733190431c42f0080c83294fd9bf7cf151bdecd0fcdaf6fc485a99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a0fb382f86a8dc4-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 01 Mar 2023 07:31:35 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJ3Vc1BTOJUfm0QAZtZg642gNibXRtT%2BPSYvbKCCDBsPDJ981Y6UAqWz1j9gHbl2WEHlDqxwyeoBGr7WCr9EbnKsuapo0XiYGBZRRE9CyZUDyNITqSkwHRxf2puXQAt92mfF%2F5xUFxp1AAoXg2HFYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
CF-RAY: 7a0fb37f9dba9acf-MIA
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Mar 2023 07:31:35 GMT
Expires: 0
Location: https://qqel.cesajiol.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOUTQugStXnXOz197C%2BDLcYxFEfJRbO4733DNahT1DMDdtk2YID84yjJwUbbkpjt9ksXMQjcQFYfDVplDhlBE8G%2FR0PxfzJLCzd%2Bgz1bKfdoeVN2Pql6di1C25Iteq3cdIcYAkiDomxoYmpT9PMWJA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css_recetasgratis_87.css
cdn.tudoreceitas.com/css/ 110 KB
18 KB 363ms
136ms Stylesheet
text/css 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2faa27a0a4c49644174845ad4f0471008bc7f6b3b35013e7dc9e321f8276af07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: Pt_.KT2RTxLL0vE2255eFRHeSwhH2PFY
content-encoding: gzip
x-amz-request-id: 05DGF86J7H89907V
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 498441
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
x-amz-id-2: +tutJVmF3s98Lf/aviL/moPAhK8EFaOkbd3YgTEzLPg6lwjRTUGTbMTEg3TTfWDOGDeKxeBctwc=
x-77-nzt: AVm7sQ+cHJv/CZsHAA
x-accel-expires: @1708693455
last-modified: Thu, 23 Feb 2023 12:41:41 GMT
server: CDN77-Turbo
etag: W/"f13b6c9feb8d0edbcfc1c9697517ef8b"
x-77-nzt-ray: 49be140898e25d3d58fffe6303ee780d
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000,public,immutable

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
27 KB 238ms
90ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59b45f14285c4aeadef95ddba1cb7101782bffadccd75b26815d13cad26288fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26877
x-xss-protection: 0
server: sffe
etag: "1497 / 403 of 1000 / last-modified: 1677625601"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 01 Mar 2023 07:31:36 GMT

GET
H2 200 prebid_20180601115812.js Show response
cdn.tudoreceitas.com/js/library/prebid/ 101 KB
32 KB 90ms
87ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tudoreceitas.com/js/library/prebid/prebid_20180601115812.js
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 06fdbc83bc184320290713f3989d6d3cd9bca70d213d1c1e71ab3e9ee80a6a49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: bjsHNtNzZYzUchYMRcPqQAYjt7dFtzQ.
content-encoding: gzip
x-amz-request-id: NDQGPK6MST9NC5Q2
x-cache: HIT
x-77-cache: HIT
x-age: 8273347
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
x-amz-id-2: fyJkR7G/bdkAy8NuA3vlNBtTU0dfI0e2D+7NLS7VWLdF169lO4TALTA7FhYOlXoU2mewVW+M2PU=
x-77-nzt: AVm7sQ/l4er/wz1+AA
x-accel-expires: @1700918549
last-modified: Fri, 25 Nov 2022 11:55:07 GMT
server: CDN77-Turbo
etag: W/"dabd3cec1dc5d769daf6791686567a69"
x-77-nzt-ray: 49be140898e25d3d58fffe633936bd16
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public,immutable

GET
H2 200 menu.png
cdn.tudoreceitas.com/img/web/ 155 B
676 B 109ms
104ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/menu.png
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 230384701c004a306ac4968f841dfb024d89f39bcaa45d9986dce72250039d89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: kPiZsPf3u1pXbmOlCdi4ltdd0fhATTz5
x-amz-request-id: NDQXS5EMMR4TAFSJ
x-cache: HIT
x-77-cache: HIT
x-age: 8273347
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 155
x-amz-id-2: 4XwofIXNOmGKK7u15XkLSjRxzA8/cd4rvsCOCMRQfya0AS3rj6paiUzy0wkItbQqiATfunAOy0Q=
x-77-nzt: AVm7sQ+Kc1P/wz1+AA
x-accel-expires: @1700918549
last-modified: Fri, 25 Nov 2022 11:55:11 GMT
server: CDN77-Turbo
etag: "4f0452682b53b3c9ac3bb26c8736e547"
x-77-nzt-ray: 49be140898e25d3d58fffe633fb5e616
content-type: image/png
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 pt.png
cdn.tudoreceitas.com/img/web/recetasgratis/logo/negativo/ 9 KB
9 KB 142ms
137ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/recetasgratis/logo/negativo/pt.png
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2c7a8494fcaa9a81f7cebf6d4189f8b62eeaf0a858aac70c4f646450ecb70ca0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: nOeKCa9Ytya6nQbYYMnkrNBkMvrnGaVa
x-amz-request-id: YEK47TPZXKDM2BW7
x-cache: HIT
x-77-cache: HIT
x-age: 4390217
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 9088
x-amz-id-2: rLgK3o4ZI0bCfUg4pU75FjO2P2gzURKSGHjL2uLh+QCFSD+wz9s1Ms8HatOdFfkKIaSlTsAE6GZYMYtnn4jtlA==
x-77-nzt: AVm7sQ8ZBuL/Sf1CAA
x-accel-expires: @1704801679
last-modified: Mon, 09 Jan 2023 11:02:37 GMT
server: CDN77-Turbo
etag: "3bd0ee0a284a9355ea548dea8ae6de34"
x-77-nzt-ray: 49be140898e25d3d58fffe63bf43ea16
content-type: image/png
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 lupa.png
cdn.tudoreceitas.com/img/web/ 956 B
1 KB 143ms
138ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/lupa.png
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5ce1d7a2f02c3b2ab50e549c12c75686d5fed9370844ade4692d6f5f5d5dd923

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: 5MN9ADi6K99Hh5gZuW8v16rzTHwPqY1G
x-amz-request-id: NDQSTSVRQ0QEK04Q
x-cache: HIT
x-77-cache: HIT
x-age: 8273347
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 956
x-amz-id-2: 2iuwEMvdvK08sBdGIABOfXfqA80yukWRHh+enhcNmlW960wVqwzcXvUdfNp/JQiBOc87SVMpwevAduvdTbrErw==
x-77-nzt: AVm7sQ9m+Xb/wz1+AA
x-accel-expires: @1700918549
last-modified: Fri, 25 Nov 2022 11:55:11 GMT
server: CDN77-Turbo
etag: "65d6120381b08857ce6cea8674af8aab"
x-77-nzt-ray: 49be140898e25d3d58fffe63c163fd16
content-type: image/png
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 torta_de_frango_com_milho_11161_600.webp
cdn0.tudoreceitas.com/pt/posts/1/6/1/ 41 KB
42 KB 530ms
365ms Image
image/webp 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/1/6/1/torta_de_frango_com_milho_11161_600.webp
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2705f033520e1236ff6f884149000364483f5c810dd60bdad565a97138edbf79

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: YGuqqO3R.BWKBtLHca9hGOvwjabz3TCA
x-amz-request-id: CYGPA586BX2YD5S5
x-amz-server-side-encryption: AES256
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.36.22:443"; ma=2592000; v="44,43,39"
content-length: 42050
x-amz-id-2: y/Ro4yR423fOFPKBq6dc+sBzscc+BQAm17TJBcaM6dTsUy11aOfpvBjbm2WSFa4N39wqywz0XL2+mM9HLkYEzg==
x-77-nzt: AZySJBahzBSh
last-modified: Mon, 06 Feb 2023 14:47:55 GMT
server: CDN77-Turbo
etag: "80c094a81a407fd1737be74be133a653"
x-77-nzt-ray: 1e192d08b51c57e358fffe63aa93050a
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 torta_de_frango_de_liquidificador_6395_300_150.webp
cdn0.tudoreceitas.com/pt/posts/5/9/3/ 11 KB
12 KB 90ms
86ms Image
image/webp 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/5/9/3/torta_de_frango_de_liquidificador_6395_300_150.webp
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1890d415ac827e8aead740f82ea2d755bcf99e633ce77e52a256991305304ef4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: oEtk37AlNJYjrhkTl31pJEK93cE5ujWQ
x-amz-request-id: G2T7NJPJM5V4C6Q8
x-cache: HIT
x-77-cache: HIT
x-age: 43798
alt-svc: quic="156.146.36.22:443"; ma=2592000; v="44,43,39"
content-length: 11464
x-amz-id-2: DqJBXPd/IcBd/isITWELy8sMWq/Eh5xy4T2uAQDvaZcnLkphOe3cMx0J0I6Qjpql/w2VttFqPFw=
x-77-nzt: AZySJBZNzY7vFqsAAA
x-accel-expires: @1709148098
last-modified: Tue, 11 Jan 2022 00:24:23 GMT
server: CDN77-Turbo
etag: "f97dda00c68b5ee835887fd4cf319f09"
x-77-nzt-ray: 1e192d08b51c57e358fffe63ba1ee916
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 torta_de_frango_202_300_150.webp
cdn0.tudoreceitas.com/pt/posts/2/0/2/ 7 KB
8 KB 487ms
483ms Image
image/webp 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/2/0/2/torta_de_frango_202_300_150.webp
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9f178d38ac50c5f79ef50a59ce4ae84275c9e7fe50b3bbf36907ea59f27df9fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: CzEz0Qyxr1eO1aCgVzk_JjelR8xbJt.t
x-amz-request-id: CYGVA6KF6G7TPT0T
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.36.22:443"; ma=2592000; v="44,43,39"
content-length: 7522
x-amz-id-2: Ok+tJih9hOcAFmy3i6V6HIyx+BQWDfvBCPsFLqgo+f6ce9BHnDxirT657CtXwK2xzrVmZ21Lb/k=
x-77-nzt: AZySJBazqnmh
last-modified: Mon, 10 Jan 2022 16:30:09 GMT
server: CDN77-Turbo
etag: "5b19384283939e5c983d977f08b8a0e5"
x-77-nzt-ray: 1e192d08b51c57e358fffe6385f2fe16
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 fricasse_de_frango_com_milho_verde_9352_300_150.webp
cdn0.tudoreceitas.com/pt/posts/2/5/3/ 10 KB
11 KB 458ms
454ms Image
image/webp 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/2/5/3/fricasse_de_frango_com_milho_verde_9352_300_150.webp
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a823ec455738fd0d3ae5ee39cedc02d52ce4bed9db1c01b99e98c15d6e2760e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: z4qr4CILziub14ZnrMo23XkYC4cUSJkn
x-amz-request-id: CYGM2HDRZMJ5PPWQ
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.36.22:443"; ma=2592000; v="44,43,39"
content-length: 10534
x-amz-id-2: wEAs+T86BhG9rBK+yTHNfYfZOkLJFGEO/dGqCKZx5UanNtamYVA+4zu/efHVhApwKZSJNJv4HGJq55T+Q53Q5A==
x-77-nzt: AZySJBbPfamh
last-modified: Tue, 11 Jan 2022 05:29:09 GMT
server: CDN77-Turbo
etag: "ceb356d550077ce397f180b21582cc2b"
x-77-nzt-ray: 1e192d08b51c57e358fffe63b9210317
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 frango_com_abacaxi_7748_300_150.webp
cdn0.tudoreceitas.com/pt/posts/8/4/7/ 10 KB
11 KB 465ms
461ms Image
image/webp 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/8/4/7/frango_com_abacaxi_7748_300_150.webp
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d4429ad6f10e81005ac8614cfa6fd861d329220c94dce340cd4a27af6560c463

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: ebWR1bms_MTUj1Y9G4ZIP2xmP5uvErmn
x-amz-request-id: CYGJMG8R5X0BZP6F
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.36.22:443"; ma=2592000; v="44,43,39"
content-length: 10276
x-amz-id-2: d+cViG/FQxSMuD/9UAesoyqIlG/ZeyXMagXNnBs3E6w80S44CCSX1OPcXkQwu8CpVjqqcoJTv/48gnE8U0f39g==
x-77-nzt: AZySJBZ/5Kqh
last-modified: Tue, 11 Jan 2022 02:42:21 GMT
server: CDN77-Turbo
etag: "730e99cc67b5a4b8251488c842200a3c"
x-77-nzt-ray: 1e192d08b51c57e358fffe63d6fc0517
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 404 email-decode.min.js
www.tudoreceitas.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 0
0 450ms
127ms Script
text/html 75.2.45.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tudoreceitas.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.45.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ad522a66075307272.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 js_recetasgratis_186.js Show response
cdn.tudoreceitas.com/js/ 143 KB
44 KB 162ms
159ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tudoreceitas.com/js/js_recetasgratis_186.js
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4856b97dee27faa128f4f8a747517ba6fd6aea766f002850127c9eb07e74cb34

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: lPI..PIUvNqPghreQfpM5zqtgzGXAMJA
content-encoding: gzip
x-amz-request-id: SM0TJT4WAMQ5FRWA
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 495677
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
x-amz-id-2: Y6mTYzmZ6XX58OjNfpfYRJ1WAWdStvD0ukNmMuWUvOoKQqst7Kqg0yCZsmrgZ22/AwVMJ/keDls=
x-77-nzt: AVm7sQ+/I/T/PZAHAA
x-accel-expires: @1708696219
last-modified: Thu, 23 Feb 2023 13:39:14 GMT
server: CDN77-Turbo
etag: W/"cf61738d0d13099d5afbec1bc50ad2c4"
x-77-nzt-ray: 49be140898e25d3d58fffe6357fb0017
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public,immutable

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 210ms
65ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Mar 2023 06:41:43 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2993
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 01 Mar 2023 08:41:43 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 193 KB
47 KB 218ms
74ms Script
application/javascript 143.204.144.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-144-76.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e8f128b01ba68dcfdc212758efdd805fa0a38585cf781400bddd050dc27dc35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:28:49 GMT
content-encoding: gzip
via: 1.1 e0a78b49206aba2a7e76eb45b9688a8e.cloudfront.net (CloudFront), 1.1 329b0fc45cd0599e7f2c2cee0cf4ae8e.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 21:38:31 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P2, EWR52-C2
age: 168
x-amz-server-side-encryption: AES256
etag: W/"73a4291e0b24cc8bf12a18bcd544a2b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: UAtWbTuRVwEs9azE_SQAnjpNiiBcVXl5yjzvgAb5_QwB3JbgPP2PVg==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/linktomedia-ww-network/ 256 KB
43 KB 165ms
50ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/linktomedia-ww-network/loader.js
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78604ce54331fd308e90d992e81e3fb8f53d5db63f0d58e45f2a5b1ace6fbe3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: _4ZwTVNXfcNJ1RtnnlrXznGJzk0Y2y4C
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-request-id: F5A6WMXY83JH2QPY
age: 179
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 43505
x-amz-id-2: SIM4X+hav3OeY6p+/BwfxmJbIMMdL7R+7SA+blCRGlYhUNoDToPnipRdYsbStPhM4M/MRmCXqIQ=
x-served-by: cache-fty21322-FTY
last-modified: Mon, 27 Feb 2023 10:46:13 GMT
server: AmazonS3
x-timer: S1677655896.485288,VS0,VE1
etag: "f2f344a5ef8aa775b52e71fb6fade3a4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 74
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 arrow.png
cdn.tudoreceitas.com/img/web/ 818 B
1 KB 177ms
176ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/arrow.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 52cd4f924b7fbfed6999e8bc53705503b618e01689ce67943ee32a4a3ce03506

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: kIGvQ9xpcsN6k83dazjRjAjP9obQV8wt
x-amz-request-id: NDQKCKW1XVBDDY8C
x-cache: HIT
x-77-cache: HIT
x-age: 8273347
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 818
x-amz-id-2: qKf6j3BunzIs/tarJwKV0bGODTJ/5nCEV/hZEj/NlzLyTELTXDeQ4TGWMpuboTt1if+LqBK9IqE=
x-77-nzt: AVm7sQ8VlNH/wz1+AA
x-accel-expires: @1700918549
last-modified: Fri, 25 Nov 2022 11:55:10 GMT
server: CDN77-Turbo
etag: "c0851509cc98ba0047646cdeab0f2d36"
x-77-nzt-ray: 49be140898e25d3d58fffe63ba052717
content-type: image/png
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 hubsicons.png
cdn.tudoreceitas.com/img/web/recetasgratis/ 46 KB
46 KB 177ms
177ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/recetasgratis/hubsicons.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 731f13bd859ad5c054adba1d51262daaad1a35a47334b191748033504b298fb1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: NoEDZgdN6e9IZD6lDuy_C1lQhWv9AZNU
x-amz-request-id: A9BJF8NXA3GQ3ADV
x-cache: HIT
x-77-cache: HIT
x-age: 4391828
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 46720
x-amz-id-2: FhQRIVs8NM7Md44ijB/kkU+ofEfnyQKY0vCSiuljbKw4gTnV75tFfKEnOzRvZFMVGbkPXyjV+TM=
x-77-nzt: AVm7sQ/Csun/lANDAA
x-accel-expires: @1704800068
last-modified: Mon, 09 Jan 2023 11:02:37 GMT
server: CDN77-Turbo
etag: "6e2f2dff82d93e806fe12147c95a7f4d"
x-77-nzt-ray: 49be140898e25d3d58fffe63f35b2917
content-type: image/png
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET Catamaran-regular.woff2
cdn.tudoreceitas.com/fonts/Catamaran-regular/ 0
0

GET
H2 200 social.png
cdn.tudoreceitas.com/img/web/ 6 KB
7 KB 173ms
173ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/social.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e81cdb67cc7c818f15735876afea422ffbf1770f1258e6562f0a609dc77dca69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: UXsnN8rznFWv.bU1k3vJMjtjCUpHNidr
x-amz-request-id: DS1R6CFF317HHM9Z
x-cache: HIT
x-77-cache: HIT
x-age: 8273290
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 6533
x-amz-id-2: nEBTJpjYrGMMFl13hwb+Qok3rixAimBPJF3nr4wD2BLcyMSPBhbk3lPxiAlPALpdO+J7f5KWfRg=
x-77-nzt: AVm7sQ9pJXr/ij1+AA
x-accel-expires: @1700918606
last-modified: Fri, 25 Nov 2022 11:55:14 GMT
server: CDN77-Turbo
etag: "2086f17954758547d81a1d981ac185ef"
x-77-nzt-ray: 49be140898e25d3d58fffe638e3d3017
content-type: image/png
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET Catamaran-700.woff2
cdn.tudoreceitas.com/fonts/Catamaran-700/ 0
0

GET
H2 200 pubads_impl_2023022301.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37980
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132695
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 09:36:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Feb 2024 20:58:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 39 B
67 B 214ms
80ms XHR
application/json 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=qqel.cesajiol.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cc925dfa2049d93b2a99f5b6b6025666de826479d8848d1d1fd5406f07c150a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Wed, 01 Mar 2023 07:31:36 GMT

GET
H2 200 properties.png
cdn.tudoreceitas.com/img/web/ 3 KB
3 KB 140ms
139ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/properties.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eb38ff2098cc22926309ef17fe90f78ac2bd298cc4864aa42adc709a49874034

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: 0.mSyl64nTm4GYeDrR1q56Cz7N67CRw9
x-amz-request-id: A9BPT3P72WD17VM3
x-cache: HIT
x-77-cache: HIT
x-age: 4391828
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 2802
x-amz-id-2: fdXy7anOFZGczcwxcKV8sdjYtlzj9dDrEE4qNeVjRsVZV1FKY24o1+cqfjqSjqnZ3Z0lnNQR71s=
x-77-nzt: AVm7sQ9asRH/lANDAA
x-accel-expires: @1704800068
last-modified: Mon, 09 Jan 2023 11:02:37 GMT
server: CDN77-Turbo
etag: "176b31007b19e253e9a6201ddf5892fe"
x-77-nzt-ray: 49be140898e25d3d58fffe63cdf1ce1a
content-type: image/png
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 galeria.png
cdn.tudoreceitas.com/img/web/ 10 KB
10 KB 139ms
139ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/galeria.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e3365bf35d3ea9c66850acf54130215dfb9886d8e780cb7d5513292c0b99c781

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: Jdwr149WLGM0FWf_wA4L6aQxqJx3s2Bk
x-amz-request-id: T3X69R1CETJHHRQW
x-cache: HIT
x-77-cache: HIT
x-age: 8273290
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 9885
x-amz-id-2: HpQt97lXiYofTMEOTK5WF7t5aKgZb+Azv6ruWo9Mu/m/1hCpTkDwLr5UBBtYeFqTlt2ju/uvVfPN8Vy8yOmeyA==
x-77-nzt: AVm7sQ+LXA//ij1+AA
x-accel-expires: @1700918606
last-modified: Fri, 25 Nov 2022 11:55:11 GMT
server: CDN77-Turbo
etag: "818f2925678a8f2f263d26783fece534"
x-77-nzt-ray: 49be140898e25d3d58fffe63f80ae01a
content-type: image/png
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 estrellato.png
cdn.tudoreceitas.com/img/web/ 3 KB
4 KB 139ms
138ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/estrellato.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8794ee905830304cbb023123a61c3a5adbf4f986dd446ae63adaf187cc08d679

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: xYCX1sNLGUaVqRMq34aledwnADXLAwWT
x-amz-request-id: NDQV74QHDC0SDPVC
x-cache: HIT
x-77-cache: HIT
x-age: 8273347
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 3542
x-amz-id-2: bJ644l2pnjhwmNA4u0UJnWffT3uLJp0d9BmnQLdxmWStZk6DHT6GWUpr+XD4E2WoMXmzhJeV+u4=
x-77-nzt: AVm7sQ9ig6r/wz1+AA
x-accel-expires: @1700918549
last-modified: Fri, 25 Nov 2022 11:55:10 GMT
server: CDN77-Turbo
etag: "9725ff1cc61f7316f4139b1fa8a41d21"
x-77-nzt-ray: 49be140898e25d3d58fffe63fa01e21a
content-type: image/png
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 icono.png
cdn.tudoreceitas.com/img/web/recetasgratis/ 2 KB
3 KB 138ms
137ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/recetasgratis/icono.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5ac3fbdd02c33b8389f57c4b1aa47d416b81399cf056f27433d711099d6d78b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: DztxOwLfJwgESimB7bwV700EGDIH8y0f
x-amz-request-id: 39MT47MFVVFEDXXA
x-cache: HIT
x-77-cache: HIT
x-age: 4385597
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 2555
x-amz-id-2: LpjE7WBsITalNRhsatVT/dNLNaWL414NcNMz9ZKzLCXN38BEfGzbR59PTxiX0CMnXrBa1HeSf5g=
x-77-nzt: AVm7sQ8TbU7/PetCAA
x-accel-expires: @1704806299
last-modified: Mon, 09 Jan 2023 12:23:35 GMT
server: CDN77-Turbo
etag: "c103cd7aa4e919a5c97184cfbf14a4c1"
x-77-nzt-ray: 49be140898e25d3d58fffe634c7ee31a
content-type: image/png
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 social_follow.png
cdn.tudoreceitas.com/img/web/ 29 KB
29 KB 137ms
137ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/social_follow.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9238bf145c9848c481b60d6b893b3c922d2bc0b8be22d919a346c2337e899352

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: yA.3PpknhyuYav89tCIhNiA61_ICflXY
x-amz-request-id: SGTWC51K5WJQ1NPB
x-cache: HIT
x-77-cache: HIT
x-age: 8273346
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 29383
x-amz-id-2: RIatbjItQ5HOVhd88scaw1ymqM91ujudt8ZRr/I+3y0LjFbVIfhuFaWswOiwNbd6XKFsbEqQEmA=
x-77-nzt: AVm7sQ8ZXer/wj1+AA
x-accel-expires: @1700918550
last-modified: Fri, 25 Nov 2022 11:55:14 GMT
server: CDN77-Turbo
etag: "45ddc92b06e36e2c2d09b9f16a34488b"
x-77-nzt-ray: 49be140898e25d3d58fffe63e89ce81a
content-type: image/png
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET Catamaran-300.woff2
cdn.tudoreceitas.com/fonts/Catamaran-300/ 0
0

GET
H2 200 torta_de_frango_com_milho_11161_paso_0_600.webp
cdn0.tudoreceitas.com/pt/posts/1/6/1/ 53 KB
53 KB 508ms
507ms Image
image/webp 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/1/6/1/torta_de_frango_com_milho_11161_paso_0_600.webp
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 72b939603335ab51e59f11daf0f9e6bef4dd1b7bf8d371cebabe0036763796e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: Km1S2duqFZLWrWSoKjFmkOSWC90.AEtf
x-amz-request-id: CYGNK9Y69NSS2X0Z
x-amz-server-side-encryption: AES256
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.36.22:443"; ma=2592000; v="44,43,39"
content-length: 54064
x-amz-id-2: q/x3b/WgU0tQqUdqwPmOlDpb4MMPdsC2WGJ+k6QypqAEYXxzZ63AwxqH95wgcByR2It0rX4UtlWuXcOg3DfCZw==
x-77-nzt: AZySJBYGIxyh
last-modified: Mon, 06 Feb 2023 14:47:58 GMT
server: CDN77-Turbo
etag: "a8376d9ef2b987929a5421e137d0540f"
x-77-nzt-ray: 1e192d08b51c57e358fffe63d96ed41a
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 torta_de_frango_com_milho_11161_paso_1_600.webp
cdn0.tudoreceitas.com/pt/posts/1/6/1/ 35 KB
36 KB 419ms
417ms Image
image/webp 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/1/6/1/torta_de_frango_com_milho_11161_paso_1_600.webp
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6aea536ea3e5fd5ece17b6a1db7a3022b4bbe3a33bd2890c9116105437e819e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: ATM6D6Ceucp0Y7MwRNgv0aRaDlqEYEOF
x-amz-request-id: CYGQGGBE2SPEPH10
x-amz-server-side-encryption: AES256
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.36.22:443"; ma=2592000; v="44,43,39"
content-length: 35820
x-amz-id-2: VlJjzn2imf6wLdUtz2yNjphtZCp3ztkgldVK3cbE4Z7+hkE67VUcrvS9qGcISxTYw8Mmp+K7a1s=
x-77-nzt: AZySJBZz2byh
last-modified: Mon, 06 Feb 2023 14:47:59 GMT
server: CDN77-Turbo
etag: "d68ccc9b3d9be8b2dec7a7a4449361a4"
x-77-nzt-ray: 1e192d08b51c57e358fffe63fc33da1a
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 torta_de_frango_com_milho_11161_paso_2_600.webp
cdn0.tudoreceitas.com/pt/posts/1/6/1/ 43 KB
44 KB 508ms
507ms Image
image/webp 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/1/6/1/torta_de_frango_com_milho_11161_paso_2_600.webp
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a5c500adc63f0765f286343df3eb3d01ad223ebf6cc692a6167174f856207512

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: nysVdQ..CKiaVPpolCx2f5tbNxcd92Ha
x-amz-request-id: CYGW3S6GYKME8PQZ
x-amz-server-side-encryption: AES256
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.36.22:443"; ma=2592000; v="44,43,39"
content-length: 44322
x-amz-id-2: oFaqHLwhGCP7EeaO4ptYmW/c4yiEmCi1MZ7WO9ob37NdF2jVJpPZiDVvTxSVtpzeTT6egDEUtxH26bYYvJHA7Q==
x-77-nzt: AZySJBaF3ruh
last-modified: Mon, 06 Feb 2023 14:48:00 GMT
server: CDN77-Turbo
etag: "4a422c5f62aa9b5fa6254546cea2140d"
x-77-nzt-ray: 1e192d08b51c57e358fffe6311f5ea1a
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 torta_de_frango_com_milho_11161_paso_3_600.webp
cdn0.tudoreceitas.com/pt/posts/1/6/1/ 90 KB
90 KB 528ms
527ms Image
image/webp 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/1/6/1/torta_de_frango_com_milho_11161_paso_3_600.webp
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9fb2bdadba316568cc932b39ee9ec7150d834c380d4c971e640938a345ada602

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: smprczoS9CDpipjJwqOxMzS8vb8JilqH
x-amz-request-id: CYGW14HY4649WHVK
x-amz-server-side-encryption: AES256
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.36.22:443"; ma=2592000; v="44,43,39"
content-length: 91766
x-amz-id-2: cxINRI5JGXZ+s5VwMDAgwwdGQTAy/5c4c4qsPLJEgftOnOW78+q7OGRHFGy7XRz8QGOaLT77wVw=
x-77-nzt: AZySJBYlMWGh
last-modified: Mon, 06 Feb 2023 14:48:01 GMT
server: CDN77-Turbo
etag: "4f062f6c7e0a6bda258431bdac8d0918"
x-77-nzt-ray: 1e192d08b51c57e358fffe6374e8ed1a
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 impl.20230227-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 734 KB
153 KB 49ms
48ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230227-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/linktomedia-ww-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e038ed997ec55194e0bc28edc588e8424109b8adfd93b65db3d7fc2056ec5f21

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: ASAduPH168tOS8Ue1qHFp4oDMdz_mVee
content-encoding: br
via: 1.1 varnish
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-request-id: 5S43601NMHE60FD6
age: 20524
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 156463
x-amz-id-2: UWncCrXroq84o9eEh3FXqWcRvUIdK+Li8TnkNBFcmcunpcTwLl03/xeNmQD9TDYwilyzLYqIAQA=
x-served-by: cache-fty21322-FTY
last-modified: Mon, 27 Feb 2023 09:49:24 GMT
server: AmazonS3-br
x-timer: S1677655897.603621,VS0,VE0
etag: "f3d0bf95edb25aa721251413c92939d3"
vary: Accept-Encoding
content-type: application/javascript
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 10299

GET
H2 200 Catamaran-regular.woff
cdn.tudoreceitas.com/fonts/Catamaran-regular/ 11 KB
11 KB 86ms
86ms Font
binary/octet-stream 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tudoreceitas.com/fonts/Catamaran-regular/Catamaran-regular.woff
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fcf39d6118fda1b20004b6b9874bc2fc94b0131e92dbe7c7403fa404e80ddb5d

Request headers

Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Origin: https://qqel.cesajiol.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: sNsassjycYOZ1YvQpnF4awxMF.ETZzgd
x-amz-request-id: T3XC8NXE4MHM881A
x-cache: HIT
x-77-cache: HIT
x-age: 8273290
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 11096
x-amz-id-2: EBy/ox65iRiHJ9GZHkaIGXIyNqQneAx3FIBINQSjIu8tDQAdbad6HJRXnf3R9YCgSERxeRYozZk=
x-77-nzt: AVm7sQ/xS5H/ij1+AA
x-accel-expires: @1700918606
last-modified: Fri, 25 Nov 2022 11:55:17 GMT
server: CDN77-Turbo
etag: "7372e429fff717b6821688d8e441bd7c"
x-77-nzt-ray: 49be14084bfb2d3f58fffe63049c2525
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 79ms
79ms XHR
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1276474801&t=pageview&_s=1&dl=https%3A%2F%2Fqqel.cesajiol.com%2F&ul=en-us&de=UTF-8&dt=Torta%20de%20Frango%20com%20milho%20-%20Super%20recheada!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1382238621&gjid=150102061&cid=1084524279.1677655897&tid=UA-58730775-1&_gid=1413498369.1677655897&_r=1&_slc=1&z=1698623410

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qqel.cesajiol.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qqel.cesajiol.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Catamaran-300.woff
cdn.tudoreceitas.com/fonts/Catamaran-300/ 11 KB
11 KB 79ms
79ms Font
binary/octet-stream 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tudoreceitas.com/fonts/Catamaran-300/Catamaran-300.woff
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4c4dd9da85d2c579e92c0691d3f4087ef986a96e8ae041c00bd2ad5e659fe168

Request headers

Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Origin: https://qqel.cesajiol.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: 8ypbUrVKIvtueuU9ViEhsxLYdZ74vjEJ
x-amz-request-id: T3XB3QPQXM86NW97
x-cache: HIT
x-77-cache: HIT
x-age: 8273290
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 10948
x-amz-id-2: Dhh2RIBrusB1wZRJPoExqF46p+rLyxaiCw5MhLATNilY+t2V3zvkwtoD9Dg5V+kvz2A4/81f1OM=
x-77-nzt: AVm7sQ/dAT3/ij1+AA
x-accel-expires: @1700918606
last-modified: Fri, 25 Nov 2022 11:55:17 GMT
server: CDN77-Turbo
etag: "29e7be52cf92946d7ae9c2b286541881"
x-77-nzt-ray: 49be14084bfb2d3f58fffe631f029629
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 Catamaran-700.woff
cdn.tudoreceitas.com/fonts/Catamaran-700/ 11 KB
11 KB 79ms
78ms Font
binary/octet-stream 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tudoreceitas.com/fonts/Catamaran-700/Catamaran-700.woff
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 23f768d4ab889193f108749db669e9e00c3831b65bcc13ae9ce2472212055232

Request headers

Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_87.css
Origin: https://qqel.cesajiol.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 01 Mar 2023 07:31:36 GMT
x-amz-version-id: m_RxgySM.kmpuCjfICMfaJFsqVi9fn9B
x-amz-request-id: T3X7KF9T67W9STHJ
x-cache: HIT
x-77-cache: HIT
x-age: 8273290
alt-svc: quic="89.187.177.15:443"; ma=2592000; v="44,43,39"
content-length: 10900
x-amz-id-2: y6t2lj6tvBhatCpATfKsOqwDLhoXuNrGrc9MeCsatIbd+SzI0TiOdE9j0XhsyprQDnO00L9WxbE=
x-77-nzt: AVm7sQ8SpKr/ij1+AA
x-accel-expires: @1700918606
last-modified: Fri, 25 Nov 2022 11:55:17 GMT
server: CDN77-Turbo
etag: "515d54906af870e1cff437a3150b587c"
x-77-nzt-ray: 49be14084bfb2d3f58fffe63ec32db2a
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 72ms
71ms XHR
text/plain 143.204.144.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fqqel.cesajiol.com&pubid=a2951e5c-81d1-4de5-8cd6-475a5b9685fc
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-144-76.ewr52.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:09:39 GMT
via: 1.1 329b0fc45cd0599e7f2c2cee0cf4ae8e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: EWR52-C2
age: 4916
x-cache: Hit from cloudfront
access-control-allow-origin: https://qqel.cesajiol.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: Z-p0OgzBIAEOx-4E-mbgbWFu3ZNBfcoK2HGNEsgjLZkPZB44KHJbow==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 233ms
105ms XHR
application/javascript 143.204.144.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-144-76.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:37 GMT
x-amz-version-id: pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding: gzip
via: 1.1 70afbe31994f2c69bf2f10f0b46f4736.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Wed, 15 Feb 2023 23:43:01 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: b2nmBgcWFD5aRQYVb-5FZCx3gLT48GYtRCjJAqSC2EtxWpCoXTpE_A==

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 184ms
59ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230227-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 268601
expires: 60

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 192ms
67ms XHR
text/plain 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-58730775-1&cid=1084524279.1677655897&jid=1382238621&gjid=150102061&_gid=1413498369.1677655897&_u=IEBAAEAAAAAAACAAI~&z=385040537

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qqel.cesajiol.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Mar 2023 07:31:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qqel.cesajiol.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/unknown-site-on-linktomedia-ww-network/trc/3/ 31 B
311 B 87ms
83ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/unknown-site-on-linktomedia-ww-network/trc/3/json?tim=07%3A31%3A36.797&lti=deflated&data=%7B%22id%22%3A813%2C%22ii%22%3A%22%2Freceita-de-torta-de-frango-com-milho-11161.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1677494766269%2C%22vi%22%3A1677655896794%2C%22cv%22%3A%2220230227-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.tudoreceitas.com%2Freceita-de-torta-de-frango-com-milho-11161.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fqqel.cesajiol.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fqqel.cesajiol.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5212%2C%22nsid%22%3A%22linktomedia-ww-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dlinktomedia-ww-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A4434.234375%2C%22mw%22%3A768%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Freceita-de-torta-de-frango-com-milho-11161.html%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dlinktomedia-ww-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230227-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer: https://qqel.cesajiol.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 32
date: Wed, 01 Mar 2023 07:31:36 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fty21322-FTY
server: nginx
x-timer: S1677655897.826177,VS0,VE32
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://qqel.cesajiol.com
content-type: text/plain;charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
464 B 240ms
86ms XHR
text/javascript 108.138.105.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fqqel.cesajiol.com%2F&pid=uzF5ybnEey33H&cb=0&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1490621822506-2%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%2C%22480x320%22%5D%2C%22sn%22%3A%22%2F27212193%2Fltm_desktop_roba_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1490621822506-3%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%2C%22480x320%22%5D%2C%22sn%22%3A%22%2F27212193%2Fltm_desktop_roba_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1490621822506-5%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F27212193%2Fltm_desktop_sky_1%22%7D%5D&pubid=a2951e5c-81d1-4de5-8cd6-475a5b9685fc&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.105.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-105-32.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:37 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
x-amz-rid: J0AH6NZBA0KX7SG0TE26
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://qqel.cesajiol.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: XLzStTOZx2L-Jnklw1wBkxMoh8xLbDNaJB166ed3FRqcBgCs_cpE1g==

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
219 B 178ms
58ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=8&cb=64454772614

Requested by

Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/library/prebid/prebid_20180601115812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://qqel.cesajiol.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Mar 2023 07:31:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://qqel.cesajiol.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 303 B
865 B 410ms
96ms XHR
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16598&site_id=139448&zone_id=652404&size_id=15&alt_size_ids=16%2C101&p_pos=unknown&rp_floor=0.01&rp_secure=1&tk_flint=pbjs_lite_v1.13.0&x_source.tid=187fef64-f530-4b79-9b41-5b538f5fe976&p_screen_res=1600x1200&rf=https%3A%2F%2Fqqel.cesajiol.com%2F&slots=1&rand=0.6358879870210807
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/library/prebid/prebid_20180601115812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 75fb77de27c51cfe55196d2cd5865e58629f449f9792e16d329524b02bd6d867

Request headers

Referer: https://qqel.cesajiol.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:37 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://qqel.cesajiol.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 303
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 303 B
638 B 412ms
98ms XHR
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16598&site_id=139448&zone_id=652404&size_id=15&alt_size_ids=16%2C101&p_pos=unknown&rp_floor=0.01&rp_secure=1&tk_flint=pbjs_lite_v1.13.0&x_source.tid=ae47f79f-441d-45a1-be27-a233cbe13333&p_screen_res=1600x1200&rf=https%3A%2F%2Fqqel.cesajiol.com%2F&slots=1&rand=0.40729885527279475
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/library/prebid/prebid_20180601115812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2e51ac12c8b522ed90a95ff61de814e3a6dcfbb3e87c555459e9b670bd06ea03

Request headers

Referer: https://qqel.cesajiol.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:37 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://qqel.cesajiol.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 303
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 303 B
638 B 411ms
97ms XHR
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16598&site_id=139448&zone_id=652404&size_id=15&alt_size_ids=9%2C10&p_pos=unknown&rp_floor=0.01&rp_secure=1&tk_flint=pbjs_lite_v1.13.0&x_source.tid=ecb74b1f-4a29-4f59-9539-e257f64d0d58&p_screen_res=1600x1200&rf=https%3A%2F%2Fqqel.cesajiol.com%2F&slots=1&rand=0.6290761733079455
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/library/prebid/prebid_20180601115812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b795d2e1c78f871dcd1f39441295cc724fb9809f54f694829642076fc4232a41

Request headers

Referer: https://qqel.cesajiol.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:37 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://qqel.cesajiol.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 303
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK go Show response
pub.admanmedia.com/ 907 B
1 KB 227ms
71ms Script
application/javascript 8.2.110.31
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.admanmedia.com/go?id=2926

Requested by

Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/js_recetasgratis_186.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.2.110.31 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

1c0453d35fc761f165a6460e1c56b85214786aeb8a11e3c0068dd70b2854f53b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 01 Mar 2023 07:31:37 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
X-Frame-Options: DENY
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 907

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
448 B 337ms
114ms Script
application/javascript 2600:141b:13:785::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/js_recetasgratis_186.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:785::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=300
accept-ranges: bytes
content-length: 203

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-linktomedia-ww-network/log/2/ 0
90 B 252ms
70ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-linktomedia-ww-network/log/2/debug?tim=07%3A31%3A36.889&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&llvl=2&id=8034&cv=20230227-4-RELEASE&lt=deflated&pct=1
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69573

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-linktomedia-ww-network/log/2/ 0
89 B 252ms
70ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-linktomedia-ww-network/log/2/debug?tim=07%3A31%3A36.891&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=1144&cv=20230227-4-RELEASE&lt=deflated&pct=1
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69573

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-linktomedia-ww-network/log/2/ 0
89 B 253ms
71ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-linktomedia-ww-network/log/2/debug?tim=07%3A31%3A36.892&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=6762&cv=20230227-4-RELEASE&lt=deflated&pct=1
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69573

GET
H/1.1 200
OK hybs.js Show response
cdn-statics.admanmedia.com/ 62 KB
17 KB 247ms
77ms Script
application/x-javascript 23.66.193.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-statics.admanmedia.com/hybs.js
Requested by: Host: pub.admanmedia.com
URL: https://pub.admanmedia.com/go?id=2926
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.66.193.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-66-193-23.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2dae7df42d459fe426ad90dac397df2c5bf7863457cba4c8991b13d73be856c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 01 Mar 2023 07:31:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Feb 2023 14:01:59 GMT
Server: AkamaiNetStorage
ETag: "0ad2dfc080f82b600b08b5a073dae080:1677506519.292317"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16566

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 68ms
68ms Script
application/javascript 2600:141b:13:785::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.741655807264157
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:785::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=259
accept-ranges: bytes
content-length: 18679

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 346ms
80ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qqel.cesajiol.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
13 KB 959ms
959ms XHR
text/plain 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3947091797385913&correlator=3330101237317569&eid=31072020%2C31072029%2C31072518&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fifs&iu_parts=27212193%2Cltm_desktop_roba_1%2Cltm_desktop_roba_2%2Cltm_desktop_promoted%2Cltm_desktop_sky_1%2Cltm_anchor_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=336x280%7C300x250%7C480x320%2C336x280%7C300x250%7C480x320%2C300x150%7C160x80%2C160x600%7C300x600%7C300x250%2C1x1&ifi=1&adks=879482149%2C3243673955%2C1808134664%2C3068892575%2C1792784411&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C0%2C1&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2%7C&eri=1&cust_params=ltm-id%3D11161%26zone%3Dpost%26project%3Drecetasgratis%26lang%3Dpt%26project-lang%3Drecetasgratis-pt%26amp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1677655897312&lmt=1677655897&dlt=1677655895964&idt=650&adxs=250%2C250%2C1035%2C1035%2C-9&adys=899%2C2909%2C1596%2C1596%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fqqel.cesajiol.com%2F&frm=20&vis=1&psz=768x4215%7C768x4215%7C316x1468%7C316x1468%7C0x-1&msz=768x0%7C768x0%7C299x0%7C299x0%7C0x-1&fws=4%2C4%2C4%2C4%2C2&ohw=1100%2C1100%2C1100%2C1100%2C0&ga_vid=1084524279.1677655897&ga_sid=1677655897&ga_hid=1276474801&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abe120da98f61261cd1cfb4095272c74ca111dbc83cb88d1332748b04a22555b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13131
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://qqel.cesajiol.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
94b4842e4bdfc3a6e55653ffd0d35471.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9AC1 6 KB
3 KB 314ms
79ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94b4842e4bdfc3a6e55653ffd0d35471.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qqel.cesajiol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 07:31:37 GMT
expires: Thu, 29 Feb 2024 07:31:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2023022301.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023022301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f6bb4b03a78640219127af6919938631175b162fd6801a35cdfe0ace3e41d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 463537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13783
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 09:36:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Feb 2024 22:46:00 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16453/ 32 KB
10 KB 275ms
68ms Script
text/javascript 108.138.128.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16453/sync.min.js
Requested by: Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43819a0959568c295808f7f6ee23674b6c5f032706b4e2a59819522ff59f550c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 15:20:14 GMT
content-encoding: gzip
via: 1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:04:42 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 58284
etag: W/"5799dc693bf202ac397f5d0ba49ead37"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: snXMwQ9zxfoyC-zG4ofUXb2wBLuunQjFb9fmi_sEbS2fEM17NLU30A==

GET
H/1.1 200
OK hybs-adman-player2.min.js Show response
cdn-statics.admanmedia.com/ 117 KB
37 KB 89ms
89ms Script
application/x-javascript 23.66.193.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-statics.admanmedia.com/hybs-adman-player2.min.js
Requested by: Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.66.193.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-66-193-23.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8d9704574ba49323dfbad263ce4233f5bad0d9354ceeb0753e0b87092840c712

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 01 Mar 2023 07:31:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Feb 2023 14:01:58 GMT
Server: AkamaiNetStorage
ETag: "722e795afe03bdaa09d1b797c9b1a544:1677506518.101955"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37301

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 17 KB
5 KB 123ms
36ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:49:20 GMT
content-encoding: gzip
age: 2537
x-guploader-uploadid: ADPycduBKKf8NcYUp6Bs-zxBOBJklQyyoutWBY1xHYpbiQqGlP67NYy2tqV1KUIFH_4eZi4Uz29_odHo-Xe8DHNFElu9l-GJkK5f
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4955
last-modified: Fri, 20 Jan 2023 18:31:19 GMT
server: UploadServer
etag: "b3517e216253857ea8c4209cb84004df"
vary: Accept-Encoding
x-goog-generation: 1674239479122517
x-goog-hash: crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 4955
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 adex.js Show response
dmp.theadex.com/d/1609/6436/s/ 41 KB
14 KB 497ms
159ms Script
application/javascript 185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.theadex.com/d/1609/6436/s/adex.js
Requested by: Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: cff90f70dba12ef23c1f00bb5647600735792742c32a7d1a62f05d3698170290

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:37 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 11:52:22 GMT
server: nginx
etag: W/"63e23b76-a478"
content-type: application/javascript
cache-control: max-age=300
access-control-allow-credentials: true
expires: Wed, 01 Mar 2023 07:36:37 GMT

GET
H/1.1 200
OK html Show response
sync.admanmedia.com/ Frame D8EA 4 KB
5 KB 218ms
71ms Document
text/html 8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Requested by: Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs-adman-player2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 70903ce61eca5ff9ac7f18943c0e9ed2482fbd5c1017308b936e1fdf186093ae

Request headers

Referer: https://qqel.cesajiol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 4325
Content-Type: text/html
Date: Wed, 01 Mar 2023 07:31:37 GMT
Server: nginx

GET
H/1.1 204
No Content /
pub.admanmedia.com/ 0
271 B 71ms
71ms Image
text/plain 8.2.110.31
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pub.admanmedia.com/?c=v&m=preimp&placementId=2926&domain=qqel.cesajiol.com&gdpr=0&gdpr_consent=&referer=https%3A%2F%2Fqqel.cesajiol.com%2F

Requested by

Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.2.110.31 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 01 Mar 2023 07:31:37 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY

GET
H/1.1 200
OK / Show response
pub.admanmedia.com/ 2 KB
2 KB 75ms
74ms Fetch
application/json 8.2.110.31
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.admanmedia.com/?c=v&m=tag&placementId=2926&videoType=&wPlayer=600&hPlayer=338&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.5481.177%20Safari/537.36&domain=qqel.cesajiol.com&page=https%3A%2F%2Fqqel.cesajiol.com%2F&secure=1&language=en-US&gdpr=0&gdpr_consent=&waterfall=true

Requested by

Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs-adman-player2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.2.110.31 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

24434c0b64a02710885ca0978d684eccff4e3de5238ad6235c4fe5b6135bff6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 01 Mar 2023 07:31:37 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://qqel.cesajiol.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1982

GET
H2 200 tag Show response
pandg.tapad.com/ Frame 1C33 1 KB
2 KB 129ms
52ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fqqel.cesajiol.com%2F&owner=P%26G&bp_id=adman&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

3ef3bf5cd2001b3d0fe22781e9fcbfe840aadef9ae3631173d0451356dc7123a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org https://sync.mathtag.com
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://qqel.cesajiol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org https://sync.mathtag.com
content-type: text/html;charset=utf-8
date: Wed, 01 Mar 2023 07:31:37 GMT
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
616 B 216ms
74ms XHR
application/json 52.21.186.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16453/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.186.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-186-137.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d0a812ec28ef202fca663e618e4391f003b80ac409e13a6b3e77df11477429fc

Request headers

Referer: https://qqel.cesajiol.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://qqel.cesajiol.com
cache-control: no-cache
x-server: 10.40.10.77
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 362 KB
122 KB 220ms
79ms Script
text/javascript 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs-adman-player2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1584686b4b75a032b611b5e003d0b71edbdb440ff23dfd31078614ae1647177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124064
x-xss-protection: 0
expires: Wed, 01 Mar 2023 07:31:37 GMT

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame 1C33
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b7380467-7e2e-48ab-b7c3-f87f9859a326%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b7380467-7e2e-48ab-b7c3-f87f9859a326%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ca22d85-a644-4e66-8f3f-1e0f170dc8d0&ttd_puid=b7380467-7e2e-48ab-b7c3-f87f9859a326%2C%2C%257B%2522architecture%2522%253A%...

95 B
762 B

98ms
51ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ca22d85-a644-4e66-8f3f-1e0f170dc8d0&ttd_puid=b7380467-7e2e-48ab-b7c3-f87f9859a326%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D

Requested by

Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fqqel.cesajiol.com%2F&owner=P%26G&bp_id=adman&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:37 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ca22d85-a644-4e66-8f3f-1e0f170dc8d0&ttd_puid=b7380467-7e2e-48ab-b7c3-f87f9859a326%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 987

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame 1C33
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10072&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3D2040%26partner_device_id%3D%5BMM_UUID%5D%26ch%3D%257B%2522architecture%252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=2040&partner_device_id=ce7b63fe-ff59-4600-b62f-48b8ea6b5337&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2...

95 B
426 B

128ms
52ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2040&partner_device_id=ce7b63fe-ff59-4600-b62f-48b8ea6b5337&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

Date: Wed, 01 Mar 2023 07:31:37 GMT
Server: MT3 530 4e92630 master ord-pixel-x50 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=2040&partner_device_id=ce7b63fe-ff59-4600-b62f-48b8ea6b5337&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Mar 2023 07:31:36 GMT

GET
H/1.1

200
OK

bidswitch.gif
sync.admanmedia.com/ Frame D8EA
Redirect Chain

https://x.bidswitch.net/sync?ssp=adman&user_id=4c4cf780-8980-4383-84e5-1e768c58841f
https://x.bidswitch.net/ul_cb/sync?ssp=adman&user_id=4c4cf780-8980-4383-84e5-1e768c58841f
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adman&ssp_user_id=472247f4-31d3-45db-b8c3-b585a2f84572&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-2zQ14J1E2pmKtis7W3AgfE_g_uMWRHNYuCBAmw--~A&expires=5&ssp=adman
https://sync.admanmedia.com/bidswitch.gif?puid=472247f4-31d3-45db-b8c3-b585a2f84572&redir=[RED]

42 B
431 B

72ms
72ms

Image
image/gif

8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/bidswitch.gif?puid=472247f4-31d3-45db-b8c3-b585a2f84572&redir=[RED]
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Mar 2023 07:31:38 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

Redirect headers

Location: //sync.admanmedia.com/bidswitch.gif?puid=472247f4-31d3-45db-b8c3-b585a2f84572&redir=[RED]
Date: Wed, 01 Mar 2023 07:31:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

appnexus.gif
sync.admanmedia.com/ Frame D8EA
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.admanmedia.com%2Fappnexus.gif%3Fpuid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.admanmedia.com%252Fappnexus.gif%253Fpuid%253D%2524UID
https://sync.admanmedia.com/appnexus.gif?puid=8721401424237650012

42 B
431 B

98ms
72ms

Image
image/gif

8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/appnexus.gif?puid=8721401424237650012
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Mar 2023 07:31:38 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

Redirect headers

Date: Wed, 01 Mar 2023 07:31:38 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 38.132.118.72; 38.132.118.72; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 83435515-fb06-417a-9131-7aea31a39d26
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.admanmedia.com/appnexus.gif?puid=8721401424237650012
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

mm.gif
sync.admanmedia.com/ Frame D8EA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=SelfService34&redir=https%3A%2F%2Fsync.admanmedia.com%2Fmm.gif%3Fpuid%3D%5BMM_UUID%5D
https://sync.admanmedia.com/mm.gif?puid=797363fe-ff5a-4d00-a701-40dbf1f2bf2a

42 B
431 B

204ms
72ms

Image
image/gif

8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/mm.gif?puid=797363fe-ff5a-4d00-a701-40dbf1f2bf2a
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Mar 2023 07:31:38 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

Redirect headers

Date: Wed, 01 Mar 2023 07:31:37 GMT
Server: MT3 530 4e92630 master ord-pixel-x33 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://sync.admanmedia.com/mm.gif?puid=797363fe-ff5a-4d00-a701-40dbf1f2bf2a
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Mar 2023 07:31:36 GMT

GET
H/1.1

200
OK

ttd.gif
sync.admanmedia.com/ Frame D8EA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=digqd7p&ttd_tpi=1&gdpr=0&gdpr_consent=[GDPR_CONSENT]
https://match.adsrvr.org/track/cmb/generic?ttd_pid=digqd7p&ttd_tpi=1&gdpr=0&gdpr_consent=[GDPR_CONSENT]
https://sync.admanmedia.com/ttd.gif?puid=f2192a5d-976a-4339-859d-84ea1a612b9e

42 B
431 B

186ms
72ms

Image
image/gif

8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/ttd.gif?puid=f2192a5d-976a-4339-859d-84ea1a612b9e
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Mar 2023 07:31:38 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:37 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.admanmedia.com/ttd.gif?puid=f2192a5d-976a-4339-859d-84ea1a612b9e
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 185

GET
H2

200

partner
sync.search.spotxchange.com/ Frame D8EA
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8561&uid=BUYER_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8561&uid=BUYER_USER_ID&__user_check__=1&sync_id=1a0a6ab9-b803-11ed-8c85-1a8a1b120103

43 B
419 B

68ms
68ms

Image
image/gif

192.35.249.138
SPOTX-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=8561&uid=BUYER_USER_ID&__user_check__=1&sync_id=1a0a6ab9-b803-11ed-8c85-1a8a1b120103
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Server: 192.35.249.138 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:38 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 509
content-length: 43

Redirect headers

date: Wed, 01 Mar 2023 07:31:37 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
location: /partner?adv_id=8561&uid=BUYER_USER_ID&__user_check__=1&sync_id=1a0a6ab9-b803-11ed-8c85-1a8a1b120103
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 335
content-length: 0

GET
H/1.1

200
OK

pub.gif
sync.admanmedia.com/ Frame D8EA
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=157362&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157362%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.admanmedia.com%252Fpub.gif%2...
https://image8.pubmatic.com/AdServer/ImgSync?p=157362&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157362%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.admanmedia.com%252Fpub.gif%2...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkZCQThBNjQtQjE1Ni00Q0ZFLUI4RTAtNTI0RTFEMkI2QTE2&gdpr=-1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkZCQThBNjQtQjE1Ni00Q0ZFLUI4RTAtNTI0RTFEMkI2QTE2&gdpr=-1&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=157362&pmc=1&pr=https%3A%2F%2Fsync.admanmedia.com%2Fpub.gif%3Fpuid%3D2FBA8A64-B156-4CFE-B8E0-524E1D2B6A16
https://sync.admanmedia.com/pub.gif?puid=2FBA8A64-B156-4CFE-B8E0-524E1D2B6A16

42 B
431 B

72ms
72ms

Image
image/gif

8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/pub.gif?puid=2FBA8A64-B156-4CFE-B8E0-524E1D2B6A16
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Mar 2023 07:31:39 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

Redirect headers

location: https://sync.admanmedia.com/pub.gif?puid=2FBA8A64-B156-4CFE-B8E0-524E1D2B6A16
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ac.gif
sync.admanmedia.com/ Frame D8EA
Redirect Chain

https://ums.acuityplatform.com/tum?umid=134&uid=4c4cf780-8980-4383-84e5-1e768c58841f&rurl=https%3A%2F%2Fsync.admanmedia.com%2Fac.gif%3Fpuid%3D___AUID___
https://sync.admanmedia.com/ac.gif?puid=749222982334

42 B
431 B

115ms
71ms

Image
image/gif

8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/ac.gif?puid=749222982334
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Mar 2023 07:31:38 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

Redirect headers

Access-Control-Allow-Origin: *
Location: https://sync.admanmedia.com/ac.gif?puid=749222982334
Content-Length: 0

GET
H2

200

usync.html
eus.rubiconproject.com/ Frame D8EA
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onefortyproof&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=onefortyproof&endpoint=eu

0
0

79ms
68ms

Image
text/html

23.3.115.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eus.rubiconproject.com/usync.html?p=onefortyproof&endpoint=eu
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-115-102.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

location: https://eus.rubiconproject.com/usync.html?p=onefortyproof&endpoint=eu
access-control-allow-origin: *
date: Wed, 01 Mar 2023 07:31:37 GMT
access-control-allow-credentials: true
server: AkamaiGHost
content-length: 0

GET
H2

200

/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame D8EA
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=sZn9xIbZzF&consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2F71da423e3fcc7c87e88ac913d505141d.gif%3Fpuid%3D[PDID]
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=%5BGDPR_CONSENT%5D&referrer=https%3A%2F%2Fsync.admanmedia.com%2F
https://spl.zeotap.com/?zdid=689&env=mWeb&eventType=pageview
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=b15827ab-63f8-413d-5196-0e757d1fa6ac&env=mWeb&eventType=pageview&id_mid_4=b15827ab-63f8-413d-5196-0e757d1fa6ac&reqId=08dba597-f2b3-4ca...

95 B
360 B

165ms
164ms

Image
image/png

168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=b15827ab-63f8-413d-5196-0e757d1fa6ac&env=mWeb&eventType=pageview&id_mid_4=b15827ab-63f8-413d-5196-0e757d1fa6ac&reqId=08dba597-f2b3-4ca4-6895-4d60dd20e004&zdid=689
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/png
date: Wed, 01 Mar 2023 07:31:38 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

date: Wed, 01 Mar 2023 07:31:38 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html; charset=utf-8
location: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=b15827ab-63f8-413d-5196-0e757d1fa6ac&env=mWeb&eventType=pageview&id_mid_4=b15827ab-63f8-413d-5196-0e757d1fa6ac&reqId=08dba597-f2b3-4ca4-6895-4d60dd20e004&zdid=689
access-control-allow-origin: https://sync.admanmedia.com
access-control-allow-credentials: true
cf-ray: 7a0fb39678ff31de-MIA
access-control-allow-headers: *

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame D8EA
Redirect Chain

https://cs.admanmedia.com/sync/admanmedia?puid=4c4cf780-8980-4383-84e5-1e768c58841f&gdpr=0&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA]
https://usersync.gumgum.com/usersync?b=aad&i=4c4cf780-8980-4383-84e5-1e768c58841f

35 B
250 B

198ms
65ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=aad&i=4c4cf780-8980-4383-84e5-1e768c58841f
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 01 Mar 2023 07:31:38 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 01 Mar 2023 07:31:37 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: DENY
Location: http://usersync.gumgum.com/usersync?b=aad&i=4c4cf780-8980-4383-84e5-1e768c58841f
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame D8EA
Redirect Chain

https://idsync.rlcdn.com/711169.gif?partner_uid=4c4cf780-8980-4383-84e5-1e768c58841f&ct=4&cv=[GDPR_CONSENT]
https://idsync.rlcdn.com/1000.gif?memo=CIG0KxIwCiwIARCnhAoaJDRjNGNmNzgwLTg5ODAtNDM4My04NGU1LTFlNzY4YzU4ODQxZhAAGg0I2v77nwYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=b2d7606910fb597acd8498b6d05c01564351b311db950d70a22b765c9a6c5d91791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b2d7606910fb597acd8498b6d05c01564351b311db950d70a22b765c9a6c5d91791426b5417dce21&rand=04367447
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b2d7606910fb597acd8498b6d05c01564351b311db950d70a22b765c9a6c5d91791426b5417dce21&rand=04367447&expected_cookie=f6bd7c91-8181-453f-930d-13ae24dfb168

0
142 B

94ms
91ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b2d7606910fb597acd8498b6d05c01564351b311db950d70a22b765c9a6c5d91791426b5417dce21&rand=04367447&expected_cookie=f6bd7c91-8181-453f-930d-13ae24dfb168
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:38 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 208D28F965F041AAB3E894CBC4265A40 Ref B: MIA301000102019 Ref C: 2023-03-01T07:31:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX10bPmSBjcbM4n37vt/w==

Redirect headers

date: Wed, 01 Mar 2023 07:31:38 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FEA6B6CD884547DBAE8AE6E3764F8BC3 Ref B: MIA301000102019 Ref C: 2023-03-01T07:31:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: /db_sync?pid=10339&puuid=b2d7606910fb597acd8498b6d05c01564351b311db950d70a22b765c9a6c5d91791426b5417dce21&rand=04367447&expected_cookie=f6bd7c91-8181-453f-930d-13ae24dfb168
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX10bPk7iUPx6ntKhNlGg==

GET
H2 200 um
sync.e-planning.net/ Frame D8EA 42 B
104 B 214ms
67ms Image
image/gif 172.98.26.246
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=4c4cf780-8980-4383-84e5-1e768c58841f&dc=9937b3fd6e9a979a&iss=1
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

server: openresty
date: Wed, 01 Mar 2023 07:31:38 GMT
content-type: image/gif

GET
H2

200

/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame D8EA
Redirect Chain

https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=[PAGE]&consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2F5adaebfbb9dfe4ba75269cf62a4503e8.gif%3Fpuid%3D[PDID]
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=[PAGE]&consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2F5adaebfbb9dfe4ba75269cf62a4503e8.gif%3Fpuid%3D[PDI...
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=8721401424237650012

95 B
346 B

164ms
163ms

Image
image/png

168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=8721401424237650012
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/png
date: Wed, 01 Mar 2023 07:31:38 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Wed, 01 Mar 2023 07:31:38 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 38.132.118.72; 38.132.118.72; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cda335ac-d71c-4813-b0b3-f692e6006075
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=8721401424237650012
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

6ee87f33c866f2a98fb8fdaca65874d4.gif
sync.admanmedia.com/ Frame D8EA
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=29&redirectUri=https%3A%2F%2Fsync.admanmedia.com%2F6ee87f33c866f2a98fb8fdaca65874d4.gif%3Fpuid%3D[ssb_sync_pid]%26gdpr%3D0%26gdpr_consent%3D[GDPR...
https://sync.admanmedia.com/6ee87f33c866f2a98fb8fdaca65874d4.gif?puid=7274724299680949077&gdpr=0&gdpr_consent=[GDPR_CONSENT]

42 B
431 B

72ms
72ms

Image
image/gif

8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/6ee87f33c866f2a98fb8fdaca65874d4.gif?puid=7274724299680949077&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Mar 2023 07:31:38 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

Redirect headers

location: https://sync.admanmedia.com/6ee87f33c866f2a98fb8fdaca65874d4.gif?puid=7274724299680949077&gdpr=0&gdpr_consent=[GDPR_CONSENT]
date: Wed, 01 Mar 2023 07:31:38 GMT
content-length: 0

GET
H2

200

/
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/ Frame D8EA
Redirect Chain

https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2Fmm.gif%3Fpuid%3D[PDID]
https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2Fmm.gif%3Fpuid%3D[PDID]&rd=1

0
0

166ms
165ms

Image
text/html

168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2Fmm.gif%3Fpuid%3D[PDID]&rd=1
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

location: https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2Fmm.gif%3Fpuid%3D[PDID]&rd=1
date: Wed, 01 Mar 2023 07:31:38 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16453/ Frame D8EA 32 KB
10 KB 70ms
68ms Script
text/javascript 108.138.128.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16453/sync.min.js
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43819a0959568c295808f7f6ee23674b6c5f032706b4e2a59819522ff59f550c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 15:20:14 GMT
content-encoding: gzip
via: 1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:04:42 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 58284
etag: W/"5799dc693bf202ac397f5d0ba49ead37"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: YQ4fRLHEc8BsB4G75WYW_gLGmPrEaUa3V0dXlIGBn-jP29yvZfvFbw==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame D8EA 235 B
613 B 83ms
83ms XHR
application/json 52.21.186.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16453/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.186.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-186-137.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 73ea15885cc5fb0887a4fb1528e4d62b4e15840d1f97b3da8e674c07ba17ba49

Request headers

Referer: https://sync.admanmedia.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://sync.admanmedia.com
cache-control: no-cache
x-server: 10.40.42.0
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H/1.1 200
OK 52e278fed520834f1be1698d48654a33.gif Show response
sync.admanmedia.com/ Frame D8EA 42 B
431 B 72ms
72ms XHR
image/gif 8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.admanmedia.com/52e278fed520834f1be1698d48654a33.gif?puid=35c0f06ae6ab4b51465d9506f540c387
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Mar 2023 07:31:38 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 bridge3.558.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1029 695 KB
222 KB 67ms
65ms Document
text/html 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.558.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e0336810f6b3552a253f6baada3910e5e6b1cdd7dd9ca11d1b0740bbe923350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qqel.cesajiol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 459054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227482
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 00:00:44 GMT
expires: Sat, 24 Feb 2024 00:00:44 GMT
last-modified: Thu, 23 Feb 2023 23:56:11 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 232ms
94ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Mar 2023 07:31:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 81ms
79ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qqel.cesajiol.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

trace.js Show response
dmp.theadex.com/
Redirect Chain

https://dmp.theadex.com/trace.js?adex_consent=1
https://dmp.theadex.com/trace.js?adex_consent=1&axd_sc=4321118274896255212

305 B
335 B

214ms
213ms

Script
application/javascript

185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.theadex.com/trace.js?adex_consent=1&axd_sc=4321118274896255212
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: 6fcd616b15d8de71bbe34b63e0ede039067d3aa561e29df4514d59a036fcb322

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Wed, 01 Mar 2023 07:31:38 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 305
content-type: application/javascript

Redirect headers

location: ?adex_consent=1&axd_sc=4321118274896255212
pragma: no-cache
date: Wed, 01 Mar 2023 07:31:38 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302171719000/ Frame 1AD0 222 KB
61 KB 223ms
66ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Feb 2023 18:08:24 GMT
age: 134594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61847
x-xss-protection: 0
server: sffe
etag: "b91941a2860567a7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Feb 2024 18:08:24 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 1AD0 15 KB
5 KB 367ms
211ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Feb 2023 18:08:24 GMT
age: 134594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5237
x-xss-protection: 0
server: sffe
etag: "304dd5725e1eccd8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Feb 2024 18:08:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 1AD0 94 KB
28 KB 337ms
181ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Feb 2023 18:08:24 GMT
age: 134594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28901
x-xss-protection: 0
server: sffe
etag: "8f636c70fc937458"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Feb 2024 18:08:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 1AD0 5 KB
2 KB 370ms
215ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Feb 2023 18:08:24 GMT
age: 134594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1926
x-xss-protection: 0
server: sffe
etag: "df03f558eda3b320"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Feb 2024 18:08:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 1AD0 40 KB
13 KB 372ms
217ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Feb 2023 18:08:24 GMT
age: 134594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12954
x-xss-protection: 0
server: sffe
etag: "e0426f4a93046162"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Feb 2024 18:08:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1AD0 4 KB
1 KB 226ms
82ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Mar 2023 07:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 06:43:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Mar 2023 07:31:38 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1AD0 2 KB
3 KB 290ms
149ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:36 GMT
x-content-type-options: nosniff
server: cafe
age: 62102
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 01 Mar 2023 14:16:36 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1AD0 295 B
664 B 206ms
65ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:37 GMT
x-content-type-options: nosniff
server: cafe
age: 62101
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 01 Mar 2023 14:16:37 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1AD0 0
0 96ms
95ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSxDNWf_-Y971GMHZzwXX14v4BqDpk8Ru2YKhs6kRmJL4h7MCEAEg4fW4K2DJhoCA3KPEEKAB1c6IwCjIAQngAgCoAwHIAwqqBO0BT9BLQX3aU84AlQ228D3q1tgTsn-OezWn4cMdtCSwtyFZzPGGFlBclz2KPj7NeoVtC3rweIF1SGnxbEjG5ibaSK9o-e1hfIoffbpLgQ-xut5ssuWv-8vg7rgLL7LUNCdg1fXhgVzOxFlVYznX2Q1oHWwcfPSSRRrdlPXkPHxbA6u_rOjnXWZhF6XsODWjz1UPhSHJKMAdBcLH_hWk2xmB5KDSgz9mHWk6caOrOcwHh11VTYx5PuAcpRXTrl9VWjhIbfSxmFGdfZPK3Wa1ugsl9ac16H6gID64J_asGXeQa276IOCP2BAEiCuU0VHMwATClN2yoQTgBAGSBQQIBBgBkgUECAUYBKAGLoAH1YbZnwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDu60zSCA8IgGEQARgdMgKKAjoCgECACgPICwG4E-QD2BMN0BUBgBcBshceChwIABIUcHViLTU5NzU2MjU2OTc5NzQyNTkYqZ0U&sigh=_HicXGA9WqQ&uach_m=[UACH]&cid=CAQSTADUE5ymh1UWjW7p3NF_523i9-IC6dyrAlgO5hgEZ7xt1rJGz_VkqpoidMI972as50sg_LY2xhK9qGz3hAUMwcnOIVtR3J3Fw3i63vsYAQ&template_id=484
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/5686722174174790658/ Frame 1AD0 24 KB
24 KB 180ms
66ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5686722174174790658/6592766407814317453

Requested by

Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6fc500d3365c391aaf5dd9cc2487471abca87d4d9efc94e74e6c0c970520cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 10:32:02 GMT
x-content-type-options: nosniff
age: 161976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24536
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 19:57:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 27 Feb 2024 10:32:02 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8915345476903415265/ Frame 1AD0 1 KB
1 KB 264ms
151ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8915345476903415265/14763004658117789537?w=100&h=100

Requested by

Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7252c7eaf5c2a2deb5a7d7f20758d1a9f326dcdf022f9a76325a79bd6a842f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:21:19 GMT
x-content-type-options: nosniff
age: 216619
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1202
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 15:16:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Feb 2024 19:21:19 GMT

GET
DATA 200
OK truncated
/ Frame 1AD0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32fbd500d74702319fd3db2c3327a8fb798adb44589ab8e94f911247bba481da

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
log.pinterest.com/ 0
335 B 171ms
68ms Image
text/plain 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=Hfbnb1BuU0hS&tv=2021110201&event=init&sub=www&button_count=2&follow_count=0&pin_count=0&button_hover=1&custom_local=1&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.tudoreceitas.com%2Freceita-de-torta-de-frango-com-milho-11161.html&viaSrc=canonical
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 01 Mar 2023 07:31:38 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 9441381759264033
content-length: 0
x-served-by: cache-gnv1820033-GNV
pragma: no-cache
server: envoy
x-timer: S1677655899.540037,VS0,VE26
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1029 156 B
884 B 269ms
108ms XHR
text/xml 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F320365155%2C27212193%2Ff1549850d062a3fcPi&description_url=https%3A%2F%2Fqqel.cesajiol.com%2F&tfcd=0&npa=0&sz=640x480%7C400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3727599226654113&vpa=auto&vpmute=1&sdkv=h.3.558.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=2781354830&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.558.0&sid=0E5B0550-D5DC-4E4A-94A6-8B5217DE7149&nel=0&eid=44748969%2C44765701%2C44773332%2C44777649%2C44781753%2C44782991%2C44783708&url=https%3A%2F%2Fqqel.cesajiol.com%2F&dt=1677655898431&cookie_enabled=1&scor=4445714802699304&ged=ve4_td2_er5172.-4000.5331.-3700_vi0.0.1200.1600_vp0_eb16488

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.558.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 NA4CBBAUGCgqNHbCAcwBhAKwBN4E Show response
api.theadex.com/collector/v1/d/1609/6436/cmframe/ Frame A34D 3 KB
3 KB 502ms
160ms Document
text/html 185.15.245.80
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Requested by: Host: dmp.theadex.com
URL: https://dmp.theadex.com/d/1609/6436/s/adex.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: a3b024f9e1fdff3d5059ac0c6318d88c2df3100d7d3158de859ab783d8cc79ec

Request headers

Referer: https://qqel.cesajiol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-length: 2732
content-type: text/html; charset=utf-8
date: Wed, 01 Mar 2023 07:31:39 GMT
expires: 0
pragma: no-cache

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1AD0 15 KB
16 KB 223ms
81ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qqel.cesajiol.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:34:08 GMT
x-content-type-options: nosniff
age: 550650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 22:34:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1AD0 15 KB
16 KB 206ms
65ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qqel.cesajiol.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 23:04:08 GMT
x-content-type-options: nosniff
age: 548850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 23:04:08 GMT

POST csi
csi.gstatic.com/ Frame 1029 0
0

GET
H3 200 bridge3.558.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6180 695 KB
222 KB 68ms
67ms Document
text/html 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.558.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e0336810f6b3552a253f6baada3910e5e6b1cdd7dd9ca11d1b0740bbe923350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qqel.cesajiol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 459054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227482
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 00:00:44 GMT
expires: Sat, 24 Feb 2024 00:00:44 GMT
last-modified: Thu, 23 Feb 2023 23:56:11 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 83ms
82ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qqel.cesajiol.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame A34D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D1%26axd_fuid%3D%24UID
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=1&axd_fuid=8721401424237650012

0
84 B

159ms
159ms

Image
text/plain

185.15.245.80
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=1&axd_fuid=8721401424237650012
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: H2
Server: 185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

Date: Wed, 01 Mar 2023 07:31:39 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 38.132.118.72; 38.132.118.72; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 511ef3e7-cca9-4cf6-b410-3e8259fbfe6a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=1&axd_fuid=8721401424237650012
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

202

2.gif
dmp.theadex.com/d/1609/i/ Frame A34D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1010&adx_id=1609
https://c1.adform.net/serving/cookie/match/?CC=1&party=1010&adx_id=1609
https://dmp.theadex.com/d/1609/i/2.gif?axd_pid=2&axd_fuid=5492445682907216564

0
166 B

160ms
159ms

Image
text/plain

185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/1609/i/2.gif?axd_pid=2&axd_fuid=5492445682907216564
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: H2
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dmp.theadex.com/d/1609/i/2.gif?axd_pid=2&axd_fuid=5492445682907216564
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

202

cm.gif
dmp.theadex.com/d/ Frame A34D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_sc&google_nid=theadex_dmp&google_cm&axd_cuid=1609&c=4321118274896255212
https://dmp.theadex.com/d/cm.gif?axd_pid=8&axd_fuid=CAESEOzXrVsHxNHWYozWBmIoB3g&google_cver=1&axd_cuid=1609&c=4321118274896255212

0
80 B

159ms
158ms

Image
text/plain

185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/cm.gif?axd_pid=8&axd_fuid=CAESEOzXrVsHxNHWYozWBmIoB3g&google_cver=1&axd_cuid=1609&c=4321118274896255212
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: H2
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dmp.theadex.com/d/cm.gif?axd_pid=8&axd_fuid=CAESEOzXrVsHxNHWYozWBmIoB3g&google_cver=1&axd_cuid=1609&c=4321118274896255212
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame A34D
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D10%26axd_fuid%3D%5BMM_UUID%5D
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=10&axd_fuid=797363fe-ff5a-4d00-a701-40dbf1f2bf2a

0
251 B

163ms
159ms

Image
text/plain

185.15.245.80
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=10&axd_fuid=797363fe-ff5a-4d00-a701-40dbf1f2bf2a
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: H2
Server: 185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

Date: Wed, 01 Mar 2023 07:31:39 GMT
Server: MT3 530 4e92630 master iad-pixel-x18 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=10&axd_fuid=797363fe-ff5a-4d00-a701-40dbf1f2bf2a
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 01 Mar 2023 07:31:38 GMT

GET
H2

202

cm.gif
dmp.theadex.com/d/ Frame A34D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=theadex&ttd_puid=1609&ttd_tpi=1
https://dmp.theadex.com/d/cm.gif?axd_cuid=1609&axd_pid=12&axd_fuid=1ca22d85-a644-4e66-8f3f-1e0f170dc8d0

0
80 B

160ms
159ms

Image
text/plain

185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/cm.gif?axd_cuid=1609&axd_pid=12&axd_fuid=1ca22d85-a644-4e66-8f3f-1e0f170dc8d0
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: H2
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.theadex.com/d/cm.gif?axd_cuid=1609&axd_pid=12&axd_fuid=1ca22d85-a644-4e66-8f3f-1e0f170dc8d0
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 237

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame A34D 0
472 B 298ms
65ms Image
text/plain 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=34450&puid=4321118274896255212
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: b3266a43228eaeab48f59934ee9159da
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame A34D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D21%26axd_fuid%3D%23PM_USER_ID
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=21&axd_fuid=2FBA8A64-B156-4CFE-B8E0-524E1D2B6A16

0
79 B

164ms
159ms

Image
text/plain

185.15.245.80
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=21&axd_fuid=2FBA8A64-B156-4CFE-B8E0-524E1D2B6A16
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: H2
Server: 185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=21&axd_fuid=2FBA8A64-B156-4CFE-B8E0-524E1D2B6A16
date: Wed, 01 Mar 2023 07:31:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame A34D
Redirect Chain

https://ads.creative-serving.com/cm?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D26%26axd_fuid%3D%24%7BUUID%7D
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=26&axd_fuid=c251008d-2395-452c-9928-5a0ac4b67532

0
92 B

161ms
158ms

Image
text/plain

185.15.245.80
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=26&axd_fuid=c251008d-2395-452c-9928-5a0ac4b67532
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: H2
Server: 185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

Location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=26&axd_fuid=c251008d-2395-452c-9928-5a0ac4b67532
Date: Wed, 01 Mar 2023 07:31:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame A34D
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D59%26axd_fuid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=59&axd_fuid=[sas_uid]&cklb=1

0
75 B

40ms
39ms

Image
text/plain

199.187.193.181
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=59&axd_fuid=[sas_uid]&cklb=1
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: HTTP/1.1
Server: 199.187.193.181 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:39 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=59&axd_fuid=[sas_uid]&cklb=1
pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame A34D
Redirect Chain

https://dpm.demdex.net/ibs:dpid=110947&dpuuid=4321118274896255212&redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D97%26axd_f...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=110947&dpuuid=4321118274896255212&redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%...
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=97&axd_fuid=32340966325073532160721081448658767834

0
92 B

166ms
165ms

Image
text/plain

185.15.245.80
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=97&axd_fuid=32340966325073532160721081448658767834
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: H2
Server: 185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

DCS: dcs-prod-va6-1-v045-0ceb2a318.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: IpoeyvrNS1o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=97&axd_fuid=32340966325073532160721081448658767834
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame A34D
Redirect Chain

https://ps.eyeota.net/click?pid=6t2b2cv&t=gif&r=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D102%26axd_fuid%3D%7BUUID_6t2b2cv%7D
https://ps.eyeota.net/click/bounce/?pid=6t2b2cv&t=gif&r=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D102%26axd_fuid%3D%7BUUID_6...
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=102&axd_fuid=2_RW0hIxOkQN1LvBIwMcTqF4zFhGhpjQVFpGyfZ7ngA8

0
92 B

165ms
157ms

Image
text/plain

185.15.245.80
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=102&axd_fuid=2_RW0hIxOkQN1LvBIwMcTqF4zFhGhpjQVFpGyfZ7ngA8
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: H2
Server: 185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

Location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=102&axd_fuid=2_RW0hIxOkQN1LvBIwMcTqF4zFhGhpjQVFpGyfZ7ngA8
Date: Wed, 01 Mar 2023 07:31:39 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

202

cm.gif
dmp.theadex.com/d/ Frame A34D
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADEX&axd_cuid=1609
https://ups.analytics.yahoo.com/ups/58676/cms?partner_id=ADEX&axd_cuid=1609
https://dmp.theadex.com/d/cm.gif?axd_pid=130&axd_fuid=y-BxmpuB9E2pGDntQti7iWsj2hSJy7K9123A--~A&axd_cuid=1609

0
320 B

165ms
158ms

Image
text/plain

185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/cm.gif?axd_pid=130&axd_fuid=y-BxmpuB9E2pGDntQti7iWsj2hSJy7K9123A--~A&axd_cuid=1609
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: H2
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

location: https://dmp.theadex.com/d/cm.gif?axd_pid=130&axd_fuid=y-BxmpuB9E2pGDntQti7iWsj2hSJy7K9123A--~A&axd_cuid=1609
date: Wed, 01 Mar 2023 07:31:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame A34D
Redirect Chain

https://id5-sync.com/s/159/9.gif?callback=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D280%26axd_fuid%3D%7BID5UID%7D&puid=43211...
https://id5-sync.com/c/159/159/0/1.gif?puid=4321118274896255212&gdpr=0&gdpr_consent=&us_privacy=
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=280&axd_fuid=ID5-946f8SKqhQ-SsAJ9gMNpOoHDHbjl8BRW49GQGBj5Wg

0
302 B

174ms
159ms

Image
text/plain

185.15.245.80
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=280&axd_fuid=ID5-946f8SKqhQ-SsAJ9gMNpOoHDHbjl8BRW49GQGBj5Wg
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: H2
Server: 185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:40 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=280&axd_fuid=ID5-946f8SKqhQ-SsAJ9gMNpOoHDHbjl8BRW49GQGBj5Wg
date: Wed, 01 Mar 2023 07:31:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame A34D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/34ZMEAI0?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D303%26axd_fuid%3D%24%7BTM_U...
https://sync-tm.everesttech.net/ct/upi/pid/34ZMEAI0?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4321118274896255212%26axd_pid%3D303%26axd_fuid%3D%24%7BT...
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=303&axd_fuid=Y-7-WwAAATShCAAF%20&_test=Y-7-WwAAATShCAAF

0
259 B

172ms
172ms

Image
text/plain

185.15.245.80
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=303&axd_fuid=Y-7-WwAAATShCAAF%20&_test=Y-7-WwAAATShCAAF
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Protocol: H2
Server: 185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

x-served-by: cache-fty21350-FTY
pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1677655900.620954,VS0,VE0
x-cache: HIT
location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4321118274896255212&axd_pid=303&axd_fuid=Y-7-WwAAATShCAAF &_test=Y-7-WwAAATShCAAF
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 202 1.gif
dmp.theadex.com/d/1609/6436/i/ 0
42 B 160ms
159ms Image
text/plain 185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/1609/6436/i/1.gif?c=4321118274896255212&t=1&location=https%3A%2F%2Fqqel.cesajiol.com%2F&protocol=https%3A%2F%2F&date=1677655898&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client&sw=1600&sh=1200&sd=24&pd=24&saw=1600&sah=1200&vw=1600&vh=1200&pmd=A%20torta%20de%20frango%20com%20milho%20%C3%A9%20uma%20op%C3%A7%C3%A3o%20deliciosa%20para%20quem%20busca%20praticidade%20e%20sabor.%20A%20massa%20de%20liquidificador%20%C3%A9%20simples%20e%20f%C3%A1cil%20de%20fazer%2C%20leva%20poucos%20ingredientes%20e%20%C3%A9%20uma%20receita%20pr%C3%A1tica%20e%20vers%C3%A1til&pmt=Torta%20de%20Frango%20com%20milho%20-%20Super%20recheada!&r=5c839bac0545afbb678f521f2971b851&c=4321118274896255212&adex_consent=1&adex_consent_origin=https%3A%2F%2Fqqel.cesajiol.com%2F&adex_consent_hash=6Y09Ew
Requested by: Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:39 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET /
s.richaudience.com/vid//1677655897619/ Frame 6180 0
0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 239ms
118ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/library/prebid/prebid_20180601115812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Mar 2023 07:31:40 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1AD0 42 B
404 B 238ms
86ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKrR8eWW_ZF6bLsHs7SL96PlGh9eJ2gb5iP-aSMSoCTKe0RKYXPX0LkyL3yCqW_Sv1psPCWHxXyfb2dgd7wtMPdTAu4tXdkXODyBV_3zubp-SVPRhwKtxymLjxSzT0DXq2b5I&sai=AMfl-YTfu9dEpZt0WTyRjuo6QBKNjQzB0-3Egn8pUN6j_GUHqDzPgzM51azsbgFJTImn-GMirNb6sfHrJtufG0HX3jel6oukzb5EGQbsYMl1Ci1wwcvBQLBterWIJtqHd2FQp6-omeqnSxTiOgzJ6g&sig=Cg0ArKJSzJU0vUIji9VkEAE&cid=CAQSTADUE5ymh1UWjW7p3NF_523i9-IC6dyrAlgO5hgEZ7xt1rJGz_VkqpoidMI972as50sg_LY2xhK9qGz3hAUMwcnOIVtR3J3Fw3i63vsYAQ&id=ampim&o=298,1141&d=1005,124&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=551&tls=1551&g=63.70967626571655&h=100&tt=1552&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: qqel.cesajiol.com
URL: https://qqel.cesajiol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
pub.admanmedia.com/ 2 KB
2 KB 78ms
77ms Fetch
application/json 8.2.110.31
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.admanmedia.com/?c=b&m=api&placementId=6817&domain=qqel.cesajiol.com&page=https%3A%2F%2Fqqel.cesajiol.com%2F&secure=1&language=en&gdpr_consent=&gdpr=0&waterfall=true

Requested by

Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs-adman-player2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.2.110.31 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

0a70be2d5a66d0222edcfd5f94072357ebfb1a48ededc320bb7f8a2cb427493e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 01 Mar 2023 07:31:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://qqel.cesajiol.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2109

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 220ms
88ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

557caa3d755d8e83b8a237b82a806fe388c948e485be12c621208f04626cc448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11322
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 157C 76 KB
26 KB 88ms
88ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs-adman-player2.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59b45f14285c4aeadef95ddba1cb7101782bffadccd75b26815d13cad26288fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26877
x-xss-protection: 0
server: sffe
etag: "1497 / 581 of 1000 / last-modified: 1677625601"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 01 Mar 2023 07:31:40 GMT

GET
H3 200 pubads_impl_2023022301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 157C 384 KB
130 KB 72ms
68ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132695
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 09:36:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Feb 2024 20:58:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 157C 59 B
86 B 82ms
80ms XHR
application/json 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=qqel.cesajiol.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b14fbc2623b30f2fd74fe3325434fc02f9cd13ef248ded753a74c1c13603d5f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
x-xss-protection: 0
expires: Wed, 01 Mar 2023 07:31:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 93ms
90ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 07:31:40 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0543 13 KB
5 KB 82ms
63ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qqel.cesajiol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 42731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 19:39:29 GMT
expires: Wed, 28 Feb 2024 19:39:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ABC4 783 B
1 KB 345ms
86ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8aa20dd701e607fe893e8702c31bdfdc1fa234d4f460401abb9f3ea94b2a389e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QFx5R2T2mhX9lLjPlQHtpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qqel.cesajiol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-QFx5R2T2mhX9lLjPlQHtpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 07:31:40 GMT
expires: Wed, 01 Mar 2023 07:31:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 157C 107 B
122 B 150ms
149ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qqel.cesajiol.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 157C 471 B
241 B 143ms
142ms XHR
text/plain 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3232801672257590&correlator=507811872572606&eid=31072029%2C44785063%2C44780989&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fif&iu_parts=320365155%3A27212193%2Cf1549850d062a3fcdisplay&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C250x250%7C300x250%7C600x250%7C300x600%7C320x50%7C400x600%7C320x480%7C300x400%7C336x280%7C480x320%7C600x338%7C400x336%7C600x336&ifi=1&adks=2125912155&sfv=1-0-40&sc=1&cookie=ID%3Dca41cb2229d662e4%3AT%3D1677655897%3AS%3DALNI_MbscTdbDhybihl6ZGA0RBjhBmaPKQ&gpic=UID%3D000009c5ec63e127%3AT%3D1677655897%3ART%3D1677655897%3AS%3DALNI_MZHnn2_DK8KgWucv4OcxzBBKa_jBw&abxe=1&dt=1677655900661&lmt=1677655900&dlt=1677655900247&idt=359&adxs=484&adys=4418&biw=1600&bih=1200&isw=600&scr_x=0&scr_y=0&btvi=1&ucis=aou3a29r34hk&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fqqel.cesajiol.com%2F&ref=https%3A%2F%2Fqqel.cesajiol.com%2F&top=https%3A%2F%2Fqqel.cesajiol.com%2F&frm=23&vis=1&psz=300x0&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1084524279.1677655897&ga_sid=1677655901&ga_hid=388175324&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

844e2c0e1d59305d8319ad7814dd278853e59ec2ba3622f5d7c6c2def6f8d367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://qqel.cesajiol.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 157C 15 KB
11 KB 140ms
140ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91deca0b75e434a8a8fd440dde8d9cff512ed08ffe498739c18ec0f9bea3d1cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11265
x-xss-protection: 0

GET
H2 200 container.html Show response
dfe7a8bdbf231c74b7b0adf2c69de1a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8463 6 KB
3 KB 105ms
92ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dfe7a8bdbf231c74b7b0adf2c69de1a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qqel.cesajiol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 07:31:40 GMT
expires: Thu, 29 Feb 2024 07:31:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0543 36 KB
14 KB 87ms
62ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:30:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 385248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 20:30:52 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 157C 17 KB
6 KB 99ms
92ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 07:31:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ABC4 0
0 83ms
82ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022301&jk=3947091797385913&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0543 0
10 B 66ms
66ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Kqzq8Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 29D8 13 KB
5 KB 70ms
67ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qqel.cesajiol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 42732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 19:39:29 GMT
expires: Wed, 28 Feb 2024 19:39:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 56C2 783 B
765 B 86ms
84ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ef129a28979f3731e1c5f6c83d42039488461526289dc3c1c17fe6774206f8a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GgwmUuSAIl4FiB71ukNaIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qqel.cesajiol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-GgwmUuSAIl4FiB71ukNaIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 07:31:41 GMT
expires: Wed, 01 Mar 2023 07:31:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame 29D8 36 KB
14 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:30:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 385249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 20:30:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 56C2 0
0 83ms
82ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022301&jk=3232801672257590&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3381 15 KB
6 KB 62ms
60ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=qqel.cesajiol.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://qqel.cesajiol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 07:31:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 757637
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 230ms
114ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Mar 2023 07:31:41 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3381
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=cesajiol.com&sn=ChromeSyncframe&so=0&topUrl=qqel.cesajiol.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=LBMBN3xZYXVIdSs4RjR3dVQ4UFZPUDE4ZGJOWVBTSSsvTmhubWFGWDFTQWI2eDlrdTBrbUJtK3ZYMEpnZ3hxZE9EMkRzUXhmNmlHeXltVS9mL29HR1BONGw0ajJXT3lMQ0ptbkwvcVpiMkFTVlJLcENqNEU4WWdpVTFib2...

433 B
652 B

186ms
60ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=LBMBN3xZYXVIdSs4RjR3dVQ4UFZPUDE4ZGJOWVBTSSsvTmhubWFGWDFTQWI2eDlrdTBrbUJtK3ZYMEpnZ3hxZE9EMkRzUXhmNmlHeXltVS9mL29HR1BONGw0ajJXT3lMQ0ptbkwvcVpiMkFTVlJLcENqNEU4WWdpVTFib2IwOElGbzA0WE5PMjFpTGwrRUVRaXpMM1FzMnRLcWtLeldwQUtteElpU3pHQk5jV2I2TXJHZFB6anFvZW9GbVdxMmdNZWhmdGszWXZCOXg1Zk9vdEhQenRjMFozOUt2OXUrVTE1aHlMU0s0aWxhRk1wVjZtbXR6RXBuMCtVOVhaZE5CajVNSE9aNXZMbytjb1UrWEtYRHJXbDQyQ3pvUT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6f9b6fc643153cca46a9ac3ca361b1308b112a2b473a51a7f070b3c518adc810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:40 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2487636
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Mar 2023 07:31:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=LBMBN3xZYXVIdSs4RjR3dVQ4UFZPUDE4ZGJOWVBTSSsvTmhubWFGWDFTQWI2eDlrdTBrbUJtK3ZYMEpnZ3hxZE9EMkRzUXhmNmlHeXltVS9mL29HR1BONGw0ajJXT3lMQ0ptbkwvcVpiMkFTVlJLcENqNEU4WWdpVTFib2IwOElGbzA0WE5PMjFpTGwrRUVRaXpMM1FzMnRLcWtLeldwQUtteElpU3pHQk5jV2I2TXJHZFB6anFvZW9GbVdxMmdNZWhmdGszWXZCOXg1Zk9vdEhQenRjMFozOUt2OXUrVTE1aHlMU0s0aWxhRk1wVjZtbXR6RXBuMCtVOVhaZE5CajVNSE9aNXZMbytjb1UrWEtYRHJXbDQyQ3pvUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 499594
content-length: 0
expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 29D8 0
10 B 66ms
65ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?r1dqfw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:31:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 85ms
84ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022301&jk=3947091797385913&bg=!bm2lbTnNAAbK-VRH6vk7ADkAdvg8WkXIoL5pLxyCCbtj4nkzEp073JTQTdqfnKdME6yXP4sQObnh-Kswg8Ggf3IwUWRiAWB44ZQCAAAAolIAAAAEaAEHCgCVRK9AKzYYsKrEPsvQ9vkn1iF2vM4n63CBcln23OgN2N69TGPO1CImW3P45V9b9EDziKl7cMvDWGaswAGTrVARS7y8G4MvaqqMpSxN_nIVgzy4i8hXAzk3ugGYgVA-bCVKPLficiVXHv6N0rO51BGYcbFyzB1HWNp2Uhxox1rvPJLaTEF9U0n8pdpfteuz0kMdfikQxUWZArCsry2zCYpnC-cwkO3dWu7Org0FTo3EvkGIJYr-8-B0nalSSySbUZ1jLws-6eHjOM8Dq4OCnUWUhgQRyCdjAalSgdxFrf79IdHbxFa74OqdCz7ER4pA64iDxz21hKvGdhH4kqSYkKo_hwghL_67MKmQtee22JahPja22MSbclgTpUt30YdFpGhyUqQr0-0oveTwn3kIQbej2y3g4B4BZS7RgznlKHqZ7-bm_SlTurHSivk4kYTMCs80iCdQyhes-yT-wlwr98EeHHCLU84w32OGeGfBlF_RfF__-8qAP7qd7a3-Gk-Xm3d05vWTZjspwaVSofaTsiYYgFBU_pD20JzlKMMMLg_RMjHpxt4hg-6EQCWirhOQabZHeeERktTsUFE4FVJXz3TYYRkwqtVIP3eFykos5Hf9QZnPkWQHQyKMJ0CTfMzFJl_g4afSTCJWGT8Hm9GiZrPfrGPSUjPCtLMENPxx4fzgHrXZP0yI8AsGSmIqkjoowq1YPJ97t6YVPRyByQeWnA5QwsjNxhRx38Ibjwhg-Jj_faYzW_jC52MRWrW9igV5t2sJ2vfOKTMdhaSvQLjUUpCWvDshCDEt5icsWsw8wPyaOpgt4kgFE7YvfQpraQaDEf8wiMZPbNdC_e8zXK0XcIuSyfUkmbZF2BfoOBpBWlVD7AcCoND_esPjgV1StaoxVDzrGq2mln5xwsoTvcyh3UQLwHlA7gdRxtUvvKC7-8WVxMUxyHk_9brAiMb4AyewveoZklsq7fRNbuW-MJLlusYYJ2D2Kd99icdWefVaRQM4tA5bNgx1hpQvpP_Cq21WzXXecBk8S4-8EM_3OU4SX1Q80iwGsmMMyegaiSAFgu5HCMyNgxAuBuW5IOGHeO6wEvhidnFCCyo57ISmx2PaPhDueVFoExVaS8ls
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 157C 0
0 85ms
85ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022301&jk=3232801672257590&bg=!NTalNmLNAAbK-VRH6vk7ADkAdvg8WtVzOCk6qcvJgT-EpOSLaJ5nMxBhv4dCHyIyjUDEqd4KwbYJc6hz11Mg2fnyQYxoGRnwq-sCAAAAt1IAAAADaAEHCgA_oTV4vgz77QyYOlq9LPHE9OBstSiA_c9zk5vHjKzrynSJTy_IgINpdQugYSWBk8QHGCgXUVroHnoIFHy40cTImQKwz2uMcyk9e-to0JK6lNgCedo69OTxTYvYK01nmBwPF2lmYwHmkPEAhZAQxB51eyg0FBO5IXggVKteHo46QKS0KdEYqHgVaQBhh5PIV4AFkqA7svDeaEZ4wB96sCX3qFMnsopM5aMEElUvg966rzURvy4SaoRdeiu5BDbQAx4s30NYOVRQ6x3QOQmsE5GXNJh2wjYrvRtUDy_oEwoi_CyX7Wq2CdjktTDPYRM9RQ0-Ti4EkqMi5kKnEOwxolzCoABZl7DYO2NDFRIaRyV5e5kxIkpBkZrW5j1xEinT_tMucwXVbIi8uvE7MGYYCKacRgzKaDcV3HR6IOig_KPF5E6cnaquFBqPmOxT-ndKeCW77iPa-HZJUC1VAO30aZiynSfXO-pWdMDuS7JkMgv3KD_lW77Bl2zX83-aPBvNZKfYWECEmLxjRuAaJF5t_qObr_xN9934E1AjrOC3Dsa06gbv0QxFZIDun5VozfFAm6N5KoZtLqTql9qoAraSF3-vgzSLFzTDZGtXQCeXaDkRIsVXwmO4dAreeamqBzErTR-tBhjLkQm2ZvrdHfWhLyUGbUgse6tCdb0AMdbymZxHHJal2P2cS03Vyxi81QgMOPQ22DtSDBECQRIx6CUF2pEqVwWn9bt7krwPZ2yYfwrng0JIsR1noAgulpFz_iU3Fc9Zk5rwMSj_XteWsnAKQx83iYafLUr9MaKbZDN6JQ_rwLuMFTHbg3-j7FJr5SPaAi0skcpuUrefTnn4ks5IiyrZCiTdt_xAr0E2m8Vin5VxWFOUtdZlsykaDTKL8YhKAgjFquN85fmyhKINNoyLo2iQY47CMTJ3bJnMQbB1OHoDL-hHDL1szXNL5_-ytuMSwqJDnMdBi9iy8lQbmz8T0x7GSbGxY8bxMJj5o31GIU-7RD6Ojw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qqel.cesajiol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET t.js
fantoly.com/ Frame 6AAF 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/fonts/Catamaran-regular/Catamaran-regular.woff2

Domain: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/fonts/Catamaran-700/Catamaran-700.woff2

Domain: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/fonts/Catamaran-300/Catamaran-300.woff2

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lepd07uo&c=7808168780449&slotId=3904084390224.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lepd0860&c=7808168780449&slotId=3904084390224.5&uet=2&ghmsh_eids=44748969%2C44765701%2C44773332%2C44777649%2C44781753%2C44782991%2C44783708

Domain: s.richaudience.com
URL: https://s.richaudience.com/vid//1677655897619/?mref=https%3A%2F%2Fqqel.cesajiol.com%2F&consentString=

Domain: s.richaudience.com
URL: https://s.richaudience.com/vid//1677655897619/?mref=https%3A%2F%2Fqqel.cesajiol.com%2F&consentString=

Domain: fantoly.com
URL: https://fantoly.com/t.js?i=c874wte83omk5fbxowd0k&cb=1820401677655904132

Verdicts & Comments Add Verdict or Comment

255 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

78 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qqel.cesajiol.com/	1970-01-20 10:45:34	Name: _subid Value: 3pno8md1t5q8e
qqel.cesajiol.com/	1970-01-20 19:36:55	Name: 05709 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEyODU0NFwiOjE2Nzc2NTU4OTV9LFwiY2FtcGFpZ25zXCI6e1wiNTczODhcIjoxNjc3NjU1ODk1fSxcInRpbWVcIjoxNjc3NjU1ODk1fSJ9.b_bUsWxAQ9f-aD2OfeymGLWg861ZRdLsB9VUJJK7MWo
.cesajiol.com/	1970-01-20 19:36:55	Name: _ga Value: GA1.2.1084524279.1677655897
.cesajiol.com/	1970-01-20 10:02:22	Name: _gid Value: GA1.2.1413498369.1677655897
.cesajiol.com/	1970-01-20 10:00:55	Name: _gat Value: 1
.rubiconproject.com/	1970-01-20 18:46:31	Name: khaos Value: LEPD070H-Y-5J8U
qqel.cesajiol.com/	1969-12-31 23:59:59	Name: TAPAD Value: %7B%22id%22%3A%22410692c7-90e0-4b15-852e-7bfeed0814a7%22%7D
.cesajiol.com/	1970-01-20 10:00:55	Name: lotame_domain_check Value: cesajiol.com
.tapad.com/	1970-01-20 11:27:19	Name: TapAd_TS Value: 1677655897712
.tapad.com/	1970-01-20 11:27:19	Name: TapAd_DID Value: b7380467-7e2e-48ab-b7c3-f87f9859a326
.admanmedia.com/	1970-01-20 18:46:31	Name: admtr Value: 4c4cf780-8980-4383-84e5-1e768c58841f
.crwdcntrl.net/	1970-01-20 16:29:42	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 16:29:42	Name: _cc_id Value: 35c0f06ae6ab4b51465d9506f540c387
.cesajiol.com/	1970-01-20 16:29:43	Name: _cc_id Value: 35c0f06ae6ab4b51465d9506f540c387
.cesajiol.com/	1970-01-20 10:02:22	Name: panoramaId_expiry Value: 1677742297815
.bidswitch.net/	1970-01-20 18:46:31	Name: tuuid Value: 472247f4-31d3-45db-b8c3-b585a2f84572
.bidswitch.net/	1970-01-20 18:46:31	Name: c Value: 1677655897
.acuityplatform.com/	1970-01-20 18:46:31	Name: auid Value: 749222982334
.acuityplatform.com/	1970-01-20 18:46:31	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTM0+o11c2VyTWF0Y2hpbmdJZCQEjJFsYXN0RHJvcFRpbWVNaWxsaXMlAUMnAlc7oJhsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQFDJwJXO6CPdGhpcmRQYXJ0eVVzZXJJZGM0YzRjZjc4MC04OTgwLTQzODMtODRlNS0xZTc2OGM1ODg0MWb7+4Z2ZXJzaW9uwvs="
.spotxchange.com/	1970-01-20 10:41:15	Name: audience Value: 1a0a6a7a-b803-11ed-8c85-1a8a1b120103
.adsrvr.org/	1970-01-20 18:47:58	Name: TDID Value: 1ca22d85-a644-4e66-8f3f-1e0f170dc8d0
.mathtag.com/	1970-01-20 19:26:51	Name: uuid Value: 797363fe-ff5a-4d00-a701-40dbf1f2bf2a
.pubmatic.com/	1970-01-20 10:02:22	Name: KTPCACOOKIE Value: YES
.adnxs.com/	1970-01-20 12:10:31	Name: uuid2 Value: 8721401424237650012
.admanmedia.com/	1970-01-20 10:21:05	Name: ac_r Value: CS5
.bidswitch.net/	1970-01-20 18:46:31	Name: tuuid_lu Value: 1677655898
.pubmatic.com/	1970-01-20 12:10:31	Name: SyncRTB3 Value: 1678838400%3A220
.pubmatic.com/	1970-01-20 18:46:31	Name: KADUSERCOOKIE Value: 2FBA8A64-B156-4CFE-B8E0-524E1D2B6A16
.tapad.com/	1970-01-20 11:27:19	Name: TapAd_3WAY_SYNCS Value:
.yahoo.com/	1970-01-20 18:46:53	Name: A3 Value: d=AQABBFr__mMCECKfL7FWnrUtXBVXFyX6bdYFEgEBAQFQAGQIZAAAAAAA_eMAAA&S=AQAAAqlA5D6Kjmm9LYgGXxhwxM0
.rlcdn.com/	1970-01-20 18:46:31	Name: rlas3 Value: xehXXggG9x6lKV9e29/kP5+yylrV/3FC0Ixk5UdEJgY=
.theadex.com/	1970-01-20 12:10:31	Name: axd Value: 4321118274896255212
.rlcdn.com/	1970-01-20 11:27:19	Name: pxrc Value: CNr++58GEgUI6AcQABIFCOhHEAA=
.smartadserver.com/	1970-01-20 19:31:10	Name: pid Value: 7274724299680949077
.cesajiol.com/	1970-01-20 19:22:31	Name: __gads Value: ID=ca41cb2229d662e4:T=1677655897:S=ALNI_MbscTdbDhybihl6ZGA0RBjhBmaPKQ
.cesajiol.com/	1970-01-20 19:22:31	Name: __gpi Value: UID=000009c5ec63e127:T=1677655897:RT=1677655897:S=ALNI_MZHnn2_DK8KgWucv4OcxzBBKa_jBw
.richaudience.com/	1970-01-20 10:44:07	Name: pdid Value: 5f114033-26cf-4988-aaf9-1zz1677655898
.pippio.com/	1970-01-20 18:46:31	Name: did Value: r-ewiQu7eczCjtA4
.pippio.com/	1970-01-20 18:46:31	Name: didts Value: 1677655898
.pippio.com/	1970-01-20 11:27:19	Name: nnls Value:
.pippio.com/	1970-01-20 11:27:19	Name: pxrc Value: CNr++58GEgYIgr0rEAA=
.richaudience.com/	1970-01-20 10:00:55	Name: cmpsync Value: 1
qqel.cesajiol.com/	1970-01-20 12:10:31	Name: axd Value: 4321118274896255212
.linkedin.com/	1970-01-20 12:10:31	Name: li_sugr Value: f6bd7c91-8181-453f-930d-13ae24dfb168
.linkedin.com/	1970-01-20 18:46:31	Name: bcookie Value: "v=2&19ed301a-5b8f-4cbc-8526-818ac87f0c6c"
.linkedin.com/	1970-01-20 10:02:22	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2962:u=1:x=1:i=1677655898:t=1677742298:v=2:sig=AQEsHV-T6Qq9ge4F7o8x_L67ddi8oj_e"
.doubleclick.net/	1970-01-20 19:36:55	Name: IDE Value: AHWqTUncU1PvCeHz2kXsScRSPZUMmu2Yil90-AzLWCXhvc1TTY0PlpCqOFHEQKnsyC4
.zeotap.com/	1970-01-20 18:46:31	Name: zc Value: b15827ab-63f8-413d-5196-0e757d1fa6ac
.zeotap.com/	1970-01-20 10:02:22	Name: zsc Value: %FA%D2%06m%3C%DCJ%91wS%1E%1F%60%D2%DA%2B%90S%86wk%0E%84%A4%AC%BA%FF%124%F1%E1%0FF%F6i%91%1FM%22%D5%B2%C3%EF%7C%C1%99Rj%B4z%3A%7D~%3F%3E%E0C%BCL%F2%A2%7Cp%16%E3%DFE%B7V%DE%86%EF%C0%22%F4%27%DE%C1%2F%FF%85_Y%00%B2
.pubmatic.com/	1970-01-20 10:02:22	Name: pi Value: 157362:3
.pubmatic.com/	1970-01-20 12:10:31	Name: chkChromeAb67Sec Value: 2
.richaudience.com/	1970-01-20 12:10:31	Name: avcid-apn-uid Value: 8721401424237650012
.richaudience.com/	1970-01-20 12:10:31	Name: avcid-zeo-uid Value: b15827ab-63f8-413d-5196-0e757d1fa6ac
qqel.cesajiol.com/	1970-01-20 12:10:31	Name: tis Value:
.adsrvr.org/	1970-01-20 18:47:58	Name: TDCPM Value: CAESFAoFdGFwYWQSCwio7LbooIzNOxAFGAEgASgCMgsIkJHbobeMzTsQBTgBWgd0aGVhZGV4YAI.
.smartadserver.com/	1970-01-20 18:47:58	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 18:47:58	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.demdex.net/	1970-01-20 14:20:07	Name: demdex Value: 32340966325073532160721081448658767834
.creative-serving.com/	1970-01-20 19:22:31	Name: tuuid Value: c251008d-2395-452c-9928-5a0ac4b67532
.eyeota.net/	1970-01-20 18:47:58	Name: mako_uid Value: 1869c157d34-1b210000010a4a02
.eyeota.net/	1970-01-20 10:00:56	Name: SERVERID Value: 18946~DM
.rubiconproject.com/	1970-01-20 18:46:31	Name: audit Value: 1\|mFVHqHkj5bENpQMU4lyVKqS5Bv7H1ouoxdnNVF8ci14/zEcxEJCkqTmyPJg3vZzZ9CvVgdtJYsuC36apK4Y6zMBQn6AvuCLFcjK/1p4zD+MdOKW1qRBjyg==
.dpm.demdex.net/	1970-01-20 14:20:07	Name: dpm Value: 32340966325073532160721081448658767834
.everesttech.net/	1970-01-20 18:46:31	Name: everest_g_v2 Value: g_surferid~Y-7-WwAAATShCAAF
.adform.net/	1970-01-20 10:45:34	Name: C Value: 1
.analytics.yahoo.com/	1970-01-20 18:46:31	Name: IDSYNC Value: 199w~2a9j
.adform.net/	1970-01-20 11:27:19	Name: uid Value: 5492445682907216564
.id5-sync.com/	1970-01-20 10:00:56	Name: cf Value:
.id5-sync.com/	1970-01-20 10:00:56	Name: cip Value:
.id5-sync.com/	1970-01-20 10:00:56	Name: cnac Value:
.id5-sync.com/	1970-01-20 10:00:56	Name: car Value:
.id5-sync.com/	1970-01-20 10:00:56	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:10:31	Name: id5 Value: 36c5cd79-0c64-7850-a366-bb77c3f5a1df#1677655899782#2
.id5-sync.com/	1970-01-20 12:10:31	Name: 3pi Value: 159#1677655899936#-1499295871
.id5-sync.com/	1970-01-20 10:00:56	Name: callback Value:
.theadex.com/	1970-01-20 10:11:00	Name: tis_cxj Value: cxjeBIo2Aoo2hAKKNsIBijYEijbMAYo2EIo2FIo2NIo2Koo2GIo2sASKNg
.criteo.com/	1970-01-20 19:22:31	Name: uid Value: 4aa33e9c-89e3-47aa-a77d-1db899e65e81
.cesajiol.com/	1970-01-20 19:22:31	Name: cto_bundle Value: H4MyGl9rMnkyeGlGbW1hNUhNVXJxOUl5NXh3b3Q0SiUyQkdSVUp0YSUyRlVSZDgwU0l0b012ZCUyRnFTVUlWY0hUUkxFMjNqJTJCeVlEWGFZTDFmTVpjSXE1NkRtR3lRZGFKOGxIeWJ4cEU4UnRJcVY0R0F1TlhQYUNkelY3VjVMZjVHOWJya0FRZEdFcTd4bmpMaGNET3JYUDM5VHdlTWRKQSUzRCUzRA

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://qqel.cesajiol.com/ Message: Access to font at 'https://cdn.tudoreceitas.com/fonts/Catamaran-regular/Catamaran-regular.woff2' from origin 'https://qqel.cesajiol.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.tudoreceitas.com/fonts/Catamaran-regular/Catamaran-regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://qqel.cesajiol.com/ Message: Access to font at 'https://cdn.tudoreceitas.com/fonts/Catamaran-300/Catamaran-300.woff2' from origin 'https://qqel.cesajiol.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.tudoreceitas.com/fonts/Catamaran-300/Catamaran-300.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://qqel.cesajiol.com/ Message: Access to font at 'https://cdn.tudoreceitas.com/fonts/Catamaran-700/Catamaran-700.woff2' from origin 'https://qqel.cesajiol.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.tudoreceitas.com/fonts/Catamaran-700/Catamaran-700.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.tudoreceitas.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 467) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 467) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
javascript	error	URL: https://imasdk.googleapis.com/js/core/bridge3.558.0_en.html#goog_67448159 Message: Access to XMLHttpRequest at 'https://s.richaudience.com/vid//1677655897619/?mref=https%3A%2F%2Fqqel.cesajiol.com%2F&consentString=' from origin 'https://imasdk.googleapis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://s.richaudience.com/vid//1677655897619/?mref=https%3A%2F%2Fqqel.cesajiol.com%2F&consentString= Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://imasdk.googleapis.com/js/core/bridge3.558.0_en.html#goog_67448159 Message: Access to XMLHttpRequest at 'https://s.richaudience.com/vid//1677655897619/?mref=https%3A%2F%2Fqqel.cesajiol.com%2F&consentString=' from origin 'https://imasdk.googleapis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://s.richaudience.com/vid//1677655897619/?mref=https%3A%2F%2Fqqel.cesajiol.com%2F&consentString= Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

94b4842e4bdfc3a6e55653ffd0d35471.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
ads.creative-serving.com
adservice.google.com
api.theadex.com
assets.pinterest.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn-statics.admanmedia.com
cdn.ampproject.org
cdn.taboola.com
cdn.tudoreceitas.com
cdn0.tudoreceitas.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cs.admanmedia.com
csi.gstatic.com
dfe7a8bdbf231c74b7b0adf2c69de1a7.safeframe.googlesyndication.com
dmp.theadex.com
dpm.demdex.net
eus.rubiconproject.com
fantoly.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
log.pinterest.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pandg.tapad.com
pghub.io
pippio.com
pixel.mathtag.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
pub.admanmedia.com
pubads.g.doubleclick.net
px.ads.linkedin.com
qqel.cesajiol.com
s.richaudience.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssbsync.smartadserver.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.admanmedia.com
sync.e-planning.net
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ums.acuityplatform.com
ups.analytics.yahoo.com
usersync.gumgum.com
www.google-analytics.com
www.google.com
www.tudoreceitas.com
x.bidswitch.net
cdn.tudoreceitas.com
csi.gstatic.com
fantoly.com
s.richaudience.com
107.178.254.65
108.138.105.32
108.138.128.34
141.226.224.48
142.251.40.98
143.204.144.76
151.101.193.44
151.101.2.49
151.101.64.84
162.19.138.117
162.248.18.37
168.119.149.178
172.98.26.246
173.223.56.249
18.207.57.90
185.15.245.80
185.15.245.82
185.167.164.43
192.35.249.138
199.187.193.181
199.187.193.182
216.200.232.249
23.3.115.102
23.66.193.23
2600:141b:13:785::1931
2600:1f18:4e9:5a07:d5b4:f192:17b5:1772
2602:803:c002:200::52
2606:4700:10::ac43:db6
2606:4700:3034::ac43:dd90
2606:4700:3036::6815:190f
2607:f8b0:4004:c1d::9b
2607:f8b0:4006:806::200a
2607:f8b0:4006:809::2001
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2004
2607:f8b0:4006:81c::2006
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2002
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:1ec:21::14
2a02:6ea0:c400::11
2a02:6ea0:c400::12
3.213.224.199
3.232.64.79
34.102.243.38
34.111.113.62
35.190.60.146
35.211.178.172
35.241.45.217
52.21.186.137
52.223.40.198
52.45.33.138
54.83.15.219
68.67.160.186
68.67.161.182
69.90.254.78
74.119.119.139
75.2.45.24
76.13.32.147
8.2.110.24
8.2.110.31
8.28.7.81
8.28.7.82
8.28.7.84
8.43.72.98
80.77.87.162
0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fdbc83bc184320290713f3989d6d3cd9bca70d213d1c1e71ab3e9ee80a6a49
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0a70be2d5a66d0222edcfd5f94072357ebfb1a48ededc320bb7f8a2cb427493e
1890d415ac827e8aead740f82ea2d755bcf99e633ce77e52a256991305304ef4
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1c0453d35fc761f165a6460e1c56b85214786aeb8a11e3c0068dd70b2854f53b
1cc925dfa2049d93b2a99f5b6b6025666de826479d8848d1d1fd5406f07c150a
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
230384701c004a306ac4968f841dfb024d89f39bcaa45d9986dce72250039d89
23f768d4ab889193f108749db669e9e00c3831b65bcc13ae9ce2472212055232
24434c0b64a02710885ca0978d684eccff4e3de5238ad6235c4fe5b6135bff6a
2705f033520e1236ff6f884149000364483f5c810dd60bdad565a97138edbf79
2c7a8494fcaa9a81f7cebf6d4189f8b62eeaf0a858aac70c4f646450ecb70ca0
2dae7df42d459fe426ad90dac397df2c5bf7863457cba4c8991b13d73be856c0
2e51ac12c8b522ed90a95ff61de814e3a6dcfbb3e87c555459e9b670bd06ea03
2faa27a0a4c49644174845ad4f0471008bc7f6b3b35013e7dc9e321f8276af07
32fbd500d74702319fd3db2c3327a8fb798adb44589ab8e94f911247bba481da
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9
3d882e2127733190431c42f0080c83294fd9bf7cf151bdecd0fcdaf6fc485a99
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef3bf5cd2001b3d0fe22781e9fcbfe840aadef9ae3631173d0451356dc7123a
3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
43819a0959568c295808f7f6ee23674b6c5f032706b4e2a59819522ff59f550c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4856b97dee27faa128f4f8a747517ba6fd6aea766f002850127c9eb07e74cb34
4c4dd9da85d2c579e92c0691d3f4087ef986a96e8ae041c00bd2ad5e659fe168
52cd4f924b7fbfed6999e8bc53705503b618e01689ce67943ee32a4a3ce03506
557caa3d755d8e83b8a237b82a806fe388c948e485be12c621208f04626cc448
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59b45f14285c4aeadef95ddba1cb7101782bffadccd75b26815d13cad26288fd
5ac3fbdd02c33b8389f57c4b1aa47d416b81399cf056f27433d711099d6d78b4
5ce1d7a2f02c3b2ab50e549c12c75686d5fed9370844ade4692d6f5f5d5dd923
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aea536ea3e5fd5ece17b6a1db7a3022b4bbe3a33bd2890c9116105437e819e5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e8f128b01ba68dcfdc212758efdd805fa0a38585cf781400bddd050dc27dc35
6f9b6fc643153cca46a9ac3ca361b1308b112a2b473a51a7f070b3c518adc810
6fcd616b15d8de71bbe34b63e0ede039067d3aa561e29df4514d59a036fcb322
70903ce61eca5ff9ac7f18943c0e9ed2482fbd5c1017308b936e1fdf186093ae
72b939603335ab51e59f11daf0f9e6bef4dd1b7bf8d371cebabe0036763796e0
731f13bd859ad5c054adba1d51262daaad1a35a47334b191748033504b298fb1
73ea15885cc5fb0887a4fb1528e4d62b4e15840d1f97b3da8e674c07ba17ba49
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75fb77de27c51cfe55196d2cd5865e58629f449f9792e16d329524b02bd6d867
78604ce54331fd308e90d992e81e3fb8f53d5db63f0d58e45f2a5b1ace6fbe3c
7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73
7f6bb4b03a78640219127af6919938631175b162fd6801a35cdfe0ace3e41d73
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
844e2c0e1d59305d8319ad7814dd278853e59ec2ba3622f5d7c6c2def6f8d367
8794ee905830304cbb023123a61c3a5adbf4f986dd446ae63adaf187cc08d679
8aa20dd701e607fe893e8702c31bdfdc1fa234d4f460401abb9f3ea94b2a389e
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d9704574ba49323dfbad263ce4233f5bad0d9354ceeb0753e0b87092840c712
8e0336810f6b3552a253f6baada3910e5e6b1cdd7dd9ca11d1b0740bbe923350
91deca0b75e434a8a8fd440dde8d9cff512ed08ffe498739c18ec0f9bea3d1cf
9238bf145c9848c481b60d6b893b3c922d2bc0b8be22d919a346c2337e899352
9f178d38ac50c5f79ef50a59ce4ae84275c9e7fe50b3bbf36907ea59f27df9fa
9fb2bdadba316568cc932b39ee9ec7150d834c380d4c971e640938a345ada602
a3b024f9e1fdff3d5059ac0c6318d88c2df3100d7d3158de859ab783d8cc79ec
a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c500adc63f0765f286343df3eb3d01ad223ebf6cc692a6167174f856207512
a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461
a823ec455738fd0d3ae5ee39cedc02d52ce4bed9db1c01b99e98c15d6e2760e9
abe120da98f61261cd1cfb4095272c74ca111dbc83cb88d1332748b04a22555b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b14fbc2623b30f2fd74fe3325434fc02f9cd13ef248ded753a74c1c13603d5f6
b7252c7eaf5c2a2deb5a7d7f20758d1a9f326dcdf022f9a76325a79bd6a842f7
b795d2e1c78f871dcd1f39441295cc724fb9809f54f694829642076fc4232a41
cff90f70dba12ef23c1f00bb5647600735792742c32a7d1a62f05d3698170290
d0a812ec28ef202fca663e618e4391f003b80ac409e13a6b3e77df11477429fc
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62
d4429ad6f10e81005ac8614cfa6fd861d329220c94dce340cd4a27af6560c463
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
e038ed997ec55194e0bc28edc588e8424109b8adfd93b65db3d7fc2056ec5f21
e3365bf35d3ea9c66850acf54130215dfb9886d8e780cb7d5513292c0b99c781
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e81cdb67cc7c818f15735876afea422ffbf1770f1258e6562f0a609dc77dca69
eb38ff2098cc22926309ef17fe90f78ac2bd298cc4864aa42adc709a49874034
ef129a28979f3731e1c5f6c83d42039488461526289dc3c1c17fe6774206f8a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f1584686b4b75a032b611b5e003d0b71edbdb440ff23dfd31078614ae1647177
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6fc500d3365c391aaf5dd9cc2487471abca87d4d9efc94e74e6c0c970520cba
fcf39d6118fda1b20004b6b9874bc2fc94b0131e92dbe7c7403fa404e80ddb5d

qqel.cesajiol.com Open in urlscan Pro 2606:4700:3036::6815:190f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

76 %HTTPS

35 %IPv6

44 Domains

79 Subdomains

48 IPs

5 Countries

2209 kBTransfer

6088 kBSize

78 Cookies

67 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qqel.cesajiol.com Open in urlscan Pro
2606:4700:3036::6815:190f Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

76 %
HTTPS

35 %
IPv6

44
Domains

79
Subdomains

48
IPs

5
Countries

2209 kB
Transfer

6088 kB
Size

78
Cookies

160 HTTP transactions
1 data transactions