controle.notisul.com.br Open in urlscan Pro
190.89.239.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://controle.notisul.com.br/
Submission: On November 16 via automatic, source certstream-suspicious (November 16th 2022, 2:06:15 am UTC) — Scanned from DE

Summary HTTP 310 Redirects Links 79 Behaviour Indicators

Summary

This website contacted 72 IPs in 13 countries across 69 domains to perform 310 HTTP transactions. The main IP is 190.89.239.42, located in Brazil and belongs to HVC-AS, US. The main domain is controle.notisul.com.br.
TLS certificate: Issued by R3 on November 16th 2022. Valid for: 3 months.

This is the only time controle.notisul.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	190.89.239.42 190.89.239.42	29802 (HVC-AS) (HVC-AS)
7	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:e79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
9	190.89.239.168 190.89.239.168	29802 (HVC-AS) (HVC-AS)
7	2606:4700::68... 2606:4700::6811:130e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700::68... 2606:4700::6812:160e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:19f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
4	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
10	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
4	185.86.139.59 185.86.139.59	201081 (SMARTADSE...) (SMARTADSERVER)
4	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
3 8	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
4	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
20	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
3 5	3.75.15.124 3.75.15.124	16509 (AMAZON-02) (AMAZON-02)
4 26	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	44.195.94.142 44.195.94.142	14618 (AMAZON-AES) (AMAZON-AES)
1 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2 2	34.253.154.173 34.253.154.173	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
6 6	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
2 2	3.120.90.28 3.120.90.28	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	176.34.148.95 176.34.148.95	16509 (AMAZON-02) (AMAZON-02)
4 6	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
1 1	124.146.215.44 124.146.215.44	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	18.159.205.223 18.159.205.223	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1 1	23.205.253.64 23.205.253.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
3	13.41.138.109 13.41.138.109	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.44 18.66.147.44	16509 (AMAZON-02) (AMAZON-02)
4	3.11.155.214 3.11.155.214	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:9000:225... 2600:9000:2251:e600:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:bf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:2600:8:9ed9:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.164.155.120 35.164.155.120	16509 (AMAZON-02) (AMAZON-02)
6 8	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:8dd0:5d99:1539:a931	16509 (AMAZON-02) (AMAZON-02)
2 3	52.94.223.167 52.94.223.167	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2600:9000:223... 2600:9000:223e:1200:3:748e:7940:93a1	() ()
1	2a02:26f0:350... 2a02:26f0:3500:595::2c79	() ()
5	2a02:26f0:350... 2a02:26f0:3500:58c::2c79	() ()
2	44.207.237.92 44.207.237.92	() ()
1	50.17.121.98 50.17.121.98	() ()
1	3.126.56.137 3.126.56.137	() ()
1	23.35.236.201 23.35.236.201	() ()
1	35.214.223.115 35.214.223.115	() ()
1	216.52.2.30 216.52.2.30	() ()
1	34.98.64.218 34.98.64.218	() ()
1	82.145.213.8 82.145.213.8	() ()
310	72

24 190.89.239.42 (Brazil)

ASN29802 (HVC-AS, US)
PTR: us134.serverdo.in

controle.notisul.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:e79 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.premiumads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 190.89.239.168 (Brazil)

ASN29802 (HVC-AS, US)
PTR: us310.serverdo.in

notisul.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:130e (United States)

ASN13335 (CLOUDFLARENET, US)

www.tempo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:160e (United States)

ASN13335 (CLOUDFLARENET, US)

tags.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19f6 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.75.15.124 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-15-124.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.184.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.94.142 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-94-142.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.154.173 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-154-173.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 84.200.5.215 (Germany) 6 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.90.28 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-90-28.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.148.95 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-148-95.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::90 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.44 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.205.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-205-223.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.253.64 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-253-64.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.41.138.109 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-138-109.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-44.fra60.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.11.155.214 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-155-214.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:e600:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:2600:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.164.155.120 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-155-120.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.138 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:8dd0:5d99:1539:a931 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.167 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223e:1200:3:748e:7940:93a1 (None, )

ASN- ()

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:595::2c79 (None, )

ASN- ()

tg1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:58c::2c79 (None, )

ASN- ()

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.207.237.92 (None, )

ASN- ()

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.17.121.98 (None, )

ASN- ()

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (None, )

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.223.115 (None, )

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (None, )

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (None, )

ASN- ()

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, )

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 203 ad.doubleclick.net — Cisco Umbrella Rank: 173	196 KB
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com	329 KB
33	notisul.com.br controle.notisul.com.br notisul.com.br	698 KB
20	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28280 assets.ad4m.at — Cisco Umbrella Rank: 36321 ad4m.at — Cisco Umbrella Rank: 9541	1 MB
17	denakop.com tags.denakop.com — Cisco Umbrella Rank: 195517 cpm.denakop.com — Cisco Umbrella Rank: 204314	134 KB
14	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 209 secure.adnxs.com — Cisco Umbrella Rank: 426 acdn.adnxs.com — Cisco Umbrella Rank: 579	44 KB
14	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 439 eus.rubiconproject.com — Cisco Umbrella Rank: 541 token.rubiconproject.com — Cisco Umbrella Rank: 544 pixel.rubiconproject.com — Cisco Umbrella Rank: 307 prebid-server.rubiconproject.com Failed	16 KB
10	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
10	gstatic.com fonts.gstatic.com	215 KB
9	aniview.com tg1.aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com Failed	233 KB
9	yahoo.com 1 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 814 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416 cms.analytics.yahoo.com — Cisco Umbrella Rank: 835 ups.analytics.yahoo.com	1 KB
8	avantisvideo.com cdn.avantisvideo.com — Cisco Umbrella Rank: 22156 static.avantisvideo.com — Cisco Umbrella Rank: 22895 events1.avantisvideo.com — Cisco Umbrella Rank: 22044 cdn1.avantisvideo.com — Cisco Umbrella Rank: 26230 avm.avantisvideo.com	32 KB
7	tempo.com www.tempo.com — Cisco Umbrella Rank: 224339	56 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	6 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915 s.amazon-adsystem.com — Cisco Umbrella Rank: 279	4 KB
6	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 25235 usr.navdmp.com — Cisco Umbrella Rank: 29415 cdn.navdmp.com — Cisco Umbrella Rank: 5989 sync2.navdmp.com — Cisco Umbrella Rank: 48642 sync.navdmp.com	6 KB
6	yandex.ru 4 redirects an.yandex.ru — Cisco Umbrella Rank: 3438	1 KB
5	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 17892 api.webgains.io — Cisco Umbrella Rank: 57986	31 KB
5	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	2 KB
5	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 99097 static-de.ad4mat.net — Cisco Umbrella Rank: 135123	4 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 390 mug.criteo.com — Cisco Umbrella Rank: 2725	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	189 KB
4	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1430	2 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 45190	52 KB
3	blau.de partner.blau.de — Cisco Umbrella Rank: 106057	1 KB
3	lead-alliance.net 3 redirects www.lead-alliance.net — Cisco Umbrella Rank: 74155	1 KB
3	telefonica-partner.de 3 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 73310	934 B
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1473 u.openx.net	719 B
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 30323 ui.cleverwebserver.com — Cisco Umbrella Rank: 30427 call.cleverwebserver.com — Cisco Umbrella Rank: 31703	47 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3175 onesignal.com — Cisco Umbrella Rank: 1205	73 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 531	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 341	529 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 355	974 B
2	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6521	466 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 582	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4495	647 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 693	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 339	947 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 3075	788 B
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 723	335 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8709	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
2	premiumads.com.br tags.premiumads.com.br — Cisco Umbrella Rank: 223241	122 KB
1	opera.com t.adx.opera.com	414 B
1	lijit.com ap.lijit.com
1	loopme.me csync.loopme.me
1	pubmatic.com ads.pubmatic.com image6.pubmatic.com Failed	6 KB
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 842	610 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 57421	19 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 85917	517 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15574	689 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 2999	1 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 498	35 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 883	1012 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 857	498 B
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 8225	233 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 618	470 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11526	287 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 559	191 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 665	696 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 615	464 B
1	creativecdn.com prebid-us.creativecdn.com — Cisco Umbrella Rank: 14448	186 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	700 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	43 KB
0	1rx.io Failed tag.1rx.io Failed
0	33across.com Failed ssc-cms.33across.com Failed
0	vidoomy.com Failed vid.vidoomy.com Failed
0	contextweb.com Failed bh.contextweb.com Failed
0	technoratimedia.com Failed sync.technoratimedia.com Failed
310	69

	Domain	Requested by
26	cm.g.doubleclick.net	4 redirects 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
24	controle.notisul.com.br	controle.notisul.com.br
21	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
13	tags.denakop.com	controle.notisul.com.br tags.denakop.com
13	pagead2.googlesyndication.com	controle.notisul.com.br pagead2.googlesyndication.com tpc.googlesyndication.com 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com www.googletagservices.com
11	securepubads.g.doubleclick.net	tags.premiumads.com.br securepubads.g.doubleclick.net controle.notisul.com.br
10	ib.adnxs.com	tags.denakop.com acdn.adnxs.com player.aniview.com
10	fonts.gstatic.com	fonts.googleapis.com
9	assets.ad4m.at	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com as.ad4m.at
9	notisul.com.br	controle.notisul.com.br
8	www.google.com	3 redirects tpc.googlesyndication.com 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
7	as.ad4m.at	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com controle.notisul.com.br as.ad4m.at ad4m.at
7	www.tempo.com	controle.notisul.com.br www.tempo.com
7	fonts.googleapis.com	controle.notisul.com.br 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
6	an.yandex.ru	4 redirects
6	c2shb.pubgw.yahoo.com	tags.denakop.com
5	player.aniview.com	tg1.aniview.com player.aniview.com
5	x.bidswitch.net	3 redirects
5	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	pixel.rubiconproject.com	2 redirects
4	token.rubiconproject.com	4 redirects
4	api.webgains.io	analytics.webgains.io
4	ad4m.at	as.ad4m.at ad4m.at
4	prod-rtb.ad4mat.net	controle.notisul.com.br
4	www.googletagservices.com	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
4	cpm.denakop.com	tags.denakop.com
4	prg.smartadserver.com	tags.denakop.com
4	fastlane.rubiconproject.com	tags.denakop.com
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	track.webgains.com	as.ad4m.at
3	partner.blau.de	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
3	www.lead-alliance.net	3 redirects
3	www.telefonica-partner.de	3 redirects
2	track1.aniview.com
2	avm.avantisvideo.com	cdn1.avantisvideo.com
2	events1.avantisvideo.com
2	tag.navdmp.com	tags.premiumads.com.br tag.navdmp.com
2	cdn.avantisvideo.com	tags.premiumads.com.br cdn.avantisvideo.com
2	eus.rubiconproject.com	tags.denakop.com eus.rubiconproject.com
2	acdn.adnxs.com	tags.denakop.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	ad.doubleclick.net	2 redirects
2	b1sync.zemanta.com	2 redirects
2	match.adsrvr.org	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
2	px.ads.linkedin.com	1 redirects
2	secure.adnxs.com	2 redirects
2	rtb2-useast.e-volution.ai	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	eb2.3lift.com	2 redirects
2	match.360yield.com	2 redirects
2	onetag-sys.com	1 redirects player.aniview.com
2	rtb.openx.net	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.onesignal.com	controle.notisul.com.br cdn.onesignal.com
2	tags.premiumads.com.br	controle.notisul.com.br tags.premiumads.com.br
1	t.adx.opera.com	player.aniview.com
1	u.openx.net	player.aniview.com
1	ap.lijit.com	player.aniview.com
1	csync.loopme.me	player.aniview.com
1	ads.pubmatic.com	player.aniview.com
1	ups.analytics.yahoo.com	player.aniview.com
1	go1.aniview.com	player.aniview.com
1	tg1.aniview.com	cdn.avantisvideo.com
1	cdn1.avantisvideo.com	cdn.avantisvideo.com
1	cms.analytics.yahoo.com
1	sync.navdmp.com
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	static.avantisvideo.com	cdn.avantisvideo.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	banner.congstar.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	a.rfihub.com	1 redirects
1	match.sharethrough.com	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
1	tg.socdm.com	1 redirects
1	sync.go.sonobi.com	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
1	dsp.adkernel.com	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
1	static-de.ad4mat.net	as.ad4m.at
1	ads.yieldmo.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	pixel-sync.sitescout.com	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
1	sync.srv.stackadapt.com	1 redirects
1	cms.quantserve.com	5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
1	prebid-us.creativecdn.com	tags.denakop.com
1	call.cleverwebserver.com	controle.notisul.com.br
1	onesignal.com	cdn.onesignal.com
1	ui.cleverwebserver.com	controle.notisul.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	scripts.cleverwebserver.com	controle.notisul.com.br
1	www.googletagmanager.com	controle.notisul.com.br
0	prebid-server.rubiconproject.com Failed	player.aniview.com
0	tag.1rx.io Failed	player.aniview.com
0	image6.pubmatic.com Failed	ads.pubmatic.com
0	ssc-cms.33across.com Failed	player.aniview.com
0	vid.vidoomy.com Failed	player.aniview.com
0	bh.contextweb.com Failed	player.aniview.com
0	sync.aniview.com Failed	player.aniview.com
0	sync.technoratimedia.com Failed	player.aniview.com
310	110

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
notisul.com.br
accounts.serverdo.in
instagram.com

Subject Issuer	Validity	Valid
controle.notisul.com.br R3	`2022-11-16` - `2023-02-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
premiumads.com.br Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
notisul.com.br R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
denakop.com Cloudflare Inc ECC CA-3	`2022-11-14` - `2023-11-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2022-09-06` - `2023-09-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-10-15` - `2023-01-13`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G2	`2021-12-30` - `2023-01-31`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.avantisvideo.com Amazon	`2022-10-24` - `2023-11-21`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-27` - `2023-03-22`	6 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
loopme.com R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-18`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh

This page contains 39 frames:

Primary Page: https://controle.notisul.com.br/
Frame ID: B1DE10BEA746A2CFDE9832A9F80503FA
Requests: 132 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 2B7F7433B01019B23111CD05AB791CB8
Requests: 1 HTTP requests in this frame

Frame: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Frame ID: 4EFBB467756CE139EAEF0770364A6433
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&adk=1812271804&adf=3025194257&lmt=1668564368&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fcontrole.notisul.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668564368061&bpp=12&bdt=934&idt=186&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7748028970186&frm=20&pv=2&ga_vid=1174004212.1668564368&ga_sid=1668564368&ga_hid=1303981035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C42531705%2C44777506%2C31070969%2C44770881&oid=2&pvsid=262751075516039&tmod=81056725&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=275
Frame ID: 9409C8C1F16B6F514BD8C190FDBC2BD9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C96A8AE3B402A33E8F197D2847073978
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CE2534C221C50C34441DE34612D938B
Requests: 2 HTTP requests in this frame

Frame: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BFD5A27501282F4F11DEBBBC7438C964
Requests: 1 HTTP requests in this frame

Frame: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C4B524EDB3B8255D5145B23DA72558C0
Requests: 21 HTTP requests in this frame

Frame: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9996B477C9ED97C2C8DFCBB320D803AB
Requests: 20 HTTP requests in this frame

Frame: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C673B5B5165BAF6CB48C9371C77A40FE
Requests: 10 HTTP requests in this frame

Frame: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F8A6DC143F054536B2DCCABAAEF10759
Requests: 21 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hz8kzabswngvt943v2k4wmtxv0xykb6yseszygxps3vrm9vdcng7j2x1zjdthm6sxjqtj30t8nsj0t4rc5ktg77d30dj79m5bf9ttghz12zqe14anc8yw85bsk9xcbsknw50bx5b2ewn25v1qshzkqtff1yg3n38ke118th64sw75czmt6gtqfw77ysw9gamyznrvqj88fgkt3es0x9d163p5wera7ca2hhty0en2tfa5ckz53y2t3vcmxg3a23qvyf5z19dayqebw6jstptbwgbaq7kmjeyr1gsfjv98929t7z35tr6qhcgkkxd3kdcv34mt5zzs9c5c6vp2ecvj8fpefkpb40m9p1gm4s7p03wrsd2vhfw2f6bs4fnctrrqary63zpzkbgqqq611b0ba2faprh4062cbp062ch88009gs4w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%26client%3Dca-pub-8170966538152543%26adurl%3D
Frame ID: 0B41E74BAA2E1955DEE0B5804E03059C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AFFC7FC5F36C802F2F2F0C96ADD95DCE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 29BB4E8A0FD6BBFDA3FC3229F3BC5CAE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7D22C8FAD6AB77EF4C4277CAF45BE645
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C8D9D7D6D8B065D07FF451001E8E8946
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 11B241B18537747D9D88A850E625EB36
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2E58728AE1F3B5DC5F20CD4D189DE910
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9B2FE644AF9B3B35B807CF469A207C56
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9B69BB698B735B0A7D5B10A696C8ABD1
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Frame ID: 3CD0279DB578D9B04513F0AD49DFF863
Requests: 16 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C445E73A1F56B7BAADA1468C90EB4B3D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 03D820841ADDF02DC6F395B751410EA9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 52BD0F84A48D2FFC3090FD6C121A6DD3
Requests: 10 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 3F8984E8BC7FBDA07A5342EBF519B177
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Frame ID: B94F41240B0E16DD0964A83B50F03F11
Requests: 4 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 00C362691F6CD727F89424B191430170
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1668564375096-959030016586-006362-011-005385&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 4E8E561A04D501114A11D3A47A02E997
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1668564375096-959030016586-006362-011-005385&biddername=200&key=OPTOUT
Frame ID: 3DE65CE39B6404B4F5A0EBC4674D937A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D1%26key%3D
Frame ID: 5B28665AC284C7ACC12C0959819D43EB
Requests: 2 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D
Frame ID: 6122E8CF5AA2007C365976B2230ED1EB
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D18%26key%3D%24UID
Frame ID: 88B5569E78952D26A1F7373A22BA9355
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D23%26key%3D
Frame ID: 8451C6C20A5352CBDAF0B174CE09B42F
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25
Frame ID: 01AF2AF2C93E76723C13F51B7C29C731
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: EFDF06C0E70CAA7434B563C83393BACC
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Frame ID: 2E08FC186FED887E330E6D81CC19CD47
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Frame ID: 12BC5CD8B2FCEF40B17D95952CFFE364
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1668564375096-959030016586-006362-011-005385&biddername=105&pid=59c9148628a0612da3689288&key=48acbb0d-f4c0-45e6-a153-0f9d3f7b9aca&gdpr=1&gdpr_consent=&us_privacy=
Frame ID: 17D7123EA6B13104F96520EDB941046A
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002egIVcAAM&us_privacy=1---&ru=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D104%26pid%3D59c9148628a0612da3689288%26key%3D33XUSERID33X
Frame ID: C866D8A6935224CC2D16FD5C4D869544
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Página inicial - Notisul

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

310
Requests

87 %
HTTPS

39 %
IPv6

69
Domains

110
Subdomains

72
IPs

13
Countries

3620 kB
Transfer

8903 kB
Size

56
Cookies

79 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/notisul/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/notisul/

Search URL Search Domain Scan URL

URL: https://twitter.com/jornalnotisul

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0Q-3cS6YOYpVBCtJzEN66Q

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/
Title: Colunistas

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/a-hora-do-emprego-fernando-rodrigues/
Title: A Hora do Emprego – Fernando Rodrigues

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/agencia-de-inovacao-e-empreendedorismo-da-unisul-agetec/
Title: Agência de Inovação e Empreendedorismo da Unisul – AGETEC

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/arquitetura-criativa-jorge-henrique-de-souza/
Title: Arquitetura Criativa – Jorge Henrique de Souza

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/autoconhecimento-e-proposito-juliana-mendes/
Title: Autoconhecimento e Propósito – Juliana Mendes

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/de-hoje-em-diante-daniel-de-luca/
Title: De hoje em diante – Daniel De Luca

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/de-olho-na-vida-pe-sergio-jeremias/
Title: De Olho na Vida – Pe. Sérgio Jeremias

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/imperfeicoes-leo-rosa-de-andrade/
Title: Imperfeições – Léo Rosa de Andrade

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/inteligencia-financeira-camila-scussel/
Title: Inteligência Financeira – Camila Scussel

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/leis-e-ladainhas-felipe-de-souto-advogado/
Title: Leis e Ladainhas – Felipe de Souto – Advogado

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/luiz-henrique/
Title: Luiz Henrique

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/minha-vida-de-cao-cris-carara/
Title: Minha Vida de Cão – Cris Carara

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/nazareno-schmoeller-souza/
Title: Nazareno Schmoeller Souza

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/no-look-com-a-luque-juliana-luque/
Title: No look com a Luque – Juliana Luque

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/panorama-kessia-meurer/
Title: Panorama – Késsia Meurer

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/portugues-na-ponta-da-lingua-andrea-debiasi/
Title: Português na Ponta da Língua – Andréa Debiasi

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/rafael-andrade/
Title: Rafael Andrade

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/saude-e-bem-estar-daniel-mauricio-de-oliveira-rodrigues-naturologo-danielmor7/
Title: Saúde e Bem-estar – Daniel Maurício de Oliveira Rodrigues – Naturólogo – @danielmor7

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/saude-e-bem-estar-fernando-hellmann-naturologo/
Title: Saúde e bem-estar – Fernando Hellmann – Naturólogo

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/saude-e-bem-estar-renata-hermes-naturologa/
Title: Saúde e bem-estar – Renata Hermes – Naturóloga

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/spotlight-filmes-series-musica-e-arte-contemporanea-germaa-oliveira/
Title: Spotlight – Filmes, séries, música e arte contemporânea – Germaà Oliveira

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/tecnologia-e-educacao-fernando-darci-pitt/
Title: Tecnologia e Educação – Fernando Darci Pitt

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/zulair-fernandes/
Title: Zulair Fernandes

Search URL Search Domain Scan URL

URL: https://notisul.com.br/anuncie/
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://notisul.com.br/contato/
Title: Contato

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/luiz-henrique/para-variar-mais-um-eclipse/

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/luiz-henrique/o-eclipse-e-o-novo-tempo-que-chega/

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/luiz-henrique/corra-lola-corra/

Search URL Search Domain Scan URL

URL: https://notisul.com.br/colunistas/luiz-henrique/as-tretas-do-equinocio/

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/brasileiro-ja-pode-receber-alertas-de-desastres-naturais-por-whatsapp/
Title: Brasileiro já pode receber alertas de desastres naturais por WhatsApp

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/correios-vao-leiloar-175-mil-bens-nao-entregues-aos-destinatarios/
Title: Correios vão leiloar 175 mil bens não entregues aos destinatários

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/santa-catarina-amplia-exportacoes-de-carnes-e-faturamento-passa-de-us-31-bilhoes/
Title: Santa Catarina amplia exportações de carnes e faturamento passa de US$ 3,1 bilhões

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/vice-presidente-eleito-anuncia-mais-61-nomes-da-equipe-de-transicao/
Title: Vice-presidente eleito anuncia mais 61 nomes da equipe de transição

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/torneio-internacional-de-basquete-3x3-colocou-o-parque-diamante-energia-em-destaque-mundial/
Title: Torneio internacional de Basquete 3X3 colocou o Parque Diamante +Energia em destaque mundial

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/educacao-e-arma-de-entidades-medicas-para-conter-avanco-do-diabetes/
Title: Educação é arma de entidades médicas para conter avanço do diabetes

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/contas-de-fim-de-ano-como-se-preparar-para-o-trimestre-de-maiores-gastos/
Title: Contas de fim de ano: como se preparar para o trimestre de maiores gastos

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/associacao-de-medicos-realiza-festa-e-homenageia-profissionais/
Title: Associação de médicos realiza festa e homenageia profissionais

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/mudancas-climaticas-ja-afetam-o-meio-ambiente-no-mundo-inteiro/
Title: Mudanças climáticas já afetam o meio ambiente no mundo inteiro

Search URL Search Domain Scan URL

URL: https://notisul.com.br/seguranca/duas-pessoas-ficam-feridas-apos-capotamento-de-carro-na-br-101-em-imbituba/
Title: Duas pessoas ficam feridas após capotamento de carro na BR-101 em Imbituba

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/frente-fria-ainda-provoca-chuva-nesta-segunda-feira-em-sc/
Title: Frente fria ainda provoca chuva nesta segunda-feira em SC

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/padre-jose-livinos-jochen-vem-a-obito-neste-domingo-13/
Title: Padre José Livinos Jochen vem a óbito neste domingo (13)

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/grande-publico-e-esperado-no-torneio-internacional-de-basquete-3x3-no-parque-diamante-energia-neste-final-de-semana/
Title: Grande público é esperado no torneio internacional de basquete 3X3 no Parque Diamante +Energia neste final de semana

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/
Title: Geral

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/em-tubarao-alguns-bairros-podem-ficar-com-abastecimento-de-agua-comprometido-temporariamente/

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/estado-preve-30-meses-para-conclusao-de-ponte-apos-licitacao/
Title: Estado prevê 30 meses para conclusão de ponte após licitação

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/ii-mostra-de-tecido-acrobatico-ocorrera-neste-sabado-em-imbituba/
Title: II Mostra de Tecido Acrobático ocorrerá neste sábado em Imbituba

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/triagem-de-sangue-em-hemocentros-tera-teste-de-malaria/
Title: Triagem de sangue em hemocentros terá teste de malária

Search URL Search Domain Scan URL

URL: https://notisul.com.br/entrevistas/
Title: Entrevistas

Search URL Search Domain Scan URL

URL: https://notisul.com.br/pelo-estado/entrevista-governo-nao-e-feito-para-lucrar-mas-para-melhorar-a-vida-das-pessoas/

Search URL Search Domain Scan URL

URL: https://notisul.com.br/tag/coronavirus/
Title: Coronavírus

Search URL Search Domain Scan URL

URL: https://notisul.com.br/seguranca/
Title: Segurança

Search URL Search Domain Scan URL

URL: https://notisul.com.br/seguranca/prf-ampliara-fiscalizacao-nas-estradas-no-feriado-prolongado-do-dia-15/
Title: PRF ampliará fiscalização nas estradas no feriado prolongado do dia 15

Search URL Search Domain Scan URL

URL: https://notisul.com.br/seguranca/guarda-vidas-ja-estao-nos-principais-postos-das-cinco-praias-do-extremo-sul-do-estado/
Title: Guarda-Vidas já estão nos principais postos das cinco praias do extremo sul do Estado

Search URL Search Domain Scan URL

URL: https://notisul.com.br/seguranca/ministro-da-justica-anuncia-normalizacao-da-circulacao-nas-rodovias/
Title: Ministro da Justiça anuncia normalização da circulação nas rodovias

Search URL Search Domain Scan URL

URL: https://notisul.com.br/seguranca/policia-civil-fecha-bingo-clandestino-em-tubarao/
Title: Polícia Civil fecha bingo clandestino em Tubarão

Search URL Search Domain Scan URL

URL: https://notisul.com.br/seguranca/roubo-de-60-iphones-policia-civil-identifica-tres-autores-de-violento-crime-no-centro-de-criciuma-e-dois-sao-presos/
Title: Roubo de 60 Iphones: Polícia Civil identifica três autores de violento crime no centro de Criciúma e dois são presos

Search URL Search Domain Scan URL

URL: https://accounts.serverdo.in/aff.php?aff=57&utm_source=afiliados&utm_medium=banner&utm_campaign=notisul

Search URL Search Domain Scan URL

URL: https://notisul.com.br/opiniao/
Title: Opinião

Search URL Search Domain Scan URL

URL: https://notisul.com.br/seguranca/motorista-sofre-ameaca-com-arma-de-fogo-apos-cortar-a-frente-de-veiculo/
Title: Motorista sofre ameaça com arma de fogo após cortar a frente de veículo

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/s-o-s-forcas-armadas-salve-a-nacao-brasileira/
Title: “S.O.S. Forças Armadas, salve a nação brasileira”

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/manifestantes-permanecem-nas-ruas-em-busca-de-respostas/
Title: Manifestantes permanecem nas ruas em busca de respostas

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/relatorio-das-forcas-armadas-nao-excluiu-a-possibilidade-de-fraude-ou-inconsistencia-nas-urnas-eletronicas/
Title: Relatório das Forças Armadas não excluiu a possibilidade de fraude ou inconsistência nas urnas eletrônicas

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/defesa-encaminha-ao-tse-relatorio-de-fiscalizacao-do-sistema-eletronico-de-votacao/
Title: Defesa encaminha ao TSE relatório de fiscalização do sistema eletrônico de votação

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/manifestacao-ja-dura-10-dias-7-na-frente-do-quartel-de-tubarao/
Title: Manifestação já dura 10 dias, 7 na frente do Quartel de Tubarão

Search URL Search Domain Scan URL

URL: https://notisul.com.br/seguranca/mulher-cai-em-golpe-e-perde-r-70000-em-laguna/
Title: Mulher cai em golpe e perde R$ 700,00 em Laguna

Search URL Search Domain Scan URL

URL: https://notisul.com.br/geral/fiocruz-alerta-para-alta-de-casos-de-covid-19-em-quatro-estados/
Title: Fiocruz alerta para alta de casos de covid-19 em quatro estados

Search URL Search Domain Scan URL

URL: https://notisul.com.br/seguranca/homem-de-32-anos-e-preso-por-receptacao-em-capivari-de-baixo/
Title: Homem de 32 anos é preso por receptação, em Capivari de Baixo

Search URL Search Domain Scan URL

URL: https://notisul.com.br/esporte/
Title: Esportes

Search URL Search Domain Scan URL

URL: https://notisul.com.br/esportes/
Title: Esportes

Search URL Search Domain Scan URL

URL: https://notisul.com.br/esportes/laguna-tera-etapa-mundial-de-beach-tennis-com-expectativa-de-5-mil-atletas/

Search URL Search Domain Scan URL

URL: https://notisul.com.br/esportes/brasil-despacha-argentina-e-se-classifica-a-semi-do-mundial-de-volei/
Title: Brasil despacha Argentina e se classifica à semi do Mundial de Vôlei

Search URL Search Domain Scan URL

URL: https://notisul.com.br/esportes/cruzeiro-fica-no-1-a-1-com-criciuma-e-adia-acesso-a-serie-a/
Title: Cruzeiro fica no 1 a 1 com Criciúma e adia acesso à Série A

Search URL Search Domain Scan URL

URL: https://notisul.com.br/esportes/brasil-tem-ira-como-rival-nas-oitavas-do-mundial-de-volei-masculino/
Title: Brasil tem Irã como rival nas oitavas do Mundial de vôlei masculino

Search URL Search Domain Scan URL

URL: https://www.facebook.com/notisul
Title: Curtir

Search URL Search Domain Scan URL

URL: https://instagram.com/notisul
Title: Seguir

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 152

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOuWnXYWcqbW-JcNLSMgUu8&google_cver=1&google_push=ASkJ3FZZeU3pATMITtHHf6H3dDmwiIATCRpgLZImN88IFG8-2T2DdXmQd9nsCEaU3fxzSlvDCBrZV0swTWnYHVEbHs4NatmSIwQw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOuWnXYWcqbW-JcNLSMgUu8&google_cver=1&google_push=ASkJ3FZZeU3pATMITtHHf6H3dDmwiIATCRpgLZImN88IFG8-2T2DdXmQd9nsCEaU3fxzSlvDCBrZV0swTWnYHVEbHs4NatmSIwQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZZeU3pATMITtHHf6H3dDmwiIATCRpgLZImN88IFG8-2T2DdXmQd9nsCEaU3fxzSlvDCBrZV0swTWnYHVEbHs4NatmSIwQw&google_hm=uOcQBv9sT7G7Spgccr49KQ==

Request Chain 154

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJSElPeGugm2BAIgQkkjb7I&google_cver=1&google_push=ASkJ3Fa0ukAR9FA1fALGVwIR6HO_UNh_HL28fZnLVu476RvUm1tS_eQnaUi0EkzKBbbFwZOqykEUEP4AZAII96iYmCpJu1dEQpaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ia44Nn1fTSZuuBgV-cVlbcEbDiQ&google_push=ASkJ3Fa0ukAR9FA1fALGVwIR6HO_UNh_HL28fZnLVu476RvUm1tS_eQnaUi0EkzKBbbFwZOqykEUEP4AZAII96iYmCpJu1dEQpaE

Request Chain 155

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEH4VJGzrQ_3xjwSXrC18uCY&google_cver=1&google_push=ASkJ3FYd9mhL8-Vsc785CE6HPc01OurXsf6SnVT83lI9FlYwH-KF4yZKZliJT1nxZP3zYdW2_EMBoS2uT_HegMwKKV_EA7pR5XUh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYd9mhL8-Vsc785CE6HPc01OurXsf6SnVT83lI9FlYwH-KF4yZKZliJT1nxZP3zYdW2_EMBoS2uT_HegMwKKV_EA7pR5XUh

Request Chain 156

https://match.360yield.com/match/ebda?google_gid=CAESEO4umetryYNU68WJMQCK6dE&google_cver=1&google_push=ASkJ3Fb2fTGDmIYEZ_SrZUwfdnLgx7kRiuvMUB0Nyrpt6kD8gBthofLGFrmrZ-DjIqMDY5GZ9D7bbaqMlLj8S-9CGvpBGYqURIo HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO4umetryYNU68WJMQCK6dE&google_cver=1&google_push=ASkJ3Fb2fTGDmIYEZ_SrZUwfdnLgx7kRiuvMUB0Nyrpt6kD8gBthofLGFrmrZ-DjIqMDY5GZ9D7bbaqMlLj8S-9CGvpBGYqURIo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=YM2-Am7VS4eWPAbx6gp79A&google_push=ASkJ3Fb2fTGDmIYEZ_SrZUwfdnLgx7kRiuvMUB0Nyrpt6kD8gBthofLGFrmrZ-DjIqMDY5GZ9D7bbaqMlLj8S-9CGvpBGYqURIo

Request Chain 157

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHIeFaQ7oOSoQr31mxBbIY8&google_cver=1&google_push=ASkJ3FZageMhITUu_aSEA6N_qH5h297R6TRf-siOZz9K7zctlgvzQhzqLzzCy8wGvQXEI1UtNaJE3lTDqO6NlL0LlPmqwhpabmo HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FZageMhITUu_aSEA6N_qH5h297R6TRf-siOZz9K7zctlgvzQhzqLzzCy8wGvQXEI1UtNaJE3lTDqO6NlL0LlPmqwhpabmo&google_gid=CAESEHIeFaQ7oOSoQr31mxBbIY8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQ4NzQ5NjE4NjQ0NjYzNjQxMzY3&google_push=ASkJ3FZageMhITUu_aSEA6N_qH5h297R6TRf-siOZz9K7zctlgvzQhzqLzzCy8wGvQXEI1UtNaJE3lTDqO6NlL0LlPmqwhpabmo

Request Chain 163

https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&gdpr_pd={{IAB_CONSENT_PD}} HTTP 302
https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&gdpr_pd={{IAB_CONSENT_PD}} HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022111603061078585319323X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0

Request Chain 172

https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&gdpr_pd={{IAB_CONSENT_PD}} HTTP 302
https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&gdpr_pd={{IAB_CONSENT_PD}} HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022111603061078585319321X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0

Request Chain 180

https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&gdpr_pd={{IAB_CONSENT_PD}} HTTP 302
https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&gdpr_pd={{IAB_CONSENT_PD}} HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022111603061078585319325X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0

Request Chain 197

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEECBo_NFwTX_8nPyer1Ux0o&google_cver=1&google_push=ASkJ3FZYF8ciw6nViXp_a9KL-PqP_ZveceY4l6P9ig4whpiok4ls6npumZR8W0pld1IaiM2b_AYZUmzz5SzWhBkiWA5UniedgzL0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEECBo_NFwTX_8nPyer1Ux0o&google_cver=1&google_push=ASkJ3FZYF8ciw6nViXp_a9KL-PqP_ZveceY4l6P9ig4whpiok4ls6npumZR8W0pld1IaiM2b_AYZUmzz5SzWhBkiWA5UniedgzL0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZEpzWlpnbU4xT1Y3T3k1&google_gid=CAESEECBo_NFwTX_8nPyer1Ux0o&google_cver=1&google_push=ASkJ3FZYF8ciw6nViXp_a9KL-PqP_ZveceY4l6P9ig4whpiok4ls6npumZR8W0pld1IaiM2b_AYZUmzz5SzWhBkiWA5UniedgzL0

Request Chain 198

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOuWnXYWcqbW-JcNLSMgUu8&google_cver=1&google_push=ASkJ3FYgVNbQwd9nwfyxrnVDo5u6BoxQz_Jd4MizB4lMbjplUY8xHT8lA1IY7tTq7w9IZhRulUkclxXKski6PGRRN4SRwKzjBhQT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYgVNbQwd9nwfyxrnVDo5u6BoxQz_Jd4MizB4lMbjplUY8xHT8lA1IY7tTq7w9IZhRulUkclxXKski6PGRRN4SRwKzjBhQT&google_hm=uOcQBv9sT7G7Spgccr49KQ==

Request Chain 199

https://d5p.de17a.com/cookies/google?google_gid=CAESEC6K7gmFaId2ThTlD-YBKwY&google_cver=1&google_push=ASkJ3FanatAo7j-HxrzWuI8kAhsFYFAqotNu3xol50yhygzBe6-P0odzWSfgElz2LTgFLb_dVJsVuNazTnlKpHz7Y0cj-7IZe3G3 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEC6K7gmFaId2ThTlD-YBKwY&google_cver=1&google_push=ASkJ3FanatAo7j-HxrzWuI8kAhsFYFAqotNu3xol50yhygzBe6-P0odzWSfgElz2LTgFLb_dVJsVuNazTnlKpHz7Y0cj-7IZe3G3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FanatAo7j-HxrzWuI8kAhsFYFAqotNu3xol50yhygzBe6-P0odzWSfgElz2LTgFLb_dVJsVuNazTnlKpHz7Y0cj-7IZe3G3

Request Chain 200

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMvmr1d7GOPUT_sLSwTWUIw&google_cver=1&google_push=ASkJ3FYkx636e7q6CsAy-6OklJPYPqM-UDbFnnVdJy8RLzuwXvtZXqZh_FacJE85TGw-g_zesD2qQpEtCYn-Tm-bwo5WLmaSNrhR HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMvmr1d7GOPUT_sLSwTWUIw&google_cver=1&google_push=ASkJ3FYkx636e7q6CsAy-6OklJPYPqM-UDbFnnVdJy8RLzuwXvtZXqZh_FacJE85TGw-g_zesD2qQpEtCYn-Tm-bwo5WLmaSNrhR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg4NDE2Mzg0ODAwNTQzMjMw&google_push=ASkJ3FYkx636e7q6CsAy-6OklJPYPqM-UDbFnnVdJy8RLzuwXvtZXqZh_FacJE85TGw-g_zesD2qQpEtCYn-Tm-bwo5WLmaSNrhR

Request Chain 203

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAmaspLaj0gTrYt9gbb0z6M&google_cver=1&google_push=ASkJ3Fac41dbNPxR1t8HjMIw0j18g1eT267SbNHjH3UVfQCy7VRpOzgGz9995EvoR2j8v71XEUZgUymP00zcNaKETXv1lx48UZRx HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEAmaspLaj0gTrYt9gbb0z6M%26google_cver%3D1%26google_push%3DASkJ3Fac41dbNPxR1t8HjMIw0j18g1eT267SbNHjH3UVfQCy7VRpOzgGz9995EvoR2j8v71XEUZgUymP00zcNaKETXv1lx48UZRx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY5NjMyNDU0NTY2OTgwOTQzMA%3D%3D&google_gid=CAESEAmaspLaj0gTrYt9gbb0z6M&google_cver=1&google_push=ASkJ3Fac41dbNPxR1t8HjMIw0j18g1eT267SbNHjH3UVfQCy7VRpOzgGz9995EvoR2j8v71XEUZgUymP00zcNaKETXv1lx48UZRx

Request Chain 205

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOVQcw5LCFxY9C1JD3sxd2g&google_cver=1&google_push=ASkJ3FYiLy1cY_eqLFC9jljAoqkoNn-15rk4kqBblmE3ZWlyVOpJWGShe-SWPlzSzE5NMS0KZT09_-Zo50JkODq9hYZEIcFBDE5G HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3FYiLy1cY_eqLFC9jljAoqkoNn-15rk4kqBblmE3ZWlyVOpJWGShe-SWPlzSzE5NMS0KZT09_-Zo50JkODq9hYZEIcFBDE5G

Request Chain 208

https://s.uuidksinc.net/match/47/?remote_uid=CAESEEeJiwZPXHFCh5D2twLYnTY&c_param1=ASkJ3FaIBfBrLLyQAsfLzrmL2Wl26D5_nHqOV9jlL64o4MXtu0XFakhqNdNZtowWVI_WQh8HiWHLb5uzigA98rvTU1DnqUoKa8o3&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FaIBfBrLLyQAsfLzrmL2Wl26D5_nHqOV9jlL64o4MXtu0XFakhqNdNZtowWVI_WQh8HiWHLb5uzigA98rvTU1DnqUoKa8o3

Request Chain 209

https://ads.yieldmo.com/exptsync?google_gid=CAESEPStSrBLfSFAvFdBTJIpyOI&google_cver=1&google_push=ASkJ3FYKstO4SaaK7yUsZsS8RYMAb3l6AIGYQw9ZuwaYhkxaGZG4kmsKhD0u3OC-vdPTWZV5gn7wAKaNTcUZhwBdRS7lCNIG_rOl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYKstO4SaaK7yUsZsS8RYMAb3l6AIGYQw9ZuwaYhkxaGZG4kmsKhD0u3OC-vdPTWZV5gn7wAKaNTcUZhwBdRS7lCNIG_rOl&google_hm=ZzQ5YTBkODBhNzBhOWQ2MDljNmQ=

Request Chain 211

https://an.yandex.ru/mapuid/google/CAESEPBk4WiuEIWWwtgbGQBixHM?ext-param=ASkJ3FaSn5Vlj7FTrXF1O7WUYU6wM-MY4E8sqOweagwx-75gOSogZEn6KLl52vWY8tqfVbAdyR-RCmMhs7MuVp1MiEuRp1UjDp-fqw&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEPBk4WiuEIWWwtgbGQBixHM?redir-setuniq=1&ext-param=ASkJ3FaSn5Vlj7FTrXF1O7WUYU6wM-MY4E8sqOweagwx-75gOSogZEn6KLl52vWY8tqfVbAdyR-RCmMhs7MuVp1MiEuRp1UjDp-fqw&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEPBk4WiuEIWWwtgbGQBixHM&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 213

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 214

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 216

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFD3Zlu8TGrfmoEPksrh1dY&google_cver=1&google_push=ASkJ3Fa7POCr_yMaWQKBvQ774AQgehwJugdRbR8gSREmvUCNxDhk-hFn-Z972xTvKFOosr5TPI0X5jUhwxI56RPtdlXxtJl-YRKtIg HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFD3Zlu8TGrfmoEPksrh1dY&google_push=ASkJ3Fa7POCr_yMaWQKBvQ774AQgehwJugdRbR8gSREmvUCNxDhk-hFn-Z972xTvKFOosr5TPI0X5jUhwxI56RPtdlXxtJl-YRKtIg&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3Fa7POCr_yMaWQKBvQ774AQgehwJugdRbR8gSREmvUCNxDhk-hFn-Z972xTvKFOosr5TPI0X5jUhwxI56RPtdlXxtJl-YRKtIg&google_hm=NEdQc0RHdnV2bzdoMGwwRzlqTHc=

Request Chain 219

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESED9tSeTH0S6Wz-kXukKf7us&google_cver=1&google_push=ASkJ3FZBGQ8Xmh401qAQhFODXdkr2rkDjkkUtA7VObynX7RXQmEB9Hk2ZfaT-yFdXDVQk9KMEVhkci2j3KRmp_N0ReLltoBoHbsZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZBGQ8Xmh401qAQhFODXdkr2rkDjkkUtA7VObynX7RXQmEB9Hk2ZfaT-yFdXDVQk9KMEVhkci2j3KRmp_N0ReLltoBoHbsZ&google_hm=WTNSRms4Q284WGdBQVBhNi1vOEFBQUFB

Request Chain 221

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEKOfp4VFy16VBXNZ-Qcwa4c&google_cver=1&google_push=ASkJ3FZmpfTb2arIEuKyHU9nGQIZcKyenqArAXdJ-Dw3-TNJ2fNDKSCnFruUJl7Z7lHpVpthb4mf7KpoSb-TYfulhCCQXKimvhqj1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ASkJ3FZmpfTb2arIEuKyHU9nGQIZcKyenqArAXdJ-Dw3-TNJ2fNDKSCnFruUJl7Z7lHpVpthb4mf7KpoSb-TYfulhCCQXKimvhqj1g&google_hm=NzI4MTM3ODIwMjQ0ODc2MTMxNg==

Request Chain 222

https://an.yandex.ru/mapuid/google/CAESEPBk4WiuEIWWwtgbGQBixHM?ext-param=ASkJ3FaIQQF2FYU0ynJLyIaPBzAnkXjFAlUOubcyhokNbWuZZvpHFEBIkBX5llEafhIkbsbuRDfMsl_NCFljv_thykqca5vXrimGY8I&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEPBk4WiuEIWWwtgbGQBixHM?redir-setuniq=1&ext-param=ASkJ3FaIQQF2FYU0ynJLyIaPBzAnkXjFAlUOubcyhokNbWuZZvpHFEBIkBX5llEafhIkbsbuRDfMsl_NCFljv_thykqca5vXrimGY8I&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEPBk4WiuEIWWwtgbGQBixHM&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 224

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 232

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidQM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQroneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPTR_NTOsfsCFXGH_QcdKJwLvA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidQM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQroneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidQM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQroneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668564371_3dd6ed60-6553-11ed-89a3-223851067267

Request Chain 253

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnotisul.com.br%2F&domain=controle.notisul.com.br&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=L7i-tXx3c24xMThMc1N1V3A4eHUwbGZzTHZValdDTWRJWUdMZDNCNlR4U21BSVEzYi9BcHR0UFBackI2L1kzdmVRayt1ZkYzdHRIMHZObEdkaThuUU81L0RoZERJL0R3cHE5bEJqbGRxNXUwWlZnT2JRUEdPK0lsL1pueFdXc2xWUlhpN01RUUtOR2k0SE5SL1hkLzNmczFQMWRCZDNkVy84MnRJeWpwbUpjOUR5Z3V5MmVGV0VaRUg0ckNiTmZhTjQ3ODBBeFZPTjd0dnlySWVCSHpFaVBrZW9RdnVWV0Y2L0Z1N3dhL1U5Q3hMMXJrVElKK1F5WnpqUUNPdG11MEJFMkQxfA&cppv=2

Request Chain 267

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKMDU3QzItMTYtQllKVA==

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM6c529IrZJ-x7Y8T9fGaw4&google_cver=1

Request Chain 269

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/eYuG3NNyVXGhx-iud1_7Xcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4556527457506293974

Request Chain 270

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Hjq0uzrsReO2X1URMYWBKg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Hjq0uzrsReO2X1URMYWBKg

Request Chain 271

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDU0NDQ4OTBiMGI4NTVmMjMxZTRjZTRhNzkwNmM2ZDU1N2FjYWM0NQ

Request Chain 272

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAJ057C2-16-BYJT

Request Chain 274

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PgL5gG3xSguuA8f3cZuW5Q&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PgL5gG3xSguuA8f3cZuW5Q

Request Chain 277

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=76211278600 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=76211278600&google_gid=CAESEJtbyA211hpE-nu-z76HS28&google_cver=1

Request Chain 278

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=1a0d6374-4595-4c00-b825-52266f04a9c9

Request Chain 303

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1668564375096-959030016586-006362-011-005385&biddername=200&key=OPTOUT

Request Chain 312

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1668564375096-959030016586-006362-011-005385&biddername=105&pid=59c9148628a0612da3689288&key=48acbb0d-f4c0-45e6-a153-0f9d3f7b9aca&gdpr=1&gdpr_consent=&us_privacy=

310 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
controle.notisul.com.br/ 442 KB
42 KB 1580ms
937ms Document
text/html 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 071c23e9405617ff3e019bd638baa0b24e78d7280b7be778a9cb5db4892882c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Nov 2022 02:06:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://controle.notisul.com.br/wp-json/>; rel="https://api.w.org/" <https://notisul.com.br/>; rel=shortlink
pragma: no-cache
server: nginx/1.20.1
vary: Accept-Encoding

GET
H2 200 style.min.css
controle.notisul.com.br/wp-includes/css/dist/block-library/ 40 KB
6 KB 325ms
302ms Stylesheet
text/css 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 14:08:03 GMT
server: nginx/1.20.1
etag: W/"5e061043-a1fb"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 styles.css
controle.notisul.com.br/wp-content/plugins/contact-form-7/includes/css/ 2 KB
812 B 326ms
303ms Stylesheet
text/css 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
last-modified: Fri, 27 Mar 2020 14:47:00 GMT
server: nginx/1.20.1
etag: W/"5e7e11e4-6d2"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
controle.notisul.com.br/wp-content/plugins/td-composer/td-multi-purpose/ 68 KB
9 KB 326ms
303ms Stylesheet
text/css 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=5a862b9d7c39671de80dd6dee389818b
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 59671205ce4d2ec4a037ba18847d2e02fddcce3eaed20a6a731161305b24aada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2020 18:29:57 GMT
server: nginx/1.20.1
etag: W/"5e7ba325-10ef8"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 94ms
26ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.8

Requested by

Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf473c4b25057def8a517e9e49edebf50fe239c6373237d92b4879c2849974e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
Origin: https://controle.notisul.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 01:23:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 02:06:07 GMT

GET
H2 200 front.min.css
controle.notisul.com.br/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 328ms
306ms Stylesheet
text/css 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.3.2
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 8c21cdf7be2219908a953d92fba153dcc7175f7ee238856bd9954da18b0e05dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 23:46:49 GMT
server: nginx/1.20.1
etag: W/"60b6c6e9-1568"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
controle.notisul.com.br/wp-content/themes/Newspaper/ 153 KB
25 KB 328ms
307ms Stylesheet
text/css 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/themes/Newspaper/style.css?ver=9.8
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: b66bd81ddd68c8a8d92e75565702cd63ca7d6af7a26fa44d6707859e64c7d8bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
last-modified: Wed, 23 Oct 2019 19:36:19 GMT
server: nginx/1.20.1
etag: W/"5db0abb3-26232"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
controle.notisul.com.br/wp-content/themes/Newspaper-child/ 463 B
377 B 329ms
308ms Stylesheet
text/css 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/themes/Newspaper-child/style.css?ver=9.8c
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 0bed32805b51f622cfceea9fccef37690edfe32a1e964e5b04fc62ac99e33fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
last-modified: Fri, 27 Mar 2020 18:49:37 GMT
server: nginx/1.20.1
etag: W/"5e7e4ac1-1cf"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 td_legacy_main.css
controle.notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 987 KB
94 KB 506ms
485ms Stylesheet
text/css 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5a862b9d7c39671de80dd6dee389818b
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: ba33741f1b945cfb71d6fe3fb60628af0cb4cce7f464f84c43f5d6457b284272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2020 18:29:55 GMT
server: nginx/1.20.1
etag: W/"5e7ba323-f6c31"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.js Show response
controle.notisul.com.br/wp-includes/js/jquery/ 95 KB
33 KB 510ms
490ms Script
application/javascript 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
last-modified: Wed, 23 Oct 2019 19:36:21 GMT
server: nginx/1.20.1
etag: W/"5db0abb5-17a69"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
controle.notisul.com.br/wp-includes/js/jquery/ 10 KB
4 KB 689ms
670ms Script
application/javascript 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
last-modified: Wed, 23 Oct 2019 19:36:21 GMT
server: nginx/1.20.1
etag: W/"5db0abb5-2748"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 advanced.js Show response
controle.notisul.com.br/wp-content/plugins/advanced-ads/public/assets/js/ 8 KB
3 KB 690ms
670ms Script
application/javascript 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/plugins/advanced-ads/public/assets/js/advanced.js?ver=1.17.8
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 76141ad9154b037fa4d1cd707e805f19eb92a511bcdef1e88c73344dd54b8228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 17:32:34 GMT
server: nginx/1.20.1
etag: W/"5e822d32-1e7c"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 front.min.js Show response
controle.notisul.com.br/wp-content/plugins/cookie-notice/js/ 8 KB
2 KB 388ms
384ms Script
application/javascript 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.0.4
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 23:46:49 GMT
server: nginx/1.20.1
etag: W/"60b6c6e9-20b3"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-emoji-release.min.js Show response
controle.notisul.com.br/wp-includes/js/ 14 KB
5 KB 389ms
386ms Script
application/javascript 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 14:08:03 GMT
server: nginx/1.20.1
etag: W/"5e061043-362a"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 74ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-90417898-1

Requested by

Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8da46706141cf58ec3ec42d737a821a9b6092dcdb911f43fcf86c43b0fdbafc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43725
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Nov 2022 02:06:07 GMT

GET
H2 200 1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac Show response
tags.premiumads.com.br/dfp/ 59 KB
20 KB 77ms
25ms Script
text/javascript 2606:4700:20::681a:e79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/dfp/1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac

Requested by

Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9d4e337f874813797b8895464a033859ecab2a195ce3d6768550de8035125a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 01:38:13 GMT
server: cloudflare
age: 88074
x-powered-by: ASP.NET
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BESQqDdMM3zUrsjdjpUI5455noE8ErFgs4N9cgSD2qAO%2BiSdQGZPMu6UfWv5V88nXN9YGUiYerccLq6%2Bk6H6V8GI0jvWoo3ei0xrzI8Ess%2FV5LG3MAyY%2Fc762hMScL8khGSnPn5v23iquEIszf%2BthF8PL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=3600
cf-ray: 76acaa63acb39177-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
54 KB 82ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e96d5a53bb7460500de8aa87f8a6af8bb211672506ba8d89bdc92b037bd78fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54967
x-xss-protection: 0
server: cafe
etag: 17109862993165746536
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 02:06:07 GMT

GET
H2 200 logo.png
controle.notisul.com.br/wp-content/themes/Newspaper-child/images/ 10 KB
10 KB 390ms
387ms Image
image/png 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.notisul.com.br/wp-content/themes/Newspaper-child/images/logo.png
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 84440ae9f8a49cd8e9d5bd08e72f42df812ce95ddde49d5b358070e462da7860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Mon, 30 Mar 2020 00:10:44 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5e813904-28df"
content-length: 10463
content-type: image/png

GET
H2 200 o-eclipse-e-o-novo-tempo-que-chega-218x150.jpeg
notisul.com.br/wp-content/uploads/2022/10/ 804 B
1015 B 1105ms
541ms Image
image/webp 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notisul.com.br/wp-content/uploads/2022/10/o-eclipse-e-o-novo-tempo-que-chega-218x150.jpeg
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: ac8bf514d00100097f14d06b124c4107d3825bd0c9467d907ec0630bc96a0cc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Wed, 19 Oct 2022 16:02:01 GMT
server: nginx/1.20.2
etag: "63501f79-324"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 804
expires: Wed, 23 Nov 2022 02:06:08 GMT

GET
H2 200 corra-lola-corra-218x150.jpg
notisul.com.br/wp-content/uploads/2022/10/ 5 KB
5 KB 1106ms
541ms Image
image/webp 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notisul.com.br/wp-content/uploads/2022/10/corra-lola-corra-218x150.jpg
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 05690f7b69a04a8171cf39119c7bbdc5dbd4530be85cdff4b56f5df1d3db5d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Mon, 03 Oct 2022 14:08:03 GMT
server: nginx/1.20.2
etag: "633aecc3-13c4"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5060
expires: Wed, 23 Nov 2022 02:06:08 GMT

GET
H2 200 as-tretas-do-equinocio-218x150.jpg
notisul.com.br/wp-content/uploads/2022/09/ 2 KB
2 KB 1113ms
549ms Image
image/webp 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notisul.com.br/wp-content/uploads/2022/09/as-tretas-do-equinocio-218x150.jpg
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 72b52854476d616830936b7a8ba4c0bdd2b81da722378f25ad5f4cd23a91ea61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Tue, 20 Sep 2022 21:34:02 GMT
server: nginx/1.20.2
etag: "632a31ca-73c"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1852
expires: Wed, 23 Nov 2022 02:06:08 GMT

GET
H2 200 afiliado-banner-300x250.gif
controle.notisul.com.br/ 24 KB
24 KB 390ms
388ms Image
image/gif 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.notisul.com.br/afiliado-banner-300x250.gif
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 0693d7fc7aad9bd58ce2ffe91a554690f7f96d4879e44d33be5cdc1adc7810b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Wed, 24 Feb 2021 21:25:09 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "6036c435-615f"
content-length: 24927
content-type: image/gif

GET
H2 200 8ae0917b30aa4cfec0e16cd6fd22ac5a Show response
www.tempo.com/wid_loader/ 915 B
651 B 153ms
102ms Script
application/javascript 2606:4700::6811:130e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tempo.com/wid_loader/8ae0917b30aa4cfec0e16cd6fd22ac5a

Requested by

Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:130e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1078de14de13c6056ea86f4bffb141bced7db929e8d3a6d646d1310ef2d9f584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 16 Nov 2022 02:06:08 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 76acaa63aaeabbd9-FRA
x-robots-tag: none
meteored-site: br
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 16 Nov 2023 02:06:08 GMT

GET
H2 200 logo-rodape.png
notisul.com.br/wp-content/uploads/2020/03/ 5 KB
5 KB 1113ms
550ms Image
image/webp 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notisul.com.br/wp-content/uploads/2020/03/logo-rodape.png
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 13bc95bee4e1c7e98adba1f117c6e6d8275906b36fbe660d950dcc04e0e5f313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Mon, 13 Apr 2020 21:17:42 GMT
server: nginx/1.20.2
etag: "5e94d6f6-125e"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4702
expires: Wed, 23 Nov 2022 02:06:08 GMT

GET
H2 200 scripts.js Show response
controle.notisul.com.br/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 185ms
185ms Script
application/javascript 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
last-modified: Fri, 27 Mar 2020 14:47:00 GMT
server: nginx/1.20.1
etag: W/"5e7e11e4-3868"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 tagdiv_theme.min.js Show response
controle.notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/js/ 223 KB
52 KB 190ms
189ms Script
application/javascript 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=9.8
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 4e8a9f91efa071fef1ae36b2178873b6c92e16a7d4a1087468e85609c2e68d85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2020 18:29:56 GMT
server: nginx/1.20.1
etag: W/"5e7ba324-37bf7"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 comment-reply.min.js Show response
controle.notisul.com.br/wp-includes/js/ 2 KB
1 KB 188ms
184ms Script
application/javascript 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-includes/js/comment-reply.min.js?ver=5.3.2
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 14:08:03 GMT
server: nginx/1.20.1
etag: W/"5e061043-951"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
controle.notisul.com.br/wp-includes/js/ 1 KB
885 B 387ms
383ms Script
application/javascript 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 14:08:03 GMT
server: nginx/1.20.1
etag: W/"5e061043-577"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 72ms
26ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.3.2

Requested by

Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 241
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 76acaa639ee89a17-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 19 Nov 2022 02:06:07 GMT

GET
H2 200 denakop.js Show response
tags.denakop.com/10432/ 45 KB
12 KB 452ms
402ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/10432/denakop.js
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84068dc240bc5f59e2550d881316e25d7954d5e2a3747fb91a3ca30a044cc74c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Nov 2022 18:38:43 GMT
server: cloudflare
etag: W/"636bf3b3-b51c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 76acaa63af9d91db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 newspaper.woff
controle.notisul.com.br/wp-content/themes/Newspaper/images/icons/ 120 KB
121 KB 529ms
529ms Font
font/woff 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?16
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/wp-content/themes/Newspaper/style.css?ver=9.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 0f74eda5ca917f0146ec28a71e0602f7a3b9dae063acfeecfe6549bdb165d47a

Request headers

Referer: https://controle.notisul.com.br/wp-content/themes/Newspaper/style.css?ver=9.8
Origin: https://controle.notisul.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Wed, 23 Oct 2019 19:36:19 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5db0abb3-1e17c"
content-length: 123260
content-type: font/woff

GET
H2 200 MuseoSans-300.ttf
controle.notisul.com.br/wp-content/themes/Newspaper-child/font/ 58 KB
58 KB 533ms
533ms Font
application/octet-stream 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/themes/Newspaper-child/font/MuseoSans-300.ttf
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 9625f2b4bfca25b70aaa98a9048a16e6fc6049fc19e7583fa7db3df65e80c170

Request headers

Referer: https://controle.notisul.com.br/
Origin: https://controle.notisul.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Wed, 25 Mar 2020 18:26:30 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5e7ba256-e7cc"
content-length: 59340
content-type: application/octet-stream

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 60ms
16ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://controle.notisul.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 455032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 19:42:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 63ms
19ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://controle.notisul.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 482787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 11:59:40 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 85ms
43ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://controle.notisul.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 112543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 18:50:24 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 71ms
33ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://controle.notisul.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:44:21 GMT
x-content-type-options: nosniff
age: 390106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 13:44:21 GMT

GET
H2 200 MuseoSans-500.ttf
controle.notisul.com.br/wp-content/themes/Newspaper-child/font/ 58 KB
58 KB 489ms
487ms Font
application/octet-stream 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.notisul.com.br/wp-content/themes/Newspaper-child/font/MuseoSans-500.ttf
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 11d37d3b34be24fa29bd7c060b053845d0ec8a2b093252b243a6974b14ad1731

Request headers

Referer: https://controle.notisul.com.br/
Origin: https://controle.notisul.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Wed, 25 Mar 2020 18:26:30 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5e7ba256-e78c"
content-length: 59276
content-type: application/octet-stream

GET
H2 200 placeholder-300x300.jpg
controle.notisul.com.br/wp-content/uploads/2019/12/ 5 KB
5 KB 467ms
466ms Image
image/jpeg 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.notisul.com.br/wp-content/uploads/2019/12/placeholder-300x300.jpg
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 73c5ba44aecd2536f60c1b51cffa23e1a986c9117db0ad04540673b1857b0f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Mon, 30 Mar 2020 07:08:38 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5e819af6-1459"
content-length: 5209
content-type: image/jpeg

GET
H2 200 agua-696x482.jpg
notisul.com.br/wp-content/uploads/2021/08/ 12 KB
12 KB 870ms
410ms Image
image/webp 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notisul.com.br/wp-content/uploads/2021/08/agua-696x482.jpg
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: d8fb0a8634238e7cbda4f0cd610086e27763e803af2039250d64482647a5f010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Sat, 28 Aug 2021 14:34:02 GMT
server: nginx/1.20.2
etag: "612a495a-2ee8"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12008
expires: Wed, 23 Nov 2022 02:06:08 GMT

GET
H2 200 captura-de-tela-2022-08-30-as-19-15-44.png
notisul.com.br/wp-content/uploads/2022/08/ 27 KB
28 KB 644ms
185ms Image
image/webp 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notisul.com.br/wp-content/uploads/2022/08/captura-de-tela-2022-08-30-as-19-15-44.png
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: e4e9e4e9c7f0efd249bcc0dd92e8dcea29c12fbcb3c1c400932bde9dbb506054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Tue, 30 Aug 2022 22:18:02 GMT
server: nginx/1.20.2
etag: "630e8c9a-6d54"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 27988
expires: Wed, 23 Nov 2022 02:06:08 GMT

GET
H2 200 o-eclipse-e-o-novo-tempo-que-chega-696x547.jpeg
notisul.com.br/wp-content/uploads/2022/10/ 5 KB
5 KB 544ms
522ms Image
image/webp 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notisul.com.br/wp-content/uploads/2022/10/o-eclipse-e-o-novo-tempo-que-chega-696x547.jpeg
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: a28c38eef6b3c31259aceb6d6bc6c4a72c850052a808fd51a0aa540a48710771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Wed, 19 Oct 2022 16:02:01 GMT
server: nginx/1.20.2
etag: "63501f79-14e0"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5344
expires: Wed, 23 Nov 2022 02:06:08 GMT

GET
H2 200 corra-lola-corra-696x464.jpg
notisul.com.br/wp-content/uploads/2022/10/ 27 KB
27 KB 545ms
523ms Image
image/webp 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notisul.com.br/wp-content/uploads/2022/10/corra-lola-corra-696x464.jpg
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 0a26ecf0bfc409eb128f277652edbfe7bcf26df39685d08c13aa06752f5d8729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Mon, 03 Oct 2022 14:08:02 GMT
server: nginx/1.20.2
etag: "633aecc2-6c74"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 27764
expires: Wed, 23 Nov 2022 02:06:08 GMT

GET
H2 200 pbjs-min.js Show response
tags.premiumads.com.br/scripts/ 344 KB
102 KB 35ms
34ms Script
application/javascript 2606:4700:20::681a:e79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220910

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d2b354c037b51c9300d20201cdbcfc135a296ae1832b559b387480dbc75668bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Oct 2022 18:18:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1658248
etag: W/"1d8e579738a5d51"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6yYW3LSWMjAhhKwtidBOhQVy3Y18zuC%2FdcWDA9mm%2B2xo64W7U1OZ8pD4KKEtnTfxC2VHsapjYhhw%2BTTJiB09IW8PrRRpiGIlGQwFoWVsp1CUFt0FGR7QoIlcmYkZYTF0XWnjX8Xec0VR9X7WBOR6Z6nDdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76acaa641d239177-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 226ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

890c14f532cceef687542b680e98c3e1c86d50ed78aa11bee6f38874fa13c023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27216
x-xss-protection: 0
server: sffe
etag: "1393 / 861 of 1000 / last-modified: 1668553677"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 16 Nov 2022 02:06:08 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
117 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6829076079046894&plah=controle.notisul.com.br&bust=31070969

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8833f7d490882a64e4f53ef446e81ddbf4962073052d526b00a35a92193061b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119174
x-xss-protection: 0
server: cafe
etag: 1244074714821168921
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 02:06:08 GMT

GET
H2 200 esporte-beach-tenis_-696x522.jpg
notisul.com.br/wp-content/uploads/2022/10/ 47 KB
47 KB 715ms
693ms Image
image/webp 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notisul.com.br/wp-content/uploads/2022/10/esporte-beach-tenis_-696x522.jpg
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 32f6cc25116802b52fe895d99da8882aad27ee2993ce7603ae6bf3c20c5e7293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Wed, 26 Oct 2022 15:14:02 GMT
server: nginx/1.20.2
etag: "63594eba-bc38"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 48184
expires: Wed, 23 Nov 2022 02:06:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 2B7F 10 KB
5 KB 83ms
23ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 18:34:01 GMT
etag: 10353107486223812946
expires: Tue, 29 Nov 2022 18:34:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ae7a1e9f54c777f16aa36391dfdc013f.js Show response
scripts.cleverwebserver.com/ 123 KB
47 KB 300ms
203ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/ae7a1e9f54c777f16aa36391dfdc013f.js
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cad8188d0867e66d1d34b614d80b1d63a19e02fdd2bdada57ed5333230117bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
x-amz-version-id: RMYGCv429zZ0dbYUd0mZZ4U1MXDDDRdC
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 01:33:32 GMT
server: cloudflare
x-amz-request-id: AMK723P4JFM9E7Z0
etag: W/"44cfb91877bc8e269c23c8c9166f0538"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 76acaa6558f99253-FRA
x-amz-id-2: M/tX6j/O3OQXl0dcjE8wccsX94tUhLCpp0ifk8lU5Ta3oIixrI3yjgkNrtLk7/KD7/qY88GuyK8=
expires: Wed, 16 Nov 2022 02:36:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 113ms
23ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90417898-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 01:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3014
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 16 Nov 2022 03:15:54 GMT

GET
H2 200 elements.png
controle.notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
4 KB 334ms
333ms Image
image/png 190.89.239.42
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5a862b9d7c39671de80dd6dee389818b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.42 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us134.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5a862b9d7c39671de80dd6dee389818b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
last-modified: Wed, 25 Mar 2020 18:29:56 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5e7ba324-10e4"
content-length: 4324
content-type: image/png

GET
H3 200 8ae0917b30aa4cfec0e16cd6fd22ac5a Show response
www.tempo.com/getwid/ Frame 4EFB 7 KB
2 KB 170ms
149ms Document
text/html 2606:4700::6811:130e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a

Requested by

Host: www.tempo.com
URL: https://www.tempo.com/wid_loader/8ae0917b30aa4cfec0e16cd6fd22ac5a

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:130e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b23e0124a72edccea04fa3cad04a8b98c1d56b85070f4b6aa556557b6f25a93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5053
cf-cache-status: EXPIRED
cf-ray: 76acaa656e3b9143-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 16 Nov 2022 02:06:08 GMT
expires: Wed, 16 Nov 2022 03:30:21 GMT
last-modified: Tue, 15 Nov 2022 13:02:48 GMT
meteored-site: br
server: cloudflare
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
700 B 76ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=controle.notisul.com.br&callback=_gfp_s_&client=ca-pub-6829076079046894&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6829076079046894&plah=controle.notisul.com.br&bust=31070969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09d1b448f2761aaf81fddcb9b7c084781936e67541485439ab4434593fa30f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 77ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controle.notisul.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 83ms
26ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controle.notisul.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9409 9 KB
4 KB 126ms
87ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&adk=1812271804&adf=3025194257&lmt=1668564368&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fcontrole.notisul.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668564368061&bpp=12&bdt=934&idt=186&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7748028970186&frm=20&pv=2&ga_vid=1174004212.1668564368&ga_sid=1668564368&ga_hid=1303981035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C42531705%2C44777506%2C31070969%2C44770881&oid=2&pvsid=262751075516039&tmod=81056725&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=275

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0132c445af5b52b87b33cb784134f9cdf719da769a94aa8271cfa781b1fb60c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 3980
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:08 GMT
expires: Wed, 16 Nov 2022 02:06:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 72ms
28ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1303981035&t=pageview&_s=1&dl=https%3A%2F%2Fcontrole.notisul.com.br%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20inicial%20-%20Notisul&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=143687730&gjid=516847523&cid=1174004212.1668564368&tid=UA-90417898-1&_gid=1303998916.1668564368&_r=1&gtm=2oub90&z=2073854432

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://controle.notisul.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 big-3.png
www.tempo.com/css/images/widget/g20/new/ Frame 4EFB 51 KB
51 KB 105ms
100ms Image
image/png 2606:4700::6811:130e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tempo.com/css/images/widget/g20/new/big-3.png
Requested by: Host: www.tempo.com
URL: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:130e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b84a9f92c3dc5f6bea4945485ec899a5b5d6fa01967b390c0b60dbfb549c7639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 12:33:27 GMT
server: cloudflare
etag: "63738717-cb31"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 76acaa66cfba9143-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52017
expires: Thu, 16 Nov 2023 02:06:08 GMT

GET
H3 200 small-1.png
www.tempo.com/css/images/widget/g20/new/ Frame 4EFB 164 B
470 B 37ms
32ms Image
image/webp 2606:4700::6811:130e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tempo.com/css/images/widget/g20/new/small-1.png
Requested by: Host: www.tempo.com
URL: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:130e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 368349d380933af2788944678efbddab8fbb1704c65a860e5813907f67381bf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
cf-cache-status: HIT
age: 8720
cf-polished: origFmt=png, origSize=40978
content-disposition: inline; filename="small-1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 164
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Nov 2022 12:33:27 GMT
server: cloudflare
etag: "63738717-a012"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 76acaa66cfbb9143-FRA
expires: Wed, 15 Nov 2023 23:40:48 GMT

GET
H3 200 small-3.png
www.tempo.com/css/images/widget/g20/new/ Frame 4EFB 330 B
637 B 47ms
33ms Image
image/webp 2606:4700::6811:130e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tempo.com/css/images/widget/g20/new/small-3.png
Requested by: Host: www.tempo.com
URL: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:130e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2980625ad01cf166c6f33b6b3a19bb3b1eb97f92f0417faa6265893ade0557d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
cf-cache-status: HIT
age: 31892
cf-polished: origFmt=png, origSize=49793
content-disposition: inline; filename="small-3.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 330
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Nov 2022 12:33:27 GMT
server: cloudflare
etag: "63738717-c281"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 76acaa670ffa9143-FRA
expires: Wed, 15 Nov 2023 17:14:36 GMT

GET
H3 200 small-2.png
www.tempo.com/css/images/widget/g20/new/ Frame 4EFB 310 B
616 B 46ms
32ms Image
image/webp 2606:4700::6811:130e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tempo.com/css/images/widget/g20/new/small-2.png
Requested by: Host: www.tempo.com
URL: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:130e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e5e010c6d9a1e946993001e7503bbe1cb6fd54b133b4dc8e4c108952fa2ba7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
cf-cache-status: HIT
age: 62619
cf-polished: origFmt=png, origSize=48870
content-disposition: inline; filename="small-2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 310
cf-bgj: imgq:85,h2pri
last-modified: Mon, 14 Nov 2022 12:22:05 GMT
server: cloudflare
etag: "637232ed-bee6"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 76acaa670ffc9143-FRA
expires: Wed, 15 Nov 2023 08:42:29 GMT

GET
H3 200 small-12.png
www.tempo.com/css/images/widget/g20/new/ Frame 4EFB 408 B
715 B 44ms
30ms Image
image/webp 2606:4700::6811:130e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tempo.com/css/images/widget/g20/new/small-12.png
Requested by: Host: www.tempo.com
URL: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:130e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95103116d2c97168d5f48ed5621a4a35902a78403963d1c791b5470b80b61be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
cf-cache-status: HIT
age: 25860
cf-polished: origFmt=png, origSize=51372
content-disposition: inline; filename="small-12.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 408
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Nov 2022 12:33:27 GMT
server: cloudflare
etag: "63738717-c8ac"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 76acaa670ffe9143-FRA
expires: Wed, 15 Nov 2023 18:55:08 GMT

GET
H3 200 pubads_impl_2022111001.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 20:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132474
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 09:36:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Nov 2023 20:42:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 188 B
131 B 73ms
24ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=controle.notisul.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e8f163427787ebe81baef46ffb9bcfd8ed5779b49a92bcb8bd544b846a60b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Wed, 16 Nov 2022 02:06:08 GMT

GET
H3 200 prebid.js Show response
tags.denakop.com/ 270 KB
83 KB 59ms
36ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/prebid.js
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/10432/denakop.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d881f91d620786db06755849ea5cc0a06163e406c1a98c80fd926d892ea27fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 20 Sep 2022 12:26:13 GMT
server: cloudflare
age: 2249
cf-polished: origSize=276416
etag: W/"6329b165-437c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 76acaa671969bb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 notisul.com.br.js Show response
tags.denakop.com/10432/ 193 KB
35 KB 181ms
159ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/10432/notisul.com.br.js
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/10432/denakop.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1350d8093d507d77d3da4454ca00d2d0bf279f313c497714124ea0747c021158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Nov 2022 18:38:43 GMT
server: cloudflare
etag: W/"636bf3b3-30244"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 76acaa671966bb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 53ms
29ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.3.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 760
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 76acaa671cf0692b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 19 Nov 2022 02:06:08 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
444 B 102ms
29ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-90417898-1&cid=1174004212.1668564368&jid=143687730&gjid=516847523&_gid=1303998916.1668564368&_u=YAhAAUAAAAAAACAAI~&z=1176516000

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Nov 2022 02:06:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://controle.notisul.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/ 159 B
195 B 44ms
33ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c1c39cf9067e986a9ae0011ae27b8e9d0c3ee2bb49f1fa0a6f01cc44403c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76acaa680b189253-FRA
content-type: application/javascript

GET
H2 200 web Show response
onesignal.com/api/v1/sync/bd4355f4-934b-4077-9b42-3f9ec960d382/ 3 KB
2 KB 76ms
55ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/bd4355f4-934b-4077-9b42-3f9ec960d382/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bce6fcb6948fbf6fc7a31f9b087cc4c216dd486454deb32b786903b29a9aec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
status: 200 OK
x-envoy-upstream-service-time: 20
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 4bb0eb93-e852-47cf-8c76-94ed1881a47f
x-runtime: 0.018595
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6bce6fcb6948fbf6fc7a31f9b087cc4c"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 76acaa68bd5b9a17-FRA
access-control-allow-headers: SDK-Version
expires: Wed, 16 Nov 2022 03:06:08 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
330 B 119ms
118ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.3&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fcontrole.notisul.com.br%2F&t=1668564368744&cb=0.1202281000330252

Requested by

Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 76acaa68cb92bb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 /
call.cleverwebserver.com/ 43 B
133 B 69ms
55ms Image
image/gif 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://call.cleverwebserver.com/?id=62341&c=DE&r=HE&l=138&b=Chrome&os=Win10&mob=0&v=1.28.0&ref=aHR0cHM6Ly9jb250cm9sZS5ub3Rpc3VsLmNvbS5ici8%3D&ruri=&iv=-1&ctr=DE

Requested by

Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76acaa68fbcb9253-FRA
content-length: 43
content-type: image/gif

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 63ms
31ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfe6b6cf418ee93bdc17598567bdb9ae4377a336e500c20a30aed558fe4d8178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11169
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 64ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 02:06:09 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 88ms
20ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://controle.notisul.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://controle.notisul.com.br
access-control-max-age: 600
age: 0
content-length: 0
date: Wed, 16 Nov 2022 02:06:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 89ms
21ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://controle.notisul.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://controle.notisul.com.br
access-control-max-age: 600
age: 0
content-length: 0
date: Wed, 16 Nov 2022 02:06:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 87ms
20ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://controle.notisul.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://controle.notisul.com.br
access-control-max-age: 600
age: 0
content-length: 0
date: Wed, 16 Nov 2022 02:06:09 GMT
server: ATS/9.1.10.25

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
586 B 267ms
77ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10432,1,,,!smartadserver.com,4012,1,,,!smartadserver.com,4016,1,,,!smartadserver.com,4071,1,,,!smartadserver.com,4073,1,,,!smartadserver.com,4074,1,,,!google.com,pub-8170966538152543,1,,,!adtech.com,11627,1,,,!contextweb.com,560821,1,,,!appnexus.com,2081,1,,,!appnexus.com,10528,1,,,!indexexchange.com,175407,1,,,!openx.com,537143344,1,,,!pubmatic.com,156078,1,,,!contextweb.com,558299,1,,,!aol.com,57545,1,,,!yahoo.com,57545,1,,,!rubiconproject.com,23648,1,,,!rubiconproject.com,23650,1,,,!smartahperver.com,4014,1,,,!contextweb.com,560288,1,,,!pubmatic.com,156439,1,,,!pubmatic.com,154037,1,,,!pubmatic.com,156030,1,,,!rubiconproject.com,16114,1,,,!rubiconproject.com,13132,1,,,!openx.com,537149888,1,,,!sovrn.com,257611,1,,,!appnexus.com,3703,1,,,!groundtruth.com,107,1,,,!districtm.io,101760,1,,,!appnexus.com,9763,1,,,!onetag.com,7586ca4ec84e073,1,,,!advertising.com,28246,1,,,!rubiconproject.com,11006,1,,,!google.com,pub-3769010358500643,1,,,!freewheel.tv,20393,1,,,!freewheel.tv,24377,1,,,!yahoo.com,58905,1,,,!aol.com,58905,1,,,!appnexus.com,13099,1,,,!smartadserver.com,4111,1,,,!teads.tv,24983,1,,,&rf=https%3A%2F%2Fnotisul.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=ee896be5-7d11-4a7d-827a-dfeec5b28eb2&l_pb_bid_id=2e32766be0fd57&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.09036257004885484
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 425479c18872881809013182c01afa71f16bf180b0e99bb10cc880614ba88779

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:09 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://controle.notisul.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
587 B 268ms
78ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10432,1,,,!smartadserver.com,4012,1,,,!smartadserver.com,4016,1,,,!smartadserver.com,4071,1,,,!smartadserver.com,4073,1,,,!smartadserver.com,4074,1,,,!google.com,pub-8170966538152543,1,,,!adtech.com,11627,1,,,!contextweb.com,560821,1,,,!appnexus.com,2081,1,,,!appnexus.com,10528,1,,,!indexexchange.com,175407,1,,,!openx.com,537143344,1,,,!pubmatic.com,156078,1,,,!contextweb.com,558299,1,,,!aol.com,57545,1,,,!yahoo.com,57545,1,,,!rubiconproject.com,23648,1,,,!rubiconproject.com,23650,1,,,!smartahperver.com,4014,1,,,!contextweb.com,560288,1,,,!pubmatic.com,156439,1,,,!pubmatic.com,154037,1,,,!pubmatic.com,156030,1,,,!rubiconproject.com,16114,1,,,!rubiconproject.com,13132,1,,,!openx.com,537149888,1,,,!sovrn.com,257611,1,,,!appnexus.com,3703,1,,,!groundtruth.com,107,1,,,!districtm.io,101760,1,,,!appnexus.com,9763,1,,,!onetag.com,7586ca4ec84e073,1,,,!advertising.com,28246,1,,,!rubiconproject.com,11006,1,,,!google.com,pub-3769010358500643,1,,,!freewheel.tv,20393,1,,,!freewheel.tv,24377,1,,,!yahoo.com,58905,1,,,!aol.com,58905,1,,,!appnexus.com,13099,1,,,!smartadserver.com,4111,1,,,!teads.tv,24983,1,,,&rf=https%3A%2F%2Fnotisul.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=d2a47766-9b10-4d26-985c-4537fe8be412&l_pb_bid_id=32365e7e98acaa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8885537466302786
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: beb5a92286b9f62be3f83cddca9762104e7e5b548395fc42e97e7af408556e0e

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:09 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://controle.notisul.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
816 B 265ms
76ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=9&alt_size_ids=8&rp_schain=1.0,1!denakop.com,10432,1,,,!smartadserver.com,4012,1,,,!smartadserver.com,4016,1,,,!smartadserver.com,4071,1,,,!smartadserver.com,4073,1,,,!smartadserver.com,4074,1,,,!google.com,pub-8170966538152543,1,,,!adtech.com,11627,1,,,!contextweb.com,560821,1,,,!appnexus.com,2081,1,,,!appnexus.com,10528,1,,,!indexexchange.com,175407,1,,,!openx.com,537143344,1,,,!pubmatic.com,156078,1,,,!contextweb.com,558299,1,,,!aol.com,57545,1,,,!yahoo.com,57545,1,,,!rubiconproject.com,23648,1,,,!rubiconproject.com,23650,1,,,!smartahperver.com,4014,1,,,!contextweb.com,560288,1,,,!pubmatic.com,156439,1,,,!pubmatic.com,154037,1,,,!pubmatic.com,156030,1,,,!rubiconproject.com,16114,1,,,!rubiconproject.com,13132,1,,,!openx.com,537149888,1,,,!sovrn.com,257611,1,,,!appnexus.com,3703,1,,,!groundtruth.com,107,1,,,!districtm.io,101760,1,,,!appnexus.com,9763,1,,,!onetag.com,7586ca4ec84e073,1,,,!advertising.com,28246,1,,,!rubiconproject.com,11006,1,,,!google.com,pub-3769010358500643,1,,,!freewheel.tv,20393,1,,,!freewheel.tv,24377,1,,,!yahoo.com,58905,1,,,!aol.com,58905,1,,,!appnexus.com,13099,1,,,!smartadserver.com,4111,1,,,!teads.tv,24983,1,,,&rf=https%3A%2F%2Fnotisul.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=51c95425-c5df-448a-af78-daf59dc9179f&l_pb_bid_id=431620de241d93&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5157112406443398
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 729351c1cf9749f0cdc4a7f5167c4e0593a87bcc2f6e95e431b28a8702d70203

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:09 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://controle.notisul.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 259
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
584 B 270ms
81ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10432,1,,,!smartadserver.com,4012,1,,,!smartadserver.com,4016,1,,,!smartadserver.com,4071,1,,,!smartadserver.com,4073,1,,,!smartadserver.com,4074,1,,,!google.com,pub-8170966538152543,1,,,!adtech.com,11627,1,,,!contextweb.com,560821,1,,,!appnexus.com,2081,1,,,!appnexus.com,10528,1,,,!indexexchange.com,175407,1,,,!openx.com,537143344,1,,,!pubmatic.com,156078,1,,,!contextweb.com,558299,1,,,!aol.com,57545,1,,,!yahoo.com,57545,1,,,!rubiconproject.com,23648,1,,,!rubiconproject.com,23650,1,,,!smartahperver.com,4014,1,,,!contextweb.com,560288,1,,,!pubmatic.com,156439,1,,,!pubmatic.com,154037,1,,,!pubmatic.com,156030,1,,,!rubiconproject.com,16114,1,,,!rubiconproject.com,13132,1,,,!openx.com,537149888,1,,,!sovrn.com,257611,1,,,!appnexus.com,3703,1,,,!groundtruth.com,107,1,,,!districtm.io,101760,1,,,!appnexus.com,9763,1,,,!onetag.com,7586ca4ec84e073,1,,,!advertising.com,28246,1,,,!rubiconproject.com,11006,1,,,!google.com,pub-3769010358500643,1,,,!freewheel.tv,20393,1,,,!freewheel.tv,24377,1,,,!yahoo.com,58905,1,,,!aol.com,58905,1,,,!appnexus.com,13099,1,,,!smartadserver.com,4111,1,,,!teads.tv,24983,1,,,&rf=https%3A%2F%2Fnotisul.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=1ad8a611-0b28-4d1b-9448-37b3378bb0a0&l_pb_bid_id=526e0aa69ce92d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6772784935888636
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ea0c62829fc6364d58c03041830660c3f48e1749aefbf912feafe5be2baaa92b

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:09 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://controle.notisul.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 260
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
302 B 116ms
82ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 8669bac76dfad0b29b184e01483f0b03636ae088152e2705e2739c9c5fc47d23

Request headers

Referer: https://controle.notisul.com.br/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Nov 2022 02:06:09 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://controle.notisul.com.br
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 154ms
120ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 77ea6cd9543ee9fb5f047bda390018d0e7899038ad75daff6009e1418dba77bf

Request headers

Referer: https://controle.notisul.com.br/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Nov 2022 02:06:09 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://controle.notisul.com.br
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 128ms
94ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e983c556436a2f029f6e18bc5d281e8b453f0755d8054e409b5bcab0fb41e47e

Request headers

Referer: https://controle.notisul.com.br/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Nov 2022 02:06:09 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://controle.notisul.com.br
access-control-allow-credentials: true
content-length: 66

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
716 B 53ms
18ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:09 GMT
AN-X-Request-Uuid: d108ac5d-c2ca-4e99-9115-b010a614cbb8
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controle.notisul.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
186 B 494ms
165ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://controle.notisul.com.br
date: Wed, 16 Nov 2022 02:06:09 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
565 B 221ms
89ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://controle.notisul.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
565 B 216ms
84ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://controle.notisul.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
570 B 226ms
94ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:08 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://controle.notisul.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
345 B 165ms
34ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:09 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://controle.notisul.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
716 B 51ms
18ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:09 GMT
AN-X-Request-Uuid: 9b5f68fd-fce9-4368-b3e7-946c435ce915
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controle.notisul.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
270 B 100ms
22ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166166&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:09 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://controle.notisul.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
270 B 101ms
23ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166168&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:09 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://controle.notisul.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
270 B 100ms
23ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=146448&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:09 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://controle.notisul.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
270 B 101ms
23ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166141&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:09 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://controle.notisul.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C96A 13 KB
5 KB 52ms
16ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 20:21:01 GMT
expires: Wed, 15 Nov 2023 20:21:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7CE2 783 B
1 KB 70ms
27ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

50520b4f1d8da3541facee894169d279721caefb9e340c3ee103196de04e5dfb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e6fTkC3cWQWooswFeYD03A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-e6fTkC3cWQWooswFeYD03A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:09 GMT
expires: Wed, 16 Nov 2022 02:06:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame C96A 36 KB
16 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 21:15:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7CE2 0
0 57ms
57ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=262751075516039&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C96A 0
10 B 15ms
15ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XRnRxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 131ms
130ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.3&sw=1600&sh=1200&ac=e&p=https%3A%2F%2Fcontrole.notisul.com.br%2F&t=1668564369754&cb=0.7915652284375492&aa=intext&m=Auto%20placement%20container%20not%20found

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 76acaa6f0c21bb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 139ms
138ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.3&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fcontrole.notisul.com.br%2F&t=1668564369814&cb=0.5132765936974457&aa=first

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 76acaa6f6ca9bb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 122ms
121ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.3&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fcontrole.notisul.com.br%2F&t=1668564369815&cb=0.4756814465008161&aa=scroll

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 76acaa6f6cabbb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 121ms
120ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.3&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fcontrole.notisul.com.br%2F&t=1668564369815&cb=0.07236121974418608&aa=side

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 76acaa6f6cadbb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 122ms
122ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.3&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fcontrole.notisul.com.br%2F&t=1668564369816&cb=0.5170807759847362&aa=under

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 76acaa6f6caebb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 62ms
27ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controle.notisul.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 59ms
25ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controle.notisul.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 178 KB
26 KB 304ms
304ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=262751075516039&correlator=1262719425030693&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=21715141650%3A21711708409%2Cnotisul.com.br%2Cdesktop_first%2Cdesktop_scroll%2Cdesktop_side%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90%7C970x250%7C728x180%2C160x600%7C120x600%7C120x450%2C970x90%7C728x90&ifi=2&adks=3481315008%2C2234563970%2C670937086%2C1881152403&didk=1028029885~982686237~1109336618~1265324716&sfv=1-0-40&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dcontrole%2Cnotisul%2Ccom%2Cbr%2Ccontrole.notisul.com.br%26pathname%3D%252F%26placement_name%3Dfirst%26tier%3D3%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dcontrole%2Cnotisul%2Ccom%2Cbr%2Ccontrole.notisul.com.br%26pathname%3D%252F%26placement_name%3Dscroll%26tier%3D3%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dcontrole%2Cnotisul%2Ccom%2Cbr%2Ccontrole.notisul.com.br%26pathname%3D%252F%26placement_name%3Dside%26tier%3D3%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dcontrole%2Cnotisul%2Ccom%2Cbr%2Ccontrole.notisul.com.br%26pathname%3D%252F%26placement_name%3Dunder%26tier%3D3&sc=1&cookie=ID%3D91ac088660c43abf-229fc405b2ce00d9%3AT%3D1668564368%3ART%3D1668564368%3AS%3DALNI_MasmHRUjxg57rSp4rH0BA5JjNMsVg&gpic=UID%3D00000b81c3df82f6%3AT%3D1668564368%3ART%3D1668564368%3AS%3DALNI_MZlEk_hGQrNGimHsdTYP0vR8ma1Kg&abxe=1&dt=1668564369838&lmt=1668564369&dlt=1668564367128&idt=1536&adxs=315%2C315%2C0%2C0&adys=217%2C1759%2C0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcontrole.notisul.com.br%2F&frm=20&vis=1&psz=1600x-1%7C1600x-1%7C1600x3855%7C1600x3855&msz=1600x-1%7C1600x-1%7C160x-1%7C970x-1&fws=4%2C4%2C512%2C512&ohw=1600%2C1600%2C0%2C0&ga_vid=1174004212.1668564368&ga_sid=1668564368&ga_hid=1303981035&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00206ea8d7a64b2e4a82cb324ddd7f187ac56c7176f025c42dfb2f3a6de54b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26167
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.notisul.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BFD5 6 KB
3 KB 110ms
24ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:09 GMT
expires: Thu, 16 Nov 2023 02:06:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
53ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=262751075516039&bg=!OzilOHzNAAbvMpMzzzI7ACkAdvg8WpH9TV72VmC1IBqJH-ZNcT9AadOtCWqeeK5Z2ESi897jlCuALgIAAABhUgAAAARoAQeZAqGwqtnxv30tkx_V_KaFyMnwyKuvYrJHcAeOSrIp6uy_BBoHkwlSOYS6Cja7lQ-d5XyoRaB4xUiaPTC1QWZ1IoBO8E0AcF5C-GqHuxPOmlqbuqWfWp2cnYJ3TrKsbOqcsOUDTrdY_MvGDeVj27WkLmnkBslD5Jrteet01tpSbZB8vIsoY3qGmyMQlUr7pTa26outhPnPC-nHz1M5zxS9T50-p2B64vKnsIsOkEhoej1fxKJ7u1kodyHQP1R_hCIJ7xBH4g2-gwBDAOa8aHswDVz2DpggNVDJfRRhAGrgcA-Md5lmnjiyd-XLdcgDMzzJLe-l-xm62chB6mjLfJhUVEdKW1TuRpzEap5TBKVPr550MMnoDzg3kOh5K5kwnELi20dz56lOAWOk7o4EGkh6-Dxrf9sdKxBQiI4fzlI5y_ouC5-7542BmCG8kFqBhjBAtICuQU1J4Bh0xOpznM6qf4w-LpRCJZ1qdLXUY7Mv6luOtaLD1MKlNzCSo6lRiVhV2jiNp2f1IKTKNem2w8KGmAkqFyVq11rNrPTYsIICuUTGFQ_oWIono5TMacGeeWc22l8mw1FhTUOgZa0X3Xqv5B9-c2sAXvXxy0vfZeyT8BnnTBUgApLY5S-7mH26Gz4FPtUTviNLQYKeuQqe7o8Fv4H8P2m39sa68YcGr5ag-wfajMpoGmMukleyw282bFCFovItWZX_KiaamySvx1mFVSTl6TA4brlATjN3JQKE3FlizSAde-E_dZh7sawmt0u2FNEtcqBpkKXjT53qsHYkH31OLUWqzsSmBAez6aS7__Tklf0XHeTMUamEX2X3XUmeJ9RS6prOuKqxdNP04ZAWtvYJztqr8c3izpLHEXrFUHp6EaHYkIJaDWbHXVS6jxLolt4P
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 container.html Show response
5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C4B5 6 KB
3 KB 50ms
16ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:09 GMT
expires: Thu, 16 Nov 2023 02:06:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9996 6 KB
3 KB 47ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:09 GMT
expires: Thu, 16 Nov 2023 02:06:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C673 6 KB
3 KB 42ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:09 GMT
expires: Thu, 16 Nov 2023 02:06:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8A6 6 KB
3 KB 36ms
17ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:09 GMT
expires: Thu, 16 Nov 2023 02:06:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame C4B5 5 KB
684 B 85ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500|Slabo+27px:400&lang=pt

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8f4ae76e184e925f42d30ce7d3324ee8497ecc00013d2d7455791ed3d5ccd52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 02:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 02:06:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 02:06:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C4B5 4 KB
621 B 85ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 02:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 01:17:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 02:06:10 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C4B5 35 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 17:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 17:09:57 GMT

GET
H3 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame C4B5 1 KB
757 B 26ms
17ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 05:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592479
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Nov 2023 05:31:31 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C4B5 24 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 05:29:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 592574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Nov 2023 05:29:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4B5 154 KB
48 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 02:06:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C4B5 3 KB
1 KB 25ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 15:17:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C4B5 18 KB
7 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 14:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 14:22:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C4B5 0
0 24ms
24ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoaZq92t321ljoOi7z0CPwv40ZAKgJmKC52jxHQf89H-PjIB_u-4Hb01BvsFi1U8P3kYMr0m7PRM79L9NM7fF-6wpobg
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame F8A6 5 KB
684 B 80ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500|Slabo+27px:400&lang=pt

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8f4ae76e184e925f42d30ce7d3324ee8497ecc00013d2d7455791ed3d5ccd52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 02:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 02:06:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 02:06:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F8A6 4 KB
621 B 78ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 02:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 01:55:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 02:06:10 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F8A6 35 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 17:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 17:09:57 GMT

GET
H3 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame F8A6 1 KB
757 B 25ms
17ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 05:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592479
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Nov 2023 05:31:31 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F8A6 24 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 05:29:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 592574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Nov 2023 05:29:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8A6 154 KB
47 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 02:06:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F8A6 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 15:17:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F8A6 18 KB
7 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 14:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 14:22:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F8A6 0
0 27ms
23ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT081eNGurHzpKvnXdZZE7dToV8TmzizbYvX428YY5k-0WktRetNQFYVhk_OZnJ5j74EDplb1CUA6ADA5O43CuKN-InZg
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C673 0
0 77ms
76ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CviCEkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE9gFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRwsFplkPUKvCk_aUHfbx0zzJhtKRpex9YAk1NKwf4NO2IsIh6e6TgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTgxNzA5NjY1MzgxNTI1NDMYkfNs&sigh=7CuWOs1EF7A&uach_m=[UACH]&cid=CAQSPADq26N9TMN0mQ1_RwqE7bRpSiA6-cnBKLWHA9N36lhMd92Es3EOkBPccZ9SHHzPudRh-drDiZe1rLGYbBgBIBM
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C673 0
0 114ms
23ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jaeprk2q9n3q8rc60adbjw18d9mrqtccn4q6m02fjt0zc13nmf28tm155at9yx550w3x5sjpm5nnxs83mja3c43n03g7zn14vzm50ftkthn6g7xnp107yk29d2gb8pyb6ckm4xa99fsj78xd2skrj9f2258d6cqc1ag7j56gbnnw83bw24keaw41qgwkv0bswqxzft5bq7rcezze9rm1e4pc99s8x1r7v2k4n3waretmn35mx0hd1rxk27hkhw56gr5avydmdwy8faf2rn20xz8chvr8jg4rgyp1ceyw7k0xzf8apfe4arqzr9cs29a0qdytjpm5q1zpssnp6rzxd5awr3vrzwe1n8cm3z5t0446v8z5v12hcb7hczfb2b8ek2z0dx3em&b=Y3RFkQAN3joIEePZAA4bXlK2CPoSehLcoY-r0g
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Nov 2022 02:06:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 0B41 2 KB
3 KB 115ms
27ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hz8kzabswngvt943v2k4wmtxv0xykb6yseszygxps3vrm9vdcng7j2x1zjdthm6sxjqtj30t8nsj0t4rc5ktg77d30dj79m5bf9ttghz12zqe14anc8yw85bsk9xcbsknw50bx5b2ewn25v1qshzkqtff1yg3n38ke118th64sw75czmt6gtqfw77ysw9gamyznrvqj88fgkt3es0x9d163p5wera7ca2hhty0en2tfa5ckz53y2t3vcmxg3a23qvyf5z19dayqebw6jstptbwgbaq7kmjeyr1gsfjv98929t7z35tr6qhcgkkxd3kdcv34mt5zzs9c5c6vp2ecvj8fpefkpb40m9p1gm4s7p03wrsd2vhfw2f6bs4fnctrrqary63zpzkbgqqq611b0ba2faprh4062cbp062ch88009gs4w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%26client%3Dca-pub-8170966538152543%26adurl%3D

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9de2c14cc45cba95e1a4e182eee6f307b6ff7bfd6f854af5200188f695d12904

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76acaa72dff792bd-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:10 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C673 3 KB
1 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 15:17:31 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AFFC 1 KB
643 B 21ms
16ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 14:00:55 GMT
etag: 48472445140208031
expires: Wed, 16 Nov 2022 14:00:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C673 18 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 14:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 14:22:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C673 0
0 97ms
23ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRr9HqyfpYgFoAlsh4fPVmKAoeOsonR4XcrtRAk5ofmilZetxr56i4oog3VUiRfygz6y6ViXF7YVafHr-uZu7L0qivLxg
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C673 24 KB
6 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 05:29:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 592574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Nov 2023 05:29:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C673 154 KB
47 KB 52ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 02:06:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9996 5 KB
684 B 68ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500|Slabo+27px:400&lang=pt

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8f4ae76e184e925f42d30ce7d3324ee8497ecc00013d2d7455791ed3d5ccd52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 02:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 02:06:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 02:06:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9996 4 KB
621 B 66ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 02:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 01:19:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 02:06:10 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9996 35 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 17:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 17:09:57 GMT

GET
H3 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame 9996 1 KB
757 B 25ms
16ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 05:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592479
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Nov 2023 05:31:31 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9996 24 KB
6 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 05:29:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 592574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Nov 2023 05:29:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9996 154 KB
47 KB 70ms
62ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 02:06:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9996 3 KB
1 KB 24ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 15:17:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9996 18 KB
7 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 14:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 14:22:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9996 0
0 30ms
24ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSR0S2cbRqNOT-zELuVx92eIU2k8ucHmYnIFVE6c4g7dKaDP6w_bFV7FvUNvC7q7Pr_44DL89VfyFxlFnF4uvkvJUC_uw
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C673 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e20ddcf85ef93d6ce4baec96216bc53a866c79b7920215578b373699834d0302

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame AFFC 35 B
464 B 121ms
32ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFCq-u9gTJtf68rovLsjkXE&google_cver=1&google_push=ASkJ3FZo9ZJPWesEot7cOvfi02dF4cMt6__MQOQMokboiq_R8W080MtpGZpIkQOzivMFyPmPXZMlx3HWGWoDenRh2pWlGEs0ixrg

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFFC
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOuWnXYWcqbW-JcNLSMgUu8&google_cver=1&google_push=ASkJ3FZZeU3pATMITtHHf6H3dDmwiIATCRpgLZImN88IFG8-2T2DdXmQd9nsCEaU3fxzSlvDCBrZV0swTWnYHVEbHs4N...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOuWnXYWcqbW-JcNLSMgUu8&google_cver=1&google_push=ASkJ3FZZeU3pATMITtHHf6H3dDmwiIATCRpgLZImN88IFG8-2T2DdXmQd9nsCEaU3fxzSlvDCBrZV0swTWnYHV...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZZeU3pATMITtHHf6H3dDmwiIATCRpgLZImN88IFG8-2T2DdXmQd9nsCEaU3fxzSlvDCBrZV0swTWnYHVEbHs4NatmSIwQw&google_hm=uOcQBv9sT7G7Spgccr49KQ==

170 B
188 B

28ms
27ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZZeU3pATMITtHHf6H3dDmwiIATCRpgLZImN88IFG8-2T2DdXmQd9nsCEaU3fxzSlvDCBrZV0swTWnYHVEbHs4NatmSIwQw&google_hm=uOcQBv9sT7G7Spgccr49KQ==

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZZeU3pATMITtHHf6H3dDmwiIATCRpgLZImN88IFG8-2T2DdXmQd9nsCEaU3fxzSlvDCBrZV0swTWnYHVEbHs4NatmSIwQw&google_hm=uOcQBv9sT7G7Spgccr49KQ==
date: Wed, 16 Nov 2022 02:06:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame AFFC 43 B
351 B 85ms
25ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEG0ScaZEjFSEDD1BqcMKc7E&google_cver=1&google_push=ASkJ3FZ_qv7w_wlwVZx88GReC3_Biykldm3j-1DvWbN5UMKHRhVPERR7cWXUX8yxHP4E8yhibG2euhQZSkCMSWi60n_lNfZ8gf9t
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:09 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vbrdbker5mt3boac8dvi5lkb74a11b15

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFFC
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJSElPeGugm2BAIgQkkjb7I&google_cver=1&google_push=ASkJ3Fa0ukAR9FA1fALGVwIR6HO_UNh_HL28fZnLVu476RvUm1tS_eQnaUi0EkzKBbbFwZOqykEUEP4AZAII96i...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ia44Nn1fTSZuuBgV-cVlbcEbDiQ&google_push=ASkJ3Fa0ukAR9FA1fALGVwIR6HO_UNh_HL28fZnLVu476RvUm1tS_eQnaUi0EkzKBbbFwZOqykEUEP4AZAII96...

170 B
188 B

27ms
27ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ia44Nn1fTSZuuBgV-cVlbcEbDiQ&google_push=ASkJ3Fa0ukAR9FA1fALGVwIR6HO_UNh_HL28fZnLVu476RvUm1tS_eQnaUi0EkzKBbbFwZOqykEUEP4AZAII96iYmCpJu1dEQpaE

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ia44Nn1fTSZuuBgV-cVlbcEbDiQ&google_push=ASkJ3Fa0ukAR9FA1fALGVwIR6HO_UNh_HL28fZnLVu476RvUm1tS_eQnaUi0EkzKBbbFwZOqykEUEP4AZAII96iYmCpJu1dEQpaE
Date: Wed, 16 Nov 2022 02:06:10 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFFC
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEH4VJGzrQ_3xjwSXrC18uCY&google_cver=1&google_push=ASkJ3FYd9mhL8-Vsc785CE6HPc01OurXsf6SnVT83lI9FlYwH-KF4yZKZliJT1nxZP3zYdW2_EMBoS2uT_He...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYd9mhL8-Vsc785CE6HPc01OurXsf6SnVT83lI9FlYwH-KF4yZKZliJT1nxZP3zYdW2_EMBoS2uT_HegMwKKV_EA7pR5XUh

170 B
188 B

65ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYd9mhL8-Vsc785CE6HPc01OurXsf6SnVT83lI9FlYwH-KF4yZKZliJT1nxZP3zYdW2_EMBoS2uT_HegMwKKV_EA7pR5XUh

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYd9mhL8-Vsc785CE6HPc01OurXsf6SnVT83lI9FlYwH-KF4yZKZliJT1nxZP3zYdW2_EMBoS2uT_HegMwKKV_EA7pR5XUh
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFFC
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEO4umetryYNU68WJMQCK6dE&google_cver=1&google_push=ASkJ3Fb2fTGDmIYEZ_SrZUwfdnLgx7kRiuvMUB0Nyrpt6kD8gBthofLGFrmrZ-DjIqMDY5GZ9D7bbaqMlLj8S-9CGvpBGY...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO4umetryYNU68WJMQCK6dE&google_cver=1&google_push=ASkJ3Fb2fTGDmIYEZ_SrZUwfdnLgx7kRiuvMUB0Nyrpt6kD8gBthofLGFrmrZ-DjIqMDY5GZ9D7bbaqMlLj8S-9C...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=YM2-Am7VS4eWPAbx6gp79A&google_push=ASkJ3Fb2fTGDmIYEZ_SrZUwfdnLgx7kRiuvMUB0Nyrpt6kD8gBthofLGFrmrZ-DjIqMDY5GZ9D7bbaqMlLj8S-9...

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=YM2-Am7VS4eWPAbx6gp79A&google_push=ASkJ3Fb2fTGDmIYEZ_SrZUwfdnLgx7kRiuvMUB0Nyrpt6kD8gBthofLGFrmrZ-DjIqMDY5GZ9D7bbaqMlLj8S-9CGvpBGYqURIo

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=YM2-Am7VS4eWPAbx6gp79A&google_push=ASkJ3Fb2fTGDmIYEZ_SrZUwfdnLgx7kRiuvMUB0Nyrpt6kD8gBthofLGFrmrZ-DjIqMDY5GZ9D7bbaqMlLj8S-9CGvpBGYqURIo
access-control-allow-origin: *
date: Wed, 16 Nov 2022 02:06:10 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFFC
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHIeFaQ7oOSoQr31mxBbIY8&google_cver=1&google_push=ASkJ3FZageMhITUu_aSEA6N_qH5h297R6TRf-siOZz9K7zctlgvzQhzqLzzCy8wGvQXEI1UtNaJE3lTDqO6NlL0LlPmqwhpabmo
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FZageMhITUu_aSEA6N_qH5h297R6TRf-siOZz9K7zctlgvzQhzqLzzCy8wGvQXEI1UtNaJE3lTDqO6NlL0LlPmqwhpabmo...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQ4NzQ5NjE4NjQ0NjYzNjQxMzY3&google_push=ASkJ3FZageMhITUu_aSEA6N_qH5h297R6TRf-siOZz9K7zctlgvzQhzqLzzCy8wG...

170 B
188 B

27ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQ4NzQ5NjE4NjQ0NjYzNjQxMzY3&google_push=ASkJ3FZageMhITUu_aSEA6N_qH5h297R6TRf-siOZz9K7zctlgvzQhzqLzzCy8wGvQXEI1UtNaJE3lTDqO6NlL0LlPmqwhpabmo

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQ4NzQ5NjE4NjQ0NjYzNjQxMzY3&google_push=ASkJ3FZageMhITUu_aSEA6N_qH5h297R6TRf-siOZz9K7zctlgvzQhzqLzzCy8wGvQXEI1UtNaJE3lTDqO6NlL0LlPmqwhpabmo
date: Wed, 16 Nov 2022 02:06:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AFFC 0
223 B 79ms
24ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ilnv19XAdsFgS90GmlHlh7emV-ujNi8bG9xNa25agGL7jujUaTFUDyC3khdy0e1I7HNArD

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 9996 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9996 0
0 66ms
62ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbvQokUV0Y7m8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAcgDAqoE_wFP0PT-AtmHjOXAbGhvfJUnTzA0calU44ggIfhhJl04fNeUjY8wp_lrydQBc7f5GKUg1h9pkEx2rwcnKJDn6bW-2VpoLCpZTEGUyEw3PtRW0ETVsBHewIov18Js38FkrOc17ML4RZ1tLY_r2ufkYd12MKB5v-DaU70oySrOhk6StxKMrOeb4rJmy8QyOhVXFbHa8sRY1s_6pLkBZ4IkdSnUkDmXJsrSReliNfZAxmde6w20nwDNGQzZ0-l9quCcKCqpOn0OKw5q3TINO7BHqXjfhGYBuvAsaAWJhCdI64f4dFeznrPboWDjKAbnBWYVSA53DBaoTKPViDz38EqPaDvgBAGABrmFkN37tMXPxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTgxNzA5NjY1MzgxNTI1NDMYkfNs&sigh=Tkkji7Jj0_Q&uach_m=[UACH]&cid=CAQSPADq26N9TMN0mQ1_RwqE7bRpSiA6-cnBKLWHA9N36lhMd92Es3EOkBPccZ9SHHzPudRh-drDiZe1rLGYbBgBIBM
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 9996 0
0 30ms
27ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h8p6bcmpy92fvy03wk003bc42ed765rjme6cazwbt7b1p38y4zx9gdr0gaeyrqwzx34a7skrs6neg8tn66h6f45bndx4nje2m39qpgr7nk4hg31htyk6n1jtvmhkb6t6zrr3v0hb3sz6rss59hxd1jsvp6f7x2c5x1fa140hx7h8bctpe8ve8amcfmqbyahqg1bewf0hdh18rceta76pcw9tmewa12mb44pxnx315dwyx8anfps0hecbb7gne0gzyftrbwcsj84y5vs5dnvnky6vkwr0xzq856nfeg9w8ke7s7dc1gt4vtav1p86x1vnfr77wk7fjw01b3amrc29qbsb66r0ws8z73yxwd4czn0brnpz5b0jtm47kg9h9t9j6sre2vt&b=Y3RFkQAN3jkIEePZAA4bXulN9BeHVu_TGoZeGg
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Nov 2022 02:06:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 204 dai
as.ad4m.at/ad/ Frame 9996 0
0 36ms
33ms Fetch 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dai?ed=1gwzr02kjrf5xetf4jddy760zxjbyrramzt6nbc55p5p80xkzp6nvqddy50m5g68fe0wpyvcfh6pebppp26xtkt8kj6y7256rsdhha0dwscdmwj84q61g6ck18wwaxs62h7farq9vq0rts66zzws0rd7r4s333n0t5vjen1skt1bh136zb5vq0958pz266axj9s1c0zxmse3mkefjrx5fej6jp2nn7vzrqb22sfgfsey8624fp2mk5909k0h5tkkxvqsw

Requested by

Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 76acaa72dfff92bd-FRA
expires: 0

GET
H/1.1

200
OK

/ Show response
partner.blau.de/a/ Frame 9996
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONS...
https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022111603061078585319323X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtet...

49 B
387 B

192ms
42ms

Fetch
image/gif

78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022111603061078585319323X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 02:06:10 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022111603061078585319323X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0
date: Wed, 16 Nov 2022 02:06:10 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9996 0
0 56ms
54ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWyb4kUV0Y7m8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE_wFP0PT-AtmHjOXAbGhvfJUnTzA0calU44ggIfhhJl04fNeUjY8wp_lrydQBc7f5GKUg1h9pkEx2rwcnKJDn6bW-2VpoLCpZTEGUyEw3PtRW0ETVsBHewIov18Js38FkrOc17ML4RZ1tLY_r2ufkYd12MKB5v-DaU70oySrOhk6StxKMrOeb4rJmy8QyOhVXFbHa8sRY1s_6pLkBZ4IkdSnUkDmXJsrSReliNfZAxmde6w20nwDNGQzZ0-l9quCcKCqpOn0OKw5q3TINO7BHqXjfhGYBuvAsaAWJhCdI64f4dFeznrPboWDjKAbnBWYVSA53DBaoTKPViDz38EqPaDvgBAGABrmFkN37tMXPxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTgxNzA5NjY1MzgxNTI1NDMYkfNs&sigh=usRo6e7jrXs&uach_m=[UACH]&cid=CAQSPADq26N9TMN0mQ1_RwqE7bRpSiA6-cnBKLWHA9N36lhMd92Es3EOkBPccZ9SHHzPudRh-drDiZe1rLGYbBgBIBM&vt=10
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 6E8750F05C8DCCAFD1C5BB688D8FE1C9702B98D11E9234F16838BE75150D09C6DC2E7A6036A8476E8DDDAD3FE345C6811055EBB8AC0E32309F70F1BAF95E0C4B
assets.ad4m.at/ Frame 9996 17 KB
18 KB 41ms
27ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/6E8750F05C8DCCAFD1C5BB688D8FE1C9702B98D11E9234F16838BE75150D09C6DC2E7A6036A8476E8DDDAD3FE345C6811055EBB8AC0E32309F70F1BAF95E0C4B
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97413a5a8027ce9bbe4e83a4db458516ff78d43be872c71873142c06498df6eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1920397
cf-polished: qual=85, origFmt=jpeg, origSize=48076
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17570
cf-bgj: imgq:85,h2pri
last-modified: Wed, 12 Feb 2020 14:13:31 GMT
server: cloudflare
etag: "63ea024dab5323405c9cb9e6a41128b3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSgejp7MB5XuutVbVTlhESFN%2BwL4kG818WjfmBWfrbSzyHz4V7FgGh%2FBLOImK8sRTA8wUWHQ9qjXJWRbDMDx%2F9qzaYxuerbMrWm7p1OQ%2BCNzN1q%2BjILbBLL7ePAnylGj%2F2cSjwFvj4oHlTj0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76acaa72f81b92bd-FRA
expires: Thu, 17 Nov 2022 02:06:10 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9996 15 KB
15 KB 49ms
16ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500|Slabo+27px:400&lang=pt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 455035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 19:42:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9996 16 KB
16 KB 52ms
19ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500|Slabo+27px:400&lang=pt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 482790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 11:59:40 GMT

GET
DATA 200
OK truncated
/ Frame C4B5 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C4B5 0
0 64ms
59ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcaQvkUV0Y7i8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAcgDAqoE-AFP0H-PNICkn1Y-nVcS8WAM41uzSQKAPf2IP-ExNzrFI0n1KlHqC7UW9O_Tn9vUfY2EPF6KETgdFPuK2DP6Qazr1vESzjp2WOIhoCobI3fSOMbBtW9iqqR9hos8UJgRxs2BejsDtK09OWKFRnG5hE80nGNxspDnt5DkxwUV_8QFCZcKeo-gLLbjchTj9AL32dPST95tWnHi1IW47vT5IoannoVtYmub9uSM9rlj9QHr2bRAL1CdZU4LAlj8qrh-qMviS-20b1h2rHA2UVIAQBd9zhbIQKGciiIH2zKK9oshDtt6PLJ7gfrhopIPwMPRJHyuKdka983RMeAEAYAGuYWQ3fu0xc_FAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTYwNDc0NDE4NjcyNzU1NzmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODE3MDk2NjUzODE1MjU0MxiR82w&sigh=eHrZOB37VrI&uach_m=[UACH]&cid=CAQSPADq26N9TMN0mQ1_RwqE7bRpSiA6-cnBKLWHA9N36lhMd92Es3EOkBPccZ9SHHzPudRh-drDiZe1rLGYbBgBIBM
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame C4B5 0
0 64ms
27ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kcjv2zdvytxpa571wrcf66wgycqbpk6r9gmat4ekcsth05qfq314r5mww3rd40wmfmj78hqyrm8b41p979c8p29g61dj19wbyppdj9zx7cqcw9rxz8skqfttyymp6f1qhm14hvqv5k6gt6q1z6mvs2mn7st2ypxpv5ymaf71fwnt88pyzh9bayabdmvjrtvm98yvt78fvmrapmekvex7adw73xngmsxese0ncgeek1pmdfbcmq6rceq5b2hcs8na7rkpb7a57jfesdf4bsn26krmehbs8g59khmyhmaxvw5zx60fv3s27xydtgqdjy53ha4f1yc2aq4s1rcxksz3ewwkgqm91qmjnea3zfqrpzj1pp79e6bmgcczapewzx9qn5h9y8h&b=Y3RFkQAN3jgIEePZAA4bXjl686TOumJ3irVyNA
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Nov 2022 02:06:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 204 dai
as.ad4m.at/ad/ Frame C4B5 0
0 62ms
41ms Fetch 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dai?ed=1jbb2c7hgd36yb6c2t598ve01k91fgda2fst5am5p2tzwk9914z6wm554vfgdret94ntq18mmf10th82pf7gem6rwszsdqpep2y0y6a3zcgp446bpxbefkw5d1cae1dqsqm25t08ge0m5ae0fk0gnz1rfsvgketjd1nsjs12ta2tdwccpfdvf0qd2djdr0wnvkczfq8rk3j6cbfhcmfb2aayq6xbem714jc0mgbd4cq8vbjxjkq6wscf2myr0hsv5cpwm

Requested by

Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 76acaa735eb79211-FRA
expires: 0

GET
H/1.1

200
OK

/ Show response
partner.blau.de/a/ Frame C4B5
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONS...
https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022111603061078585319321X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtet...

49 B
387 B

206ms
41ms

Fetch
image/gif

78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022111603061078585319321X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 02:06:10 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022111603061078585319321X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0
date: Wed, 16 Nov 2022 02:06:10 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C4B5 0
0 59ms
56ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTpw2kUV0Y7i8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-AFP0H-PNICkn1Y-nVcS8WAM41uzSQKAPf2IP-ExNzrFI0n1KlHqC7UW9O_Tn9vUfY2EPF6KETgdFPuK2DP6Qazr1vESzjp2WOIhoCobI3fSOMbBtW9iqqR9hos8UJgRxs2BejsDtK09OWKFRnG5hE80nGNxspDnt5DkxwUV_8QFCZcKeo-gLLbjchTj9AL32dPST95tWnHi1IW47vT5IoannoVtYmub9uSM9rlj9QHr2bRAL1CdZU4LAlj8qrh-qMviS-20b1h2rHA2UVIAQBd9zhbIQKGciiIH2zKK9oshDtt6PLJ7gfrhopIPwMPRJHyuKdka983RMeAEAYAGuYWQ3fu0xc_FAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTYwNDc0NDE4NjcyNzU1NzmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODE3MDk2NjUzODE1MjU0MxiR82w&sigh=iVicGLqoe4Y&uach_m=[UACH]&cid=CAQSPADq26N9TMN0mQ1_RwqE7bRpSiA6-cnBKLWHA9N36lhMd92Es3EOkBPccZ9SHHzPudRh-drDiZe1rLGYbBgBIBM&vt=10
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 29BB 143 B
166 B 16ms
15ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 01:55:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7D22 1 KB
643 B 17ms
15ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 14:00:55 GMT
etag: 48472445140208031
expires: Wed, 16 Nov 2022 14:00:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F8A6 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F8A6 0
0 66ms
62ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxTpAkUV0Y7u8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAcgDAqoE9wFP0KhEnFF7T9VFHj9a19oX48LzZfJL-thkqb_wsvvnZH3cA7xambm20M6YTWtiJ1zdNJ1TMVZf3eVxe9JxWBUC2SdndLNhtW37tKF2hfSsHXPXcDGzuYNuWnzOHtoutFnToSZ8YbMfdKmQOQeeZYf7HlsdvAEAHE91-cbiuQ5xMihSFrhbEOfOdn03h9yfpRNAvCigVUhkFmKFYoAeyhezehRn8T2bQIbpub3wL0h8IAeS7lN2rD-VyEEKGGfEDv-ddmp0FaGJnvxi-Pw3tuYGO7K3DB-iFiLX1cIIrmrW-YlivOCqrpSptSbvwzeK9cl4usz9C9Yq4AQBgAa5hZDd-7TFz8UBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjA0NzQ0MTg2NzI3NTU3OYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MTcwOTY2NTM4MTUyNTQzGJHzbA&sigh=pmUakDYkUis&uach_m=[UACH]&cid=CAQSPADq26N9TMN0mQ1_RwqE7bRpSiA6-cnBKLWHA9N36lhMd92Es3EOkBPccZ9SHHzPudRh-drDiZe1rLGYbBgBIBM
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame F8A6 0
0 30ms
27ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g5wbg3x2d34xwbm0ekzhkfm9hz763ct67b0hxs84wk5hb6yqw69jyacjx5gtabq0vxqa003bdbkgy7qvdbfcskcsgjh9qqeffebwp8h6htbsb1fx8q7cq5nf4fv76cs1awj1m8eqddfqcgt8xcmhsmk5d848eyspsa5ht15n46cfbr9s6700qxnrckdxe24m2s4rwdx7vp1hc20pzx2pcx9f6nvyy2kntjh502e9kh2j03hmn8n5phv5w9ag4pfsrryhcevfqceqazdrawq3cx16sm8pb617xndcndnkx56tgqrdx3mb3btpnp3n0z0nrjvsr3hbgc1kymaxdzdksra3qqmd2ahzr94pp0k7v53vj9xq6ewssdxxjpf318xvdg1h4bt&b=Y3RFkQAN3jsIEePZAA4bXmEqBfXK7mwjrFTBmQ
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Nov 2022 02:06:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 204 dai
as.ad4m.at/ad/ Frame F8A6 0
0 32ms
29ms Fetch 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dai?ed=1gyyfcygw3y2averhj4dj9q0fzbwhwaacngzh7rq3dtabatefr7bk4vrx8xtqkk1qt9q400pe4m590jkhtt0d6e99n8p6md3j1zgb10659v8qj2n5ggdrjjratpb42k4qrbsr4hzzybsd3wykdf51386w2s6j6m8tfnyv0vf1yycxxdjwe8b24dr639a9fwanrps62tf8y89fvpybe2pbgqpvrannfkgnzcfg8gf3tmpv5pgswr6s18r8kq9fqsepxxac

Requested by

Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 76acaa737ec39211-FRA
expires: 0

GET
H/1.1

200
OK

/ Show response
partner.blau.de/a/ Frame F8A6
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONS...
https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=suitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022111603061078585319325X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtet...

49 B
387 B

192ms
41ms

Fetch
image/gif

78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022111603061078585319325X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 02:06:10 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022111603061078585319325X117667V1225131106MSsuitenatdcsingle_galaxyA51_stroer_pvoneidX5fGHKAargkS6HAtetqtPhQSMtQfgKoneid&gdpr_consent={{IAB_CONSENT_STRING}}&gdpr={{IAB_CONSENT_FLAG}}&cons=0
date: Wed, 16 Nov 2022 02:06:10 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F8A6 0
0 56ms
54ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtjR0kUV0Y7u8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE9wFP0KhEnFF7T9VFHj9a19oX48LzZfJL-thkqb_wsvvnZH3cA7xambm20M6YTWtiJ1zdNJ1TMVZf3eVxe9JxWBUC2SdndLNhtW37tKF2hfSsHXPXcDGzuYNuWnzOHtoutFnToSZ8YbMfdKmQOQeeZYf7HlsdvAEAHE91-cbiuQ5xMihSFrhbEOfOdn03h9yfpRNAvCigVUhkFmKFYoAeyhezehRn8T2bQIbpub3wL0h8IAeS7lN2rD-VyEEKGGfEDv-ddmp0FaGJnvxi-Pw3tuYGO7K3DB-iFiLX1cIIrmrW-YlivOCqrpSptSbvwzeK9cl4usz9C9Yq4AQBgAa5hZDd-7TFz8UBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjA0NzQ0MTg2NzI3NTU3OYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MTcwOTY2NTM4MTUyNTQzGJHzbA&sigh=1EnNNr7S0GA&uach_m=[UACH]&cid=CAQSPADq26N9TMN0mQ1_RwqE7bRpSiA6-cnBKLWHA9N36lhMd92Es3EOkBPccZ9SHHzPudRh-drDiZe1rLGYbBgBIBM&vt=10
Requested by: Host: controle.notisul.com.br
URL: https://controle.notisul.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C8D9 143 B
166 B 19ms
15ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 01:55:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 11B2 1 KB
643 B 18ms
17ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 14:00:55 GMT
etag: 48472445140208031
expires: Wed, 16 Nov 2022 14:00:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6E8750F05C8DCCAFD1C5BB688D8FE1C9702B98D11E9234F16838BE75150D09C6DC2E7A6036A8476E8DDDAD3FE345C6811055EBB8AC0E32309F70F1BAF95E0C4B
assets.ad4m.at/ Frame C4B5 17 KB
18 KB 32ms
31ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/6E8750F05C8DCCAFD1C5BB688D8FE1C9702B98D11E9234F16838BE75150D09C6DC2E7A6036A8476E8DDDAD3FE345C6811055EBB8AC0E32309F70F1BAF95E0C4B
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97413a5a8027ce9bbe4e83a4db458516ff78d43be872c71873142c06498df6eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1920397
cf-polished: qual=85, origFmt=jpeg, origSize=48076
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17570
cf-bgj: imgq:85,h2pri
last-modified: Wed, 12 Feb 2020 14:13:31 GMT
server: cloudflare
etag: "63ea024dab5323405c9cb9e6a41128b3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbkxTBtaxUJ%2FEzxME1A0vpCda8H2R1wekiNajk7dqI%2BA5iC8dR2Fix9CBEhlILGTyc3zblx4t%2BJg87U6gWfj37NT0%2B14EijoxM1ENi1XbbkN74tTt7Dr2cAz9lpA6bAcAVbAjjfnGaY2R9zG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76acaa739ee39211-FRA
expires: Thu, 17 Nov 2022 02:06:10 GMT

GET
DATA 200
OK truncated
/ Frame C4B5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cbb670cf417ab9d4a22b9da28548d6ff456c3f2f5187338968edfd0a7ec445a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C4B5 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500|Slabo+27px:400&lang=pt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 455035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 19:42:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C4B5 16 KB
16 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500|Slabo+27px:400&lang=pt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 482790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 11:59:40 GMT

GET
H3 200 6E8750F05C8DCCAFD1C5BB688D8FE1C9702B98D11E9234F16838BE75150D09C6DC2E7A6036A8476E8DDDAD3FE345C6811055EBB8AC0E32309F70F1BAF95E0C4B
assets.ad4m.at/ Frame F8A6 17 KB
18 KB 44ms
43ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/6E8750F05C8DCCAFD1C5BB688D8FE1C9702B98D11E9234F16838BE75150D09C6DC2E7A6036A8476E8DDDAD3FE345C6811055EBB8AC0E32309F70F1BAF95E0C4B
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97413a5a8027ce9bbe4e83a4db458516ff78d43be872c71873142c06498df6eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1920397
cf-polished: qual=85, origFmt=jpeg, origSize=48076
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17570
cf-bgj: imgq:85,h2pri
last-modified: Wed, 12 Feb 2020 14:13:31 GMT
server: cloudflare
etag: "63ea024dab5323405c9cb9e6a41128b3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvbtLm864PQhbVukTE8guRj%2FbkKwAI3zov02WztcyLvJ6proMgzdfqRO1lPsWvZBapT7WQsXW5Y7%2BcqFsA38C2ljoJ1SFoIip75w5CVvsTf0CaHNMDlxpZQkV5Pr57lwnlccuMFcavB%2B6hh2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76acaa739ee69211-FRA
expires: Thu, 17 Nov 2022 02:06:10 GMT

GET
DATA 200
OK truncated
/ Frame F8A6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94c859d3a92074c4618e4392687b10fd93855d76641ceefb16fc4cc5243fc0dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F8A6 15 KB
15 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500|Slabo+27px:400&lang=pt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 455035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 19:42:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F8A6 16 KB
16 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500|Slabo+27px:400&lang=pt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 482790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 11:59:40 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 0B41 89 KB
11 KB 30ms
29ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hz8kzabswngvt943v2k4wmtxv0xykb6yseszygxps3vrm9vdcng7j2x1zjdthm6sxjqtj30t8nsj0t4rc5ktg77d30dj79m5bf9ttghz12zqe14anc8yw85bsk9xcbsknw50bx5b2ewn25v1qshzkqtff1yg3n38ke118th64sw75czmt6gtqfw77ysw9gamyznrvqj88fgkt3es0x9d163p5wera7ca2hhty0en2tfa5ckz53y2t3vcmxg3a23qvyf5z19dayqebw6jstptbwgbaq7kmjeyr1gsfjv98929t7z35tr6qhcgkkxd3kdcv34mt5zzs9c5c6vp2ecvj8fpefkpb40m9p1gm4s7p03wrsd2vhfw2f6bs4fnctrrqary63zpzkbgqqq611b0ba2faprh4062cbp062ch88009gs4w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%26client%3Dca-pub-8170966538152543%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hz8kzabswngvt943v2k4wmtxv0xykb6yseszygxps3vrm9vdcng7j2x1zjdthm6sxjqtj30t8nsj0t4rc5ktg77d30dj79m5bf9ttghz12zqe14anc8yw85bsk9xcbsknw50bx5b2ewn25v1qshzkqtff1yg3n38ke118th64sw75czmt6gtqfw77ysw9gamyznrvqj88fgkt3es0x9d163p5wera7ca2hhty0en2tfa5ckz53y2t3vcmxg3a23qvyf5z19dayqebw6jstptbwgbaq7kmjeyr1gsfjv98929t7z35tr6qhcgkkxd3kdcv34mt5zzs9c5c6vp2ecvj8fpefkpb40m9p1gm4s7p03wrsd2vhfw2f6bs4fnctrrqary63zpzkbgqqq611b0ba2faprh4062cbp062ch88009gs4w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%26client%3Dca-pub-8170966538152543%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 1154429
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76acaa73df1c9211-FRA
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0B41 36 KB
12 KB 35ms
25ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hz8kzabswngvt943v2k4wmtxv0xykb6yseszygxps3vrm9vdcng7j2x1zjdthm6sxjqtj30t8nsj0t4rc5ktg77d30dj79m5bf9ttghz12zqe14anc8yw85bsk9xcbsknw50bx5b2ewn25v1qshzkqtff1yg3n38ke118th64sw75czmt6gtqfw77ysw9gamyznrvqj88fgkt3es0x9d163p5wera7ca2hhty0en2tfa5ckz53y2t3vcmxg3a23qvyf5z19dayqebw6jstptbwgbaq7kmjeyr1gsfjv98929t7z35tr6qhcgkkxd3kdcv34mt5zzs9c5c6vp2ecvj8fpefkpb40m9p1gm4s7p03wrsd2vhfw2f6bs4fnctrrqary63zpzkbgqqq611b0ba2faprh4062cbp062ch88009gs4w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55565
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBtXfUbGKdMKwxH41ryzJX3ZugEkwHRK4zJt56G6tw%2FHrl67aoJSBsfH%2B6lyhN5wLttA%2B4k4cFgTusxk%2FN8Tw1cU%2FbCNw43frx8dzv0mo1DqQwYpzhOX4vPvLFl7sQ0LBmbZF0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 76acaa73e8cd92bd-FRA
expires: Tue, 08 Nov 2022 10:40:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2E58 143 B
166 B 17ms
15ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 01:55:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9B2F 1 KB
643 B 17ms
17ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 14:00:55 GMT
etag: 48472445140208031
expires: Wed, 16 Nov 2022 14:00:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9996 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e54d4ad9e08ac47dccd401ce0ee85aa33b9dfe29a4179a5124bf34a0181a9732

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7D22
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEECBo_NFwTX_8nPyer1Ux0o&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEECBo_NFwTX_8nPyer1Ux0o&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZEpzWlpnbU4xT1Y3T3k1&google_gid=CAESEECBo_NFwTX_8nPyer1Ux0o&google_cver=1&google_push=ASkJ3FZYF8ciw6nViXp_a9KL-PqP_ZveceY4l6P9ig4whpi...

170 B
188 B

28ms
28ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZEpzWlpnbU4xT1Y3T3k1&google_gid=CAESEECBo_NFwTX_8nPyer1Ux0o&google_cver=1&google_push=ASkJ3FZYF8ciw6nViXp_a9KL-PqP_ZveceY4l6P9ig4whpiok4ls6npumZR8W0pld1IaiM2b_AYZUmzz5SzWhBkiWA5UniedgzL0

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:10 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-001aff4bca77297e8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZEpzWlpnbU4xT1Y3T3k1&google_gid=CAESEECBo_NFwTX_8nPyer1Ux0o&google_cver=1&google_push=ASkJ3FZYF8ciw6nViXp_a9KL-PqP_ZveceY4l6P9ig4whpiok4ls6npumZR8W0pld1IaiM2b_AYZUmzz5SzWhBkiWA5UniedgzL0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7D22
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOuWnXYWcqbW-JcNLSMgUu8&google_cver=1&google_push=ASkJ3FYgVNbQwd9nwfyxrnVDo5u6BoxQz_Jd4MizB4lMbjplUY8xHT8lA1IY7tTq7w9IZhRulUkclxXKski6PGRRN4SR...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYgVNbQwd9nwfyxrnVDo5u6BoxQz_Jd4MizB4lMbjplUY8xHT8lA1IY7tTq7w9IZhRulUkclxXKski6PGRRN4SRwKzjBhQT&google_hm=uOcQBv9sT7G7Spgccr49KQ==

170 B
188 B

27ms
27ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYgVNbQwd9nwfyxrnVDo5u6BoxQz_Jd4MizB4lMbjplUY8xHT8lA1IY7tTq7w9IZhRulUkclxXKski6PGRRN4SRwKzjBhQT&google_hm=uOcQBv9sT7G7Spgccr49KQ==

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYgVNbQwd9nwfyxrnVDo5u6BoxQz_Jd4MizB4lMbjplUY8xHT8lA1IY7tTq7w9IZhRulUkclxXKski6PGRRN4SRwKzjBhQT&google_hm=uOcQBv9sT7G7Spgccr49KQ==
date: Wed, 16 Nov 2022 02:06:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7D22
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEC6K7gmFaId2ThTlD-YBKwY&google_cver=1&google_push=ASkJ3FanatAo7j-HxrzWuI8kAhsFYFAqotNu3xol50yhygzBe6-P0odzWSfgElz2LTgFLb_dVJsVuNazTnlKpHz7Y0cj-7I...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEC6K7gmFaId2ThTlD-YBKwY&google_cver=1&google_push=ASkJ3FanatAo7j-HxrzWuI8kAhsFYFAqotNu3xol50yhygzBe6-P0odzWSfgElz2LTgFLb_dVJsVuNazTnlKpHz7Y0cj-...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FanatAo7j-HxrzWuI8kAhsFYFAqotNu3xol50yhygzBe6-P0odzWSfgElz2LTgFLb_dVJsVuNazTnlKpHz7Y0cj-7IZe3G3

170 B
188 B

27ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FanatAo7j-HxrzWuI8kAhsFYFAqotNu3xol50yhygzBe6-P0odzWSfgElz2LTgFLb_dVJsVuNazTnlKpHz7Y0cj-7IZe3G3

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FanatAo7j-HxrzWuI8kAhsFYFAqotNu3xol50yhygzBe6-P0odzWSfgElz2LTgFLb_dVJsVuNazTnlKpHz7Y0cj-7IZe3G3
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7D22
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMvmr1d7GOPUT_sLSwTWUIw&google_cver=1&google_push=ASkJ3FYkx636e7q6CsAy-6OklJPYPqM-UDbFnnVdJy8RLzuwXvtZXqZh_FacJE85TGw-g_zesD2qQpEt...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMvmr1d7GOPUT_sLSwTWUIw&google_cver=1&google_push=ASkJ3FYkx636e7q6CsAy-6OklJPYPqM-UDbFnnVdJy8RLzuwXvtZXqZh_FacJE85TGw-g_zesD2...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg4NDE2Mzg0ODAwNTQzMjMw&google_push=ASkJ3FYkx636e7q6CsAy-6OklJPYPqM-UDbFnnVdJy8RLzuwXvtZXqZh_FacJE85TGw-g_zesD2qQpEt...

170 B
188 B

27ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg4NDE2Mzg0ODAwNTQzMjMw&google_push=ASkJ3FYkx636e7q6CsAy-6OklJPYPqM-UDbFnnVdJy8RLzuwXvtZXqZh_FacJE85TGw-g_zesD2qQpEtCYn-Tm-bwo5WLmaSNrhR

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg4NDE2Mzg0ODAwNTQzMjMw&google_push=ASkJ3FYkx636e7q6CsAy-6OklJPYPqM-UDbFnnVdJy8RLzuwXvtZXqZh_FacJE85TGw-g_zesD2qQpEtCYn-Tm-bwo5WLmaSNrhR
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 200 dds
rtb.openx.net/sync/ Frame 7D22 43 B
64 B 43ms
24ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEG0ScaZEjFSEDD1BqcMKc7E&google_cver=1&google_push=ASkJ3FavUp_84zLOKt-ldp353R9CWsVIeis_VtccfM1F0tH6BFcrGztVgJW4E-quOZdJkPq0lm7cC1qWjfafzcYJ4RQoOa_Zh2W8
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 00185aste3bhtu9n268fuerkc0k1i9rn

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 7D22 42 B
233 B 308ms
96ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEEChsREkbhDjGCroLuSOb3Y&google_cver=1&google_push=ASkJ3FY4XIFaHPp_Wjtno27RGxJ5rUmMyagBOCfDNYeqnxMmoDpugMLGi8yaXpu92QBE_zKkGj76OcwLII_z3FGHptuPcLGxBGr9Ow
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:10 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7D22
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAmaspLaj0gTrYt9gbb0z6M&google_cver=1&google_push=ASkJ3Fac41dbNPxR1...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEAmaspLaj0gTrYt9gbb0z6M%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY5NjMyNDU0NTY2OTgwOTQzMA%3D%3D&google_gid=CAESEAmaspLaj0gTrYt9gbb0z6M&google_cver=1&google_push=ASkJ3Fac41dbNPxR1t8HjMIw0j18g1eT26...

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY5NjMyNDU0NTY2OTgwOTQzMA%3D%3D&google_gid=CAESEAmaspLaj0gTrYt9gbb0z6M&google_cver=1&google_push=ASkJ3Fac41dbNPxR1t8HjMIw0j18g1eT267SbNHjH3UVfQCy7VRpOzgGz9995EvoR2j8v71XEUZgUymP00zcNaKETXv1lx48UZRx

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:10 GMT
AN-X-Request-Uuid: 532bd983-6473-4507-8177-9c38426c908c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY5NjMyNDU0NTY2OTgwOTQzMA%3D%3D&google_gid=CAESEAmaspLaj0gTrYt9gbb0z6M&google_cver=1&google_push=ASkJ3Fac41dbNPxR1t8HjMIw0j18g1eT267SbNHjH3UVfQCy7VRpOzgGz9995EvoR2j8v71XEUZgUymP00zcNaKETXv1lx48UZRx
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7D22 0
12 B 25ms
23ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13La9SDNF4XWZKb5h5sG1MRncFSAUqLM1H1Il-sVclPL8qFI9mQwngk8DGerDsJ8kKTt-5UATAI

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11B2
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOVQcw5LCFxY9C1JD3sxd2g&google_cver=1&google_push=ASkJ3FYiLy1cY_eqLFC9jljAoqkoNn-15rk4kqBblmE3ZWlyVOpJWGShe-SWPlzSzE5NMS0KZT09_...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3FYiLy1cY_eqLFC9jljAoqkoNn-15rk4kqBblmE3ZWlyVOpJWGShe-SWPlzSzE5NMS0KZT09_-Zo50JkODq9hYZEIcFBDE5G

170 B
188 B

27ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3FYiLy1cY_eqLFC9jljAoqkoNn-15rk4kqBblmE3ZWlyVOpJWGShe-SWPlzSzE5NMS0KZT09_-Zo50JkODq9hYZEIcFBDE5G

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Nov 2022 02:06:10 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6B43D90A290D493CB9A0FBB28C752486 Ref B: FRAEDGE2021 Ref C: 2022-11-16T02:06:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3FYiLy1cY_eqLFC9jljAoqkoNn-15rk4kqBblmE3ZWlyVOpJWGShe-SWPlzSzE5NMS0KZT09_-Zo50JkODq9hYZEIcFBDE5G
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtjOqcxMWFQZmQGO6pUw==

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 11B2 70 B
265 B 158ms
40ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEH5h_faL7ngUm89AZTuZcFw&google_cver=1&google_push=ASkJ3FYWEvKTYOJhzXahhzc2OC1i40_mxB0SNNgamKhcwQRtDnSyJDDP8IAxUMzpXP2qJ88kWWyCLuR8EuBE6G0W81h9SblmRa5H
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 11B2 0
191 B 167ms
39ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDxi5Xa_5oDsT5PuWlPWuIc&google_cver=1&google_push=ASkJ3FYdNPp8al7-Au7gzQERIeMpWW9K-RnXahMt3oqZK4zsyoWK4iDcZYFfVG_uLoC9j46wwaQn371wWAzF1D_mvj5rtPhTMVo
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11B2
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEEeJiwZPXHFCh5D2twLYnTY&c_param1=ASkJ3FaIBfBrLLyQAsfLzrmL2Wl26D5_nHqOV9jlL64o4MXtu0XFakhqNdNZtowWVI_WQh8HiWHLb5uzigA98rvTU1DnqUoKa8o3&gdpr=%%GDPR%%&...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FaIBfBrLLyQAsfLzrmL2Wl26D5_nHqOV9jlL64o4MXtu0XFakhqNdNZtowWVI_WQh8HiWHLb5uzigA98rvTU1DnqUoKa8o3

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FaIBfBrLLyQAsfLzrmL2Wl26D5_nHqOV9jlL64o4MXtu0XFakhqNdNZtowWVI_WQh8HiWHLb5uzigA98rvTU1DnqUoKa8o3

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FaIBfBrLLyQAsfLzrmL2Wl26D5_nHqOV9jlL64o4MXtu0XFakhqNdNZtowWVI_WQh8HiWHLb5uzigA98rvTU1DnqUoKa8o3
date: Wed, 16 Nov 2022 02:06:10 GMT
server: nginx/1.19.0
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11B2
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEPStSrBLfSFAvFdBTJIpyOI&google_cver=1&google_push=ASkJ3FYKstO4SaaK7yUsZsS8RYMAb3l6AIGYQw9ZuwaYhkxaGZG4kmsKhD0u3OC-vdPTWZV5gn7wAKaNTcUZhwBdRS7lCNIG_rOl
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYKstO4SaaK7yUsZsS8RYMAb3l6AIGYQw9ZuwaYhkxaGZG4kmsKhD0u3OC-vdPTWZV5gn7wAKaNTcUZhwBdRS7lCNIG_rOl&google_hm=ZzQ5YTBkODBhNzBhOWQ2...

170 B
188 B

29ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYKstO4SaaK7yUsZsS8RYMAb3l6AIGYQw9ZuwaYhkxaGZG4kmsKhD0u3OC-vdPTWZV5gn7wAKaNTcUZhwBdRS7lCNIG_rOl&google_hm=ZzQ5YTBkODBhNzBhOWQ2MDljNmQ=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYKstO4SaaK7yUsZsS8RYMAb3l6AIGYQw9ZuwaYhkxaGZG4kmsKhD0u3OC-vdPTWZV5gn7wAKaNTcUZhwBdRS7lCNIG_rOl&google_hm=ZzQ5YTBkODBhNzBhOWQ2MDljNmQ=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 11B2 42 B
233 B 298ms
97ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEEChsREkbhDjGCroLuSOb3Y&google_cver=1&google_push=ASkJ3FbT8aKtzvR8mpRc_hmEqGZJyuFg6yUfOmpcnxbwOGzJGI1VE0tjy3fvHlMBAY1Zz07TpdzTpc6sRgu3PaWFaUCTKT96mz5Z
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:10 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 11B2
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEPBk4WiuEIWWwtgbGQBixHM?ext-param=ASkJ3FaSn5Vlj7FTrXF1O7WUYU6wM-MY4E8sqOweagwx-75gOSogZEn6KLl52vWY8tqfVbAdyR-RCmMhs7MuVp1MiEuRp1UjDp-fqw&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEPBk4WiuEIWWwtgbGQBixHM?redir-setuniq=1&ext-param=ASkJ3FaSn5Vlj7FTrXF1O7WUYU6wM-MY4E8sqOweagwx-75gOSogZEn6KLl52vWY8tqfVbAdyR-RCmMhs7MuVp1MiEuRp1UjDp-fqw&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEPBk4WiuEIWWwtgbGQBixHM&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
168 B

67ms
66ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 01 Nov 2023 02:06:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 11B2 0
12 B 24ms
23ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKM8CRbMYxaxL0YY6TIp-PYif24l4KTEJu-jDteBJMS5z7sxzDGa2pM9Gy-YrY96mPZHQ7LKg

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 29BB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
32ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:10 GMT
expires: Wed, 16 Nov 2022 02:06:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C8D9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
31ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:10 GMT
expires: Wed, 16 Nov 2022 02:06:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0B41 3 KB
4 KB 155ms
41ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25468652
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glJC2kkqwPSp86PY7m20F%2F81nAG8%2B%2BLutGnlYl%2Fa01hwoeB%2FKpWPXGHDK7tLRj5OZ9WsUYZnl%2FPh2WGJkYus6%2Frbw4T59P9pLxgQuKS6IYcBqoeE%2Fg2VzYE38X6hH17Nq1m93QMcsvB%2F%2BNNHMaMF4eSK"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 76acaa759f4d6946-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B2F
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFD3Zlu8TGrfmoEPksrh1dY&google_cver=1&google_push=ASkJ3Fa7POCr_yMaWQKBvQ774AQgehwJugdRbR8gSREmvUCNxDhk-hFn-Z972xTvKFOosr5TPI0X5jUhwxI56...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFD3Zlu8TGrfmoEPksrh1dY&google_push=ASkJ3Fa7POCr_yMaWQKBvQ774AQgehwJugdRbR8gSREmvUCNxDhk-hFn-Z972xTvKFOosr5TPI0X5jUhwxI56...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3Fa7POCr_yMaWQKBvQ774AQgehwJugdRbR8gSREmvUCNxDhk-hFn-Z972xTvKFOosr5TPI0X5jUhwxI56RPtdlXxtJl-YRKtIg&google_hm=NEdQc0RHdnV2bzdoMG...

170 B
188 B

25ms
25ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3Fa7POCr_yMaWQKBvQ774AQgehwJugdRbR8gSREmvUCNxDhk-hFn-Z972xTvKFOosr5TPI0X5jUhwxI56RPtdlXxtJl-YRKtIg&google_hm=NEdQc0RHdnV2bzdoMGwwRzlqTHc=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:11 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3Fa7POCr_yMaWQKBvQ774AQgehwJugdRbR8gSREmvUCNxDhk-hFn-Z972xTvKFOosr5TPI0X5jUhwxI56RPtdlXxtJl-YRKtIg&google_hm=NEdQc0RHdnV2bzdoMGwwRzlqTHc=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 9B2F 42 B
233 B 301ms
97ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESENsrn1ddF7J9v9bHIxJkY8g&google_cver=1&google_push=ASkJ3FYmvvRb_cubnXGZrq2f03k0K9Yured72tZbUs6yX0Bm6AIxMKyZ-5dfQV9ywG20WKX-Lx_ZgTDblPm0fWojZkE66fOKlS-cbg
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:10 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 9B2F 0
498 B 472ms
114ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DASkJ3Fb3ToV9OCYGX3R3SkBdPgb8awnjQWAyhR4YR9YSwJhJvbOJiLdi-rMrMeqwc8ZODEtcloFYgP-a4o45HkEXnmBesB4TjONp%26google_hm%3D%5BUID%5D&google_gid=CAESENihy2LlfUkD0Wa4lTsPdeE&google_cver=1

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:11 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-34
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B2F
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESED9tSeTH0S6Wz-kXukKf7us&google_cver=1&google_push=ASkJ3FZBGQ8Xmh401qAQhFODXdkr2rkDjkkUtA7VObynX7RXQmEB9Hk2ZfaT-yFdXDVQk9KMEVhkc...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZBGQ8Xmh401qAQhFODXdkr2rkDjkkUtA7VObynX7RXQmEB9Hk2ZfaT-yFdXDVQk9KMEVhkci2j3KRmp_N0ReLltoBoHbsZ&google_hm=WTNSRms4Q28...

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZBGQ8Xmh401qAQhFODXdkr2rkDjkkUtA7VObynX7RXQmEB9Hk2ZfaT-yFdXDVQk9KMEVhkci2j3KRmp_N0ReLltoBoHbsZ&google_hm=WTNSRms4Q284WGdBQVBhNi1vOEFBQUFB

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 37
Date: Wed, 16 Nov 2022 02:06:11 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESED9tSeTH0S6Wz-kXukKf7us&google_push=ASkJ3FZBGQ8Xmh401qAQhFODXdkr2rkDjkkUtA7VObynX7RXQmEB9Hk2ZfaT-yFdXDVQk9KMEVhkci2j3KRmp_N0ReLltoBoHbsZ&proto=google_ebda","cluster_id":37,"gdpr":true,"ipv4":"0.0.0.0","key":"Y3RFk8Co8XgAAPa6-o8AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad6"}
X-SO-Key: Y3RFk8Co8XgAAPa6-o8AAAAA
Server: nginx
X-SO-Upstream-ID: m-ad6
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZBGQ8Xmh401qAQhFODXdkr2rkDjkkUtA7VObynX7RXQmEB9Hk2ZfaT-yFdXDVQk9KMEVhkci2j3KRmp_N0ReLltoBoHbsZ&google_hm=WTNSRms4Q284WGdBQVBhNi1vOEFBQUFB
Cache-Control: private
X-SO-HostName: m-ad6.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 0
X-SO-LB-Hostname: m-tgng20.dc4p.scaleout.jp
X-SO-IP: 193.27.14.36

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 9B2F 0
35 B 136ms
19ms Image
text/plain 18.159.205.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESENFeiybiYXue-K7_2OF-eAI&google_cver=1&google_push=ASkJ3FZ4ZSrT2t3xtGu9dCxFIwvAPBLE9PxWTL7z8Pahz01_gKyBcGf0_cW2QzkhisOW7cs6an5Uvq7-fAJAdbgWAoY6HGK9PlZ22DQ
Requested by: Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.205.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-205-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B2F
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEKOfp4VFy16VBXNZ-Qcwa4c&google_cver=1&google_push=ASkJ3FZmpfTb2arIEuKyHU9nGQIZcKyenqArAXdJ-Dw3-TNJ2fNDKSCnFruUJl7Z7lHpVpthb4mf7KpoSb-TYfulhCCQXKi...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ASkJ3FZmpfTb2arIEuKyHU9nGQIZcKyenqArAXdJ-Dw3-TNJ2fNDKSCnFruUJl7Z7lHpVpthb4mf7KpoSb-TYfulhCCQXKimvhqj1g&google_hm=NzI4MTM3O...

170 B
188 B

26ms
25ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ASkJ3FZmpfTb2arIEuKyHU9nGQIZcKyenqArAXdJ-Dw3-TNJ2fNDKSCnFruUJl7Z7lHpVpthb4mf7KpoSb-TYfulhCCQXKimvhqj1g&google_hm=NzI4MTM3ODIwMjQ0ODc2MTMxNg==

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ASkJ3FZmpfTb2arIEuKyHU9nGQIZcKyenqArAXdJ-Dw3-TNJ2fNDKSCnFruUJl7Z7lHpVpthb4mf7KpoSb-TYfulhCCQXKimvhqj1g&google_hm=NzI4MTM3ODIwMjQ0ODc2MTMxNg==
Date: Wed, 16 Nov 2022 02:06:10 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 9B2F
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEPBk4WiuEIWWwtgbGQBixHM?ext-param=ASkJ3FaIQQF2FYU0ynJLyIaPBzAnkXjFAlUOubcyhokNbWuZZvpHFEBIkBX5llEafhIkbsbuRDfMsl_NCFljv_thykqca5vXrimGY8I&partner-tag=yandex_a...
https://an.yandex.ru/mapuid/google/CAESEPBk4WiuEIWWwtgbGQBixHM?redir-setuniq=1&ext-param=ASkJ3FaIQQF2FYU0ynJLyIaPBzAnkXjFAlUOubcyhokNbWuZZvpHFEBIkBX5llEafhIkbsbuRDfMsl_NCFljv_thykqca5vXrimGY8I&part...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEPBk4WiuEIWWwtgbGQBixHM&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

67ms
67ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 01 Nov 2023 02:06:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9B2F 0
12 B 25ms
24ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iy0bH4T7dIckdI2NpoDieOqm74m4axB7-TWNkR2w3HWeEAQSM6ZUQi8_9jKXxiGqXICZXI4VpA

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2E58
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
41ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
URL: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:10 GMT
expires: Wed, 16 Nov 2022 02:06:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame 9B69 2 KB
1 KB 24ms
24ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1511694
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 76acaa7578659211-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 02:06:10 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EF1Dnc3qNTbuQBBAOYkTPGgyxxul7mD1exMEr0ARLqQDccsnAE4oI8u0b%2Bm%2F9eYqudX5lDA3eKQ5sy%2BSpQss7ZMzibi8YuJ9%2FVSLARD%2BhbV0cEmJS7g992qRmgIzykvTqjlLNPk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 0B41 2 KB
2 KB 42ms
41ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dbd69865463b5447c0eb1cab89cf4960d607c0a9fc4a1617b66c6d4ffecd4dd

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOXSH4yHxXGAWjLFLbph9K3NczzzKEj6NjBogNvPpiYOyuVN3yEhW9NEgwfabqOTRlUUPg8Lssp0E8qsw%2Fr8ms0e%2FpLKo46xykEiplEdSRLaoc%2BMAqVPS9kRUj%2BKj1uwhrnsf%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 76acaa7628ab9b2b-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 58ms
34ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76acaa75e8649b2b-FRA
content-length: 24
content-type: text/plain
date: Wed, 16 Nov 2022 02:06:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPsj77cs4yW584KwosDF031Zu%2FQuKJQE03hHtIo1DnLIxClfh9oSH1NjCwwrAWuxY9ulK%2BMlQmenEc0I1CSCdhr3CQvY00dRbwsSUFNKXIEz5oXs1xHRHBmBK51BewTkQMU4bSs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 3CD0 13 KB
5 KB 29ms
29ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0572d3b87cb4f708f93efc2385baf6cacf1e930a1e2141a447932df1dee8ab3b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hz8kzabswngvt943v2k4wmtxv0xykb6yseszygxps3vrm9vdcng7j2x1zjdthm6sxjqtj30t8nsj0t4rc5ktg77d30dj79m5bf9ttghz12zqe14anc8yw85bsk9xcbsknw50bx5b2ewn25v1qshzkqtff1yg3n38ke118th64sw75czmt6gtqfw77ysw9gamyznrvqj88fgkt3es0x9d163p5wera7ca2hhty0en2tfa5ckz53y2t3vcmxg3a23qvyf5z19dayqebw6jstptbwgbaq7kmjeyr1gsfjv98929t7z35tr6qhcgkkxd3kdcv34mt5zzs9c5c6vp2ecvj8fpefkpb40m9p1gm4s7p03wrsd2vhfw2f6bs4fnctrrqary63zpzkbgqqq611b0ba2faprh4062cbp062ch88009gs4w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%26client%3Dca-pub-8170966538152543%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76acaa7669569211-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 02:06:10 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 3CD0 89 KB
11 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 1154429
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76acaa76a9779211-FRA
expires: 0

GET
H3 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 3CD0 8 KB
9 KB 27ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1920726
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwP7WjnCmoHvLHxwYbeHSwqHxZ3C2qV4L3xDALylrONsw%2F37moCuruTgTQkAtMJM%2FmEUlvs1uEQ0%2BLlkic2tTTTEgsr2A6IzE3GirX5GiBzxQ9tuxFpSooDEVyNq0GiyAUs1lVLIjFNo7hWy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76acaa76a9789211-FRA
expires: Thu, 17 Nov 2022 02:06:10 GMT

GET
H3 200 96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
assets.ad4m.at/product_image/ Frame 3CD0 43 KB
44 KB 27ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2365483
cf-polished: qual=85, origFmt=jpeg, origSize=72345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44118
cf-bgj: imgq:85,h2pri
last-modified: Tue, 14 Jun 2022 09:41:24 GMT
server: cloudflare
etag: "ed6f7b3b1b04cd5f78cf354be09c981b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDjd9e2wqB%2B4XI%2FCV37gpPMnoHgBknpaL3YnpET7JhLr8vy%2FHHGcERd9K%2B6Y%2F65nO6es%2Bx8DhiMo2QRXas%2BvxLeyUxJnL3g3hDwye3BACJxzXdE96VMmqaq4nsx6naZIdLgMwDsY655jNGyd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76acaa76a9799211-FRA
expires: Thu, 17 Nov 2022 02:06:10 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 3CD0
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPTR_NTOsfsCFXGH_QcdKJwLvA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidQM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQroneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668564371_3dd6ed60-6553-11ed-89a3-223851067267

0
517 B

234ms
30ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668564371_3dd6ed60-6553-11ed-89a3-223851067267
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:11 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Wed, 16 Nov 2022 02:06:11 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668564371_3dd6ed60-6553-11ed-89a3-223851067267
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 3CD0 127 KB
128 KB 71ms
69ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 460832
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130162
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwPxLxcW5qPDsOhJUaQ4t3pbaxmF%2BOEuUFdwZzrAAhS8S7nTrWQg2dXLanZKUYhOqK%2FEILj93v3wMaSedALxsE8mvFte9Hyve1Hu%2BapchdpuM9yMFq0VzwzH4nzUqFVr5PfkKjTF1DIMve7j"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76acaa76a97c9211-FRA
expires: Thu, 17 Nov 2022 02:06:10 GMT

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 3CD0 461 KB
461 KB 74ms
73ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 863495
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJbTsJw6uhufWlPyT28befU9LDVcGMSygf6eXXbe16OXvZjjfO4CH%2BQi5u1nkRWTFEXNdIAomV%2BWgNCXC5ZT6WD3tmijgoT9%2FvPLtjFcfQ4IHcH1l7HYxhKSDqTVjJxxIToNZ5EvkFFL4ke6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76acaa76a97d9211-FRA
expires: Thu, 17 Nov 2022 02:06:10 GMT

GET
H3 200 F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
assets.ad4m.at/logo/ Frame 3CD0 3 KB
4 KB 41ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444637
cf-polished: origFmt=png, origSize=11554
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3224
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 07:30:35 GMT
server: cloudflare
etag: "1ca6a79380ae53c080c2e12b38bdb5eb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FezAaFLcAVZZWZJYqYyYZ8NTcJB%2FnJSxqh%2BKlDIH2%2BjEVv%2FFDJPh7b%2F3D19ROYOQyMyebtMH%2F9FQkzTx45K9ZCrkCG%2B3qxbNO0DTVwdOkPGjVZye8KeS9HXqBKTPq%2B%2FVsbLvKvU%2FrmOMlNkq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76acaa76a97e9211-FRA
expires: Thu, 17 Nov 2022 02:06:10 GMT

GET
H3 200 43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
assets.ad4m.at/product_image/ Frame 3CD0 296 KB
296 KB 42ms
41ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 462934
cf-polished: origFmt=png, origSize=466926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 302728
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 12:39:43 GMT
server: cloudflare
etag: "45f5fed59fc1f13fbebb41146459eb81"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJrvV%2FBho05Kyf7IAH3nWSqzhJTYWt9UQAmdfLwtUeLv3eHjNrnlwKiC02CmtHjC%2FM%2FloxN8oeZJKCjMWS75lyuaQPv5AdnclNNWprTLxk365zFXwMvd9YjTse2RlovmCH8fIDjpyG1Jt0X2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76acaa76a97f9211-FRA
expires: Thu, 17 Nov 2022 02:06:10 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 3CD0 1 KB
2 KB 149ms
69ms Script
text/html 13.41.138.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gs3vxn204nyxsfvp8478ns94mmaehhpcz8h3jfnwqrxy7jyqs5ppfb5csm1jrh8y0ymraa318vt3nvc16d9s178sr9msatxt5raxpn9nzp21rbw2d4y1mm4fsackdv6cz4b48y8ysrhthk7ja8yvs8rbc2430csg58g9bnmf083ygr1qsyx0wapxhcvwckdzj64ye93cs6xhdg62gpnad2j3jkrddt9jzwxagdg7ahjyccq2bfaxfj7qk5f3q7bjm9g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.138.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-138-109.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e0252f49bcf52a3b3509c218f2c0880eaceb1873efe1a5bc7b9a911ffc994082

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:11 GMT
last-modified: Wed, 16 Nov 2022 02:06:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 16 Nov 2022 02:07:11 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 3CD0 2 KB
2 KB 148ms
68ms Script
text/html 13.41.138.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g36p6mcxfkdw576h3d6b3wz5hm1dhxc7t5775r1tx3ctxsedqwgf4771f9hc3br3kmkjdcs4xf0p6kjcd5sppdcwt18setsb6shds8pwhvskgpqsaqzpgzvvw6wa9pzk5g8grspb1d3r4nwzf6qz17c8g180sbz5344b09mzwasja1czavmnreneefw19epddnqryta54jh1wvzagfg2wdgbzewzqnjjk6qxe3zg5es9p40kfc48ps7a9j5zzef0rrh2%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&clickref=oneidRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYAoneid__suite_Netmix_Reach14_AKTION&viewref=oneidq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEzoneid__suite_Netmix_Reach14_AKTION
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.138.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-138-109.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: f0ece693fae75aee1acb9bb8b41a9205ab304494a793aaa30b20436b2ec33f84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:11 GMT
last-modified: Wed, 16 Nov 2022 02:06:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 16 Nov 2022 02:07:11 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 3CD0 85 KB
31 KB 71ms
18ms Script
application/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gs3vxn204nyxsfvp8478ns94mmaehhpcz8h3jfnwqrxy7jyqs5ppfb5csm1jrh8y0ymraa318vt3nvc16d9s178sr9msatxt5raxpn9nzp21rbw2d4y1mm4fsackdv6cz4b48y8ysrhthk7ja8yvs8rbc2430csg58g9bnmf083ygr1qsyx0wapxhcvwckdzj64ye93cs6xhdg62gpnad2j3jkrddt9jzwxagdg7ahjyccq2bfaxfj7qk5f3q7bjm9g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 18:52:38 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 26014
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: R11B9BzE5KucYM4j5SIhcgcdIAuVnrRGRPh-SRG2tphpVUEtaUK4kQ==

GET
H2 200 link.html
track.webgains.com/ Frame 3CD0 48 KB
49 KB 87ms
87ms Image
image/gif 13.41.138.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.138.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-138-109.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:11 GMT
last-modified: Wed, 16 Nov 2022 02:06:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 16 Nov 2022 02:07:11 GMT

GET
H2 200 1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif
cdn.track.production.webgains.team/295140/ Frame 3CD0 19 KB
19 KB 62ms
18ms Image
image/gif 18.66.147.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/295140/1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif?Expires=1668564671&Signature=DoK0QKO9XHfLTFe7an-4lpbV0X9j9HRk0MunZJjW-b0-XFULD9LTmc2Gmx1znls9ciYbHOwxuR1jRKz-zii2gxJaMbjF2KcLDJGJIIbDzWAlWBSb9EDJQaU4OrnJ1K6-xfdhOUJvrIhOf5rvY6URCW8yWuDWM0s-jHqxR8pVOgyxTEB~izI70K5QSFmo5fxhufLTKMyQf4myGAYaoTGngwPPeBJFbWIWU0z7hakda0LmnSt8pTgj0WYW3jwkH~hqty4n4oq~fN4X6aw0hXFva-sg9VK4ESO2bE~JEehfyXWiCEe3NhtT0mf-q46cz53UQSGOPZhT2SCX~dK7WUqK5A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C321034&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=160&d=600&e=&g=525a6575683d2d993907cbe35e3ac298%2F1154652135246293862&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1668564370918&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxa413gw7nn9mxsg18qkfxcmqk3rbwyn1xfvxptc40nxmjkfqrt4hzg2k0f5ts7z174y0zk1kxge05sf932v1ft0y2nc918wgmnsda6r41xgqqyg2jxyq4xtnn2w2fx2vr5jjym99e00cb1ffwaes9jrgtpebtb0eqb2fktjepjtm8y7pe47r1c4w66v4g9kvv8rzvwkmww5s8xxe76wd5fkkqgsgd7x1ntw5krq2baa6w9xb01dt76r20k4ej1fe8ywdgbsjqg7gc5qbg0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDf1LkUV0Y7q8N9nHx_AP3ra48A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQIu3Aq-m22xPuACAKgDAaoE-QFP0Py_PAvmaYofB6Na50vBh-V9v72X-yovQffwKebviQqmr_ijBbuX8PfNDMx6vz8dotvD2tvsI6qdP-lN-XKIGdB96tYffK8IRO6qj-ToH_0YLxGRELdFIIfY5tPuRVFLXuAIiWsdJ-q3jiBOSe6yg94cZVQpx-zV1srL4MAf72xgXmUB-FjjLlvb1kI4riUxIWilZleyt49R8AFXfz4YziGj1m6aaD8ZXVGTUFUbyuD3RmeNGWZW41BN75GOGO-YN-TmugE5kV25yup_o6QRgMNIBJQtrbBseu2Rp_XmPQt1vgljVQeFgo8Euf9sKsGQZVTlO2wdLIXgBAGABta78cqS-8qV1gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MDQ3NDQxODY3Mjc1NTc5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3CkY7CjJb7TCkIklIlTs4xBdb63w%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 15 Nov 2022 02:55:59 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Mon, 01 Aug 2022 11:49:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 83413
etag: "c8717f93a87217b1c114134b189e2ca0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 19052
x-amz-cf-id: -_OC3H8GcEKOjCS6QFRQymVU_FfcBbyUOUi54POfRoa8GwE-E4P6Aw==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C673 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlsk5-j7DS0zpXZUFC0H13MsmbQCjBP-e6slCP7fq3C87D_P_3CIW456eyt966-AKGPB36uBu3JX0pvhRxOA7IK07s&sig=Cg0ArKJSzL-Oqgkn1WcMEAE&cid=CAASF-Ro2OMBUQopX1aAdtJerPDccOyA4_7c&id=lidar2&mcvt=1000&p=300,1440,900,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=670937086&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668564370190&rpt=223&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F8A6 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUhxOqHKZVvBeZjboKZaSmgex0_oD-ElNuLsulN-bKHXCFHkb7pyuotlngHPEK_ULNpseZG46U4D13vmLWP_55DMqT&sig=Cg0ArKJSzA2i0cTBAE0kEAE&cid=CAASF-RofAUTk41KfJnXTugl_yieuwRXP_4s&id=lidar2&mcvt=1000&p=1111,437,1179,1165&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=9&adk=1881152403&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668564370195&rpt=412&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C4B5 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPz5XCmyoy4RgBcb8F2rPY6HrEwaA0VRp1Bxp1NhI9YMrJBqwSo-mRHkvkUudYBhGUW_oDtNtZZnzoZdm4N5tJ6b3x&sig=Cg0ArKJSzJOMEUDbsvh1EAE&cid=CAASF-Ro5zLvpk53IjQV0ImVl6q53eyPMMaP&id=lidar2&mcvt=1002&p=218,316,402,1286&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=9&adk=3481315008&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668564370181&rpt=418&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 3CD0 16 B
232 B 126ms
125ms Fetch
application/json 3.11.155.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.155.214 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-155-214.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Nov 2022 02:06:12 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 106ms
30ms Preflight 3.11.155.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.155.214 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-155-214.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 16 Nov 2022 02:06:12 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 3CD0 16 B
232 B 79ms
78ms Fetch
application/json 3.11.155.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.155.214 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-155-214.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Nov 2022 02:06:12 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 98ms
29ms Preflight 3.11.155.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.155.214 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-155-214.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 16 Nov 2022 02:06:12 GMT
server: nginx

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 116ms
115ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.3&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fcontrole.notisul.com.br%2F&t=1668564372200&cb=0.2977167664830065&aa=first

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 76acaa7e5971bb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 118ms
117ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.3&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fcontrole.notisul.com.br%2F&t=1668564372201&cb=0.9050983885582833&aa=scroll

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 76acaa7e5972bb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 360ms
360ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.3&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fcontrole.notisul.com.br%2F&t=1668564372202&cb=0.9238648745259761&aa=side

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 76acaa7e5973bb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 382ms
382ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.3&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fcontrole.notisul.com.br%2F&t=1668564372203&cb=0.8116706334973254&aa=under

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 76acaa7e5978bb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnotisul.com.br%2F&domain=controle.notisul.com.br&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=L7i-tXx3c24xMThMc1N1V3A4eHUwbGZzTHZValdDTWRJWUdMZDNCNlR4U21BSVEzYi9BcHR0UFBackI2L1kzdmVRayt1ZkYzdHRIMHZObEdkaThuUU81L0RoZERJL0R3cHE5bEJqbGRxNXUwWlZnT2JRUEdPK0lsL1pueF...

359 B
651 B

73ms
26ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=L7i-tXx3c24xMThMc1N1V3A4eHUwbGZzTHZValdDTWRJWUdMZDNCNlR4U21BSVEzYi9BcHR0UFBackI2L1kzdmVRayt1ZkYzdHRIMHZObEdkaThuUU81L0RoZERJL0R3cHE5bEJqbGRxNXUwWlZnT2JRUEdPK0lsL1pueFdXc2xWUlhpN01RUUtOR2k0SE5SL1hkLzNmczFQMWRCZDNkVy84MnRJeWpwbUpjOUR5Z3V5MmVGV0VaRUg0ckNiTmZhTjQ3ODBBeFZPTjd0dnlySWVCSHpFaVBrZW9RdnVWV0Y2L0Z1N3dhL1U5Q3hMMXJrVElKK1F5WnpqUUNPdG11MEJFMkQxfA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

936a633834201941d4c5cf4a32ccd0f991e882247db927b9bd68776c21eafcf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1488718
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=L7i-tXx3c24xMThMc1N1V3A4eHUwbGZzTHZValdDTWRJWUdMZDNCNlR4U21BSVEzYi9BcHR0UFBackI2L1kzdmVRayt1ZkYzdHRIMHZObEdkaThuUU81L0RoZERJL0R3cHE5bEJqbGRxNXUwWlZnT2JRUEdPK0lsL1pueFdXc2xWUlhpN01RUUtOR2k0SE5SL1hkLzNmczFQMWRCZDNkVy84MnRJeWpwbUpjOUR5Z3V5MmVGV0VaRUg0ckNiTmZhTjQ3ODBBeFZPTjd0dnlySWVCSHpFaVBrZW9RdnVWV0Y2L0Z1N3dhL1U5Q3hMMXJrVElKK1F5WnpqUUNPdG11MEJFMkQxfA&cppv=2
access-control-allow-origin: https://controle.notisul.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 644123
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 283ms
30ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnotisul.com.br%2F&domain=controle.notisul.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://controle.notisul.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://controle.notisul.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 16 Nov 2022 02:06:12 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 512162
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C445 52 KB
17 KB 102ms
27ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 16 Nov 2022 02:06:12 GMT
ETag: "623de86a-cf34"
Expires: Thu, 17 Nov 2022 02:06:14 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 03D8 52 KB
17 KB 99ms
25ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 16 Nov 2022 02:06:12 GMT
ETag: "623de86a-cf34"
Expires: Thu, 17 Nov 2022 02:06:14 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 52BD 281 B
554 B 86ms
23ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 16 Nov 2022 02:06:12 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ 32 KB
11 KB 84ms
17ms Script
application/javascript 2600:9000:2251:e600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding: gzip
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
date: Tue, 15 Nov 2022 07:19:20 GMT
last-modified: Sun, 29 May 2022 06:35:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 67614
etag: W/"d29171b34ea93548beb17fd35f5b439b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: roLNec5SiioNU5EP7Kj_WR22WMKkqBmZP2suqMXX7K1rkXtyRx8R9g==

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 91ms
24ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 May 2022 12:22:37 GMT
server: cloudflare
age: 2523
etag: W/"6283938d-3671"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 76acaa83ce769158-FRA
expires: Wed, 16 Nov 2022 02:24:10 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 52BD 34 KB
10 KB 23ms
23ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: eb6e609ad072fb960afb0d96c7caa1eefd828b8ad01e703f88466e1374b7b698

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 02:06:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Nov 2022 15:19:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=47567
Connection: keep-alive
Content-Length: 10066
Expires: Wed, 16 Nov 2022 15:19:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 03D8 0
742 B 16ms
15ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:13 GMT
AN-X-Request-Uuid: af4e6ddd-fc45-40d6-8f21-fdf27909bf59
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C445 0
742 B 16ms
16ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:13 GMT
AN-X-Request-Uuid: 1fd28df0-5266-47f8-9998-8540b7053461
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ 5 KB
2 KB 714ms
647ms XHR
text/plain 2600:9000:2250:2600:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2600:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1314ee41fd2fd296d57a5ebefda335313377019f4aceeacb8529d61360ee47e8

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Nov 2022 02:06:14 GMT
content-encoding: gzip
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Mon, 14 Nov 2022 08:25:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"6388994c59a850d45ecc0ba4cc02260e"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://controle.notisul.com.br
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-cf-id: SKkvD8Ts3w29q_0VYJ1SI3gpEyB4ntVjl9EYT80iEcY19plWeY7CSA==

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 582ms
185ms Ping
text/plain 35.164.155.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.155.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-155-120.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 16 Nov 2022 02:06:13 GMT

GET
H2 200 46575 Show response
tag.navdmp.com/u/ 497 B
475 B 166ms
165ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/46575
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 26 Aug 2022 15:00:58 GMT
server: cloudflare
etag: W/"6308e02a-1f1"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 76acaa840eaf9158-FRA
expires: Wed, 16 Nov 2022 03:06:13 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 94ms
24ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 16 Nov 2022 02:06:12 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 488437
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52BD
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKMDU3QzItMTYtQllKVA==

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKMDU3QzItMTYtQllKVA==

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKMDU3QzItMTYtQllKVA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 52BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM6c529IrZJ-x7Y8T9fGaw4&google_cver=1

0
239 B

67ms
16ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM6c529IrZJ-x7Y8T9fGaw4&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM6c529IrZJ-x7Y8T9fGaw4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 52BD
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/eYuG3NNyVXGhx-iud1_7Xcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4556527457506293974

0
239 B

16ms
16ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4556527457506293974
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 16 Nov 2022 02:06:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4556527457506293974
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 52BD
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Hjq0uzrsReO2X1URMYWBKg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Hjq0uzrsReO2X1URMYWBKg

43 B
479 B

44ms
44ms

Image
image/gif

52.94.223.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Hjq0uzrsReO2X1URMYWBKg

Protocol

HTTP/1.1

Server

52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:13 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QZXBA4SD4NNV8WRZR7WF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Hjq0uzrsReO2X1URMYWBKg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52BD
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDU0NDQ4OTBiMGI4NTVmMjMxZTRjZTRhNzkwNmM2ZDU1N2FjYWM0NQ

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDU0NDQ4OTBiMGI4NTVmMjMxZTRjZTRhNzkwNmM2ZDU1N2FjYWM0NQ

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDU0NDQ4OTBiMGI4NTVmMjMxZTRjZTRhNzkwNmM2ZDU1N2FjYWM0NQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 52BD
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAJ057C2-16-BYJT

0
143 B

191ms
191ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAJ057C2-16-BYJT
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:13 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 8C01E00EFB0A457D97BCB3FDF8904E1A Ref B: FRAEDGE2021 Ref C: 2022-11-16T02:06:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtjOrEAQEsZYHOqduy+w==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAJ057C2-16-BYJT
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 52BD 70 B
264 B 41ms
40ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 16 Nov 2022 02:06:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 52BD
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PgL5gG3xSguuA8f3cZuW5Q&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PgL5gG3xSguuA8f3cZuW5Q

43 B
479 B

110ms
109ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PgL5gG3xSguuA8f3cZuW5Q

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:13 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H3M286X276537TGR7TTY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PgL5gG3xSguuA8f3cZuW5Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
430 B 288ms
280ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a7bb8f018a562b2b53b1fee9d9bdc1f3b54201b3b4147ffc2b0589e91f99db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: public
date: Wed, 16 Nov 2022 02:06:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 76acaa851fa69158-FRA
expires: Wed, 16 Nov 2022 03:06:13 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 156ms
147ms Script
application/x-javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=11be8bd308c43595c937af246d10%7C0&acc=46575&tit=P%25E1gina%2520inicial%2520-%2520Notisul&url=https%253A%2F%2Fcontrole.notisul.com.br%2F&upd=1&new=1&h1=
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76acaa86fa079158-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=76211278600
https://sync2.navdmp.com/sync?prtid=2&id=76211278600&google_gid=CAESEJtbyA211hpE-nu-z76HS28&google_cver=1

6 B
57 B

216ms
207ms

Script
application/javascript

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=76211278600&google_gid=CAESEJtbyA211hpE-nu-z76HS28&google_cver=1
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76acaa87bace9158-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Wed, 16 Nov 2022 02:06:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=76211278600&google_gid=CAESEJtbyA211hpE-nu-z76HS28&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=1a0d6374-4595-4c00-b825-52266f04a9c9

43 B
152 B

162ms
153ms

Image
image/gif

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=1a0d6374-4595-4c00-b825-52266f04a9c9
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:14 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 76acaa890c5a9158-FRA
content-length: 43
content-type: image/gif

Redirect headers

Date: Wed, 16 Nov 2022 02:06:13 GMT
Server: MT3 4629 97bee97 master hkg-pixel-x21 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://sync.navdmp.com/sync?img=1&mdia=1a0d6374-4595-4c00-b825-52266f04a9c9
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 16 Nov 2022 02:06:12 GMT

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
123 B 171ms
42ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:13 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 3F89 46 KB
17 KB 46ms
20ms Document
text/html 2600:9000:2251:e600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84449
content-encoding: gzip
content-type: text/html
date: Tue, 15 Nov 2022 02:38:44 GMT
etag: W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified: Wed, 06 Apr 2022 12:25:53 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-id: mxy9w72a10lJ-GL14625VAnowWa5atIyirvSOsHOYd0sKzjqww6H8Q==
x-amz-cf-pop: FRA60-P3
x-amz-version-id: dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache: Hit from cloudfront

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 3F89 224 B
978 B 166ms
166ms XHR
application/json 2600:9000:223e:1200:3:748e:7940:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:1200:3:748e:7940:93a1 -, , ASN (),

Reverse DNS

Software

Resource Hash

a28262a319628033bd722825f0ad04c07a80fe0ef587931f56ccfe05f9a3a5d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Nov 2022 02:06:14 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P4
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-length: 224
x-xss-protection: 0
referrer-policy: no-referrer
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
x-download-options: noopen
access-control-allow-credentials: true
x-amz-cf-id: Qgx1XCnxuYVPSSAoDseF87LZZ0B096BJBMtfx8tkZ22uPEBjk5tglw==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 231ms
165ms Preflight 2600:9000:223e:1200:3:748e:7940:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:1200:3:748e:7940:93a1 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cdn1.avantisvideo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://cdn1.avantisvideo.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Wed, 16 Nov 2022 02:06:14 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
x-amz-cf-id: MCrki_ff6OQVhpT3cRno4RRk6p_Wftfr1yX7h48q8Y0nR5b5vCXXOQ==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 03D8 0
742 B 16ms
16ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:14 GMT
AN-X-Request-Uuid: 7494cce1-137a-4fc3-91d5-bd57c7fe4c29
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C445 0
742 B 16ms
15ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:14 GMT
AN-X-Request-Uuid: 4d8f74d7-61d2-4527-b77f-8d1c35daba78
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 av-aniview-cr.js Show response
cdn.avantisvideo.com/js/ 295 B
687 B 16ms
16ms Script
application/javascript 2600:9000:2251:e600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/av-aniview-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 443989495232e4f37b7b5c4f4f2e22549bd5dc7574090de86c8c665a6ad4f47c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 0vYm7AEt5IWckwrswM_pTDEhGTBlfc3d
date: Wed, 16 Nov 2022 00:27:39 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jun 2022 15:39:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 25949
etag: "ad22fdd5955801eeadd61ccf125e1307"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 295
x-amz-cf-id: c84pIROpBKoncxnZekLu-kyJ0otzPm0kOU16-5SfRifYMP9Z6Eti3w==

GET
H/1.1 200
OK spt Show response
tg1.aniview.com/api/adserver/ 19 KB
6 KB 185ms
117ms Script
text/javascript 2a02:26f0:3500:595::2c79

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62a857f75859da7261378916&AV_PUBLISHERID=5e6a51c868076262c752a076
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/av-aniview-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf89538cf9bade56fd7e7f5985f53ec530e93237348c07e633038eb141085fec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 02:06:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 5628
Expires: Wed, 16 Nov 2022 02:11:14 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 185ms
185ms Ping
text/plain 35.164.155.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.155.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-155-120.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 16 Nov 2022 02:06:14 GMT

GET
H2 200 player.js Show response
player.aniview.com/script/6.1/ 28 KB
10 KB 142ms
23ms Script
application/javascript 2a02:26f0:3500:58c::2c79

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/player.js
Requested by: Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62a857f75859da7261378916&AV_PUBLISHERID=5e6a51c868076262c752a076
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 9773cc0ff4f8a98729d9a2292b70da60cf02ba794b2f11e347a11e3ea5ebf113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:14 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvOTUBf1qEiS-neeh3Br-IjH3VB3ECKBKJNm9ikhWT-X5c0Phtve_xARlWkN1zs6BkQ5bDi31fnDODWLZYaXf-xcw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9914
last-modified: Sun, 13 Nov 2022 08:40:26 GMT
server: UploadServer
etag: "a106fe1c9bc4bb6e8d544cd0347cea3e"
vary: Accept-Encoding
x-goog-generation: 1668328825884380
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=rD04bQ==, md5=oQb+HJvEu26NVEzQNHzqPg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 9914
accept-ranges: bytes
expires: Wed, 16 Nov 2022 02:16:14 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 334ms
104ms Image
text/plain 44.207.237.92

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5e6a51c868076262c752a076&cid=62b1a9bcbda48d53592ba06c&cb=1668564374502&r=controle.notisul.com.br&stagid=62a857f75859da7261378916&stplid=62a84470408dc21ef17867f6&d35=&d65=&e=playerLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.237.92 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame B94F 396 KB
113 KB 23ms
23ms Script
application/javascript 2a02:26f0:3500:58c::2c79

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: b5df54a65fdfe8ff900463bbf8891ab0cfe34e42cf17e5861c880862fe3e7554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:14 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtiUGxRqfbvzkwEeKecxwLChvKCC89aal0erOPg7_kzPkp8jloOCYxBaCm55ZftA0MuIZgRFIr8GLqyIXCyOMOpZw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 114664
last-modified: Sun, 13 Nov 2022 08:40:25 GMT
server: UploadServer
etag: "32434793d6da84e4666c6230c82b97a7"
vary: Accept-Encoding
x-goog-generation: 1668328825650866
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Ru+38Q==, md5=MkNHk9bahORmbGIwyCuXpw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 114664
accept-ranges: bytes
expires: Wed, 16 Nov 2022 02:16:14 GMT

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 18 KB
4 KB 378ms
148ms XHR
application/json 50.17.121.98

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_TAGID=62a857f75859da7261378916&AV_PUBLISHERID=5e6a51c868076262c752a076&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fcontrole.notisul.com.br%2F&AV_CHANNELID=62b1a9bcbda48d53592ba06c&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=controle.notisul.com.br&AV_DADPOS=1&AV_PLACEMENT=5&AV_TAG=62a857f75859da7261378916&AV_TEMPLATE=62a84470408dc21ef17867f6&d36=6.2.62&responsive=1&sver=3&avtoken=374806&omv=1.0.1&clsid=ba3551f3-c62d-4492-809c-0db4dbfb4298&rando=20&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1668564374809&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.121.98 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1ca167259710ba571862793c6536c2e4f4b9ebdc95fbded4b483143ee2a5fbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://controle.notisul.com.br
cache-control: no-cache
access-control-allow-credentials: true
expires: Fri, 04 Nov 2022 12:19:35 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 105ms
104ms Image
text/plain 44.207.237.92

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=controle.notisul.com.br&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.2.62&apppkg=&fv=1&proto=https&clsid=ba3551f3-c62d-4492-809c-0db4dbfb4298&rando=20&pid=5e6a51c868076262c752a076&cid=62b1a9bcbda48d53592ba06c&stagid=62a857f75859da7261378916&stplid=62a84470408dc21ef17867f6&e=inventory&vi=100&cb=1668564374808
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.237.92 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame 00C3 0
0 106ms
26ms Document
text/plain 3.126.56.137

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 -, , ASN (),

Reverse DNS

Software

ATS/9.1.10.25 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Wed, 16 Nov 2022 02:06:15 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET services
sync.technoratimedia.com/ Frame 4E8E 0
0

GET

cookiesyncendpoint
sync.aniview.com/ Frame 3DE6
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26bid...
https://sync.aniview.com/cookiesyncendpoint?auid=1668564375096-959030016586-006362-011-005385&biddername=200&key=OPTOUT

0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5B28 15 KB
6 KB 105ms
23ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=17575
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 16 Nov 2022 02:06:15 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 16 Nov 2022 06:59:10 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H2 204 /
csync.loopme.me/ Frame 6122 0
0 149ms
25ms Document
text/plain 35.214.223.115

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?pubid=&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.223.115 -, , ASN (),
Reverse DNS
Software: _ /
Resource Hash

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Wed, 16 Nov 2022 02:06:15 GMT
server: _

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 88B5 0
0 144ms
24ms Document
text/plain 216.52.2.30

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D18%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
date: Wed, 16 Nov 2022 02:06:15 GMT
pod: X-Sovrn-Pod: ad_ap6ams1

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 8451 43 B
304 B 93ms
27ms Document
text/html 34.98.64.218

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D23%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-length: 56
content-type: text/html
date: Wed, 16 Nov 2022 02:06:15 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET rtset
bh.contextweb.com/bh/ Frame 01AF 0
0

GET
H2 204 /
onetag-sys.com/usync/ Frame EFDF 0
0 19ms
17ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET sync
vid.vidoomy.com/ Frame 2E08 0
0

GET
H2 400 sync
t.adx.opera.com/pub/ Frame 12BC 0
414 B 132ms
22ms Document
text/plain 82.145.213.8

General

Check archive.org

Show headers Download Go to

Full URL: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Referer: https://controle.notisul.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 16 Nov 2022 02:06:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Tengine

GET

cookiesyncendpoint
sync.aniview.com/ Frame 17D7
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D105%26pid%3D59c9148...
https://sync.aniview.com/cookiesyncendpoint?auid=1668564375096-959030016586-006362-011-005385&biddername=105&pid=59c9148628a0612da3689288&key=48acbb0d-f4c0-45e6-a153-0f9d3f7b9aca&gdpr=1&gdpr_consen...

0
0

GET /
ssc-cms.33across.com/ps/ Frame C866 0
0

GET
H2 200 avpb7.12.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame B94F 174 KB
55 KB 42ms
22ms Script
application/javascript 2a02:26f0:3500:58c::2c79

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:15 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvQAdwF8xUR_SFHX-dkFTe77jbsjt3JqC6bftUYZWSr9q5IqCNDFkXZeSmoa6lbQnEHeaznZI89Q5FO-eHl0RDMTA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 55951
last-modified: Sun, 13 Nov 2022 08:40:26 GMT
server: UploadServer
etag: "64277adaaa95e34991ac3740d0723028"
vary: Accept-Encoding
x-goog-generation: 1668328826168967
x-goog-hash: crc32c=EtQQqg==, md5=ZCd62qqV40mRrDdA0HIwKA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 55951
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 16 Nov 2022 02:16:15 GMT

GET
H2 200 avpb7.12.0a0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame B94F 70 KB
24 KB 43ms
23ms Script
application/javascript 2a02:26f0:3500:58c::2c79

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:15 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycds547VwyvaFL2nRoWRAQA3NJsr70vDHCXIrXigkUZBfX_Et9TaeolZzVQkekZrOJibhrqnI-t2w9aaA8OQ75q5ZleUoFfld
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 23786
last-modified: Sun, 13 Nov 2022 08:40:26 GMT
server: UploadServer
etag: "404152e7dd0b65048cd0f942cebce292"
vary: Accept-Encoding
x-goog-generation: 1668328826348347
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=QrcLJw==, md5=QEFS590LZQSM0PlCzrzikg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 23786
accept-ranges: bytes
expires: Wed, 16 Nov 2022 02:16:15 GMT

GET
H2 200 avpb7.12.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame B94F 62 KB
21 KB 42ms
22ms Script
application/javascript 2a02:26f0:3500:58c::2c79

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:15 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu8nX4h2GskdOA8RO9C1bzajbVKNifYxkaVmSl_wVv1dVjvvd_UC6JG6XX9Qn2e4v8by0e0z1AJjG3ojesd6AY2fQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20450
last-modified: Sun, 13 Nov 2022 08:40:26 GMT
server: UploadServer
etag: "956e4ddf1c4b98a968dc39bf4c315de9"
vary: Accept-Encoding
x-goog-generation: 1668328826336213
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=TysHuA==, md5=lW5N3xxLmKlo3Dm/TDFd6Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 20450
accept-ranges: bytes
expires: Wed, 16 Nov 2022 02:16:15 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
936 B 31ms
17ms Fetch
application/xml 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=24657313&referrer=https%3A%2F%2Fcontrole.notisul.com.br%2F&us_privacy=1---&cbb=8564375231

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:15 GMT
AN-X-Request-Uuid: 0cca5d6e-14e0-40f9-8d4c-105910caa916
Server: nginx/1.21.3
Content-Type: application/xml; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controle.notisul.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
936 B 35ms
22ms Fetch
application/xml 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20946842&referrer=https%3A%2F%2Fcontrole.notisul.com.br%2F&us_privacy=1---&cbb=8564375232

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:15 GMT
AN-X-Request-Uuid: a616a2bc-345a-4eef-88d6-d45a6c8a2f35
Server: nginx/1.21.3
Content-Type: application/xml; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controle.notisul.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ 43 B
145 B 34ms
19ms Image
image/gif 3.75.15.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=1668564375096-959030016586-006362-011-005385&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.75.15.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-15-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 43 B
145 B 24ms
17ms Image
image/gif 3.75.15.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.75.15.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-15-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.notisul.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 02:06:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET PugMaster
image6.pubmatic.com/AdServer/ Frame 5B28 0
0

POST mvo
tag.1rx.io/rmp/227038/0/ 0
0

POST
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 19 B
871 B 22ms
20ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:15 GMT
AN-X-Request-Uuid: 9cf18851-b34c-4b94-b545-842de36f6f54
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controle.notisul.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 19 B
871 B 20ms
19ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.notisul.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 02:06:15 GMT
AN-X-Request-Uuid: 95da0b01-4a8f-4be5-a7be-5ac1243f1880
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controle.notisul.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST auction
prebid-server.rubiconproject.com/openrtb2/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1668564375096-959030016586-006362-011-005385&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D3%26key%3D%5BUSER_ID%5D

Domain: sync.aniview.com
URL: https://sync.aniview.com/cookiesyncendpoint?auid=1668564375096-959030016586-006362-011-005385&biddername=200&key=OPTOUT

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25

Domain: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D

Domain: sync.aniview.com
URL: https://sync.aniview.com/cookiesyncendpoint?auid=1668564375096-959030016586-006362-011-005385&biddername=105&pid=59c9148628a0612da3689288&key=48acbb0d-f4c0-45e6-a153-0f9d3f7b9aca&gdpr=1&gdpr_consent=&us_privacy=

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002egIVcAAM&us_privacy=1---&ru=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D104%26pid%3D59c9148628a0612da3689288%26key%3D33XUSERID33X

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34642224&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=

Domain: tag.1rx.io
URL: https://tag.1rx.io/rmp/227038/0/mvo?z=1r&hbv=7.12,2.1

Domain: prebid-server.rubiconproject.com
URL: https://prebid-server.rubiconproject.com/openrtb2/auction

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.controle.notisul.com.br/	1969-12-31 23:59:59	Name: serverdoID Value: cu1qnjb3u5vov6hhlm568s5u52
controle.notisul.com.br/	1970-01-20 08:12:36	Name: _pbjs_userid_consent_data Value: 3524755945110770
.notisul.com.br/	1970-01-20 17:05:24	Name: _ga Value: GA1.3.1174004212.1668564368
.notisul.com.br/	1970-01-20 07:30:50	Name: _gid Value: GA1.3.1303998916.1668564368
.notisul.com.br/	1970-01-20 07:29:24	Name: _gat_gtag_UA_90417898_1 Value: 1
.notisul.com.br/	1970-01-20 16:51:00	Name: __gpi Value: UID=00000b81c3df82f6:T=1668564368:RT=1668564368:S=ALNI_MZlEk_hGQrNGimHsdTYP0vR8ma1Kg
controle.notisul.com.br/	1970-01-20 07:39:29	Name: denakop_freq Value: {}
.denakop.com/	1970-01-20 17:05:24	Name: uxid Value: pzUL3lO%2BSfKgY3PhewBDKQ%2F0
.rubiconproject.com/	1970-01-20 16:15:00	Name: khaos Value: LAJ057C2-16-BYJT
.rubiconproject.com/	1970-01-20 16:15:00	Name: audit Value: 1\|naVuGyos1qrnqUCABv+HjP+oE/PhLWQEKtLvkckcz9u4dorU8DsKfbhixbEPmw1pNHy4+8wXChxC4j1FWO90+e2C6yAnh5iMabSclL0N2+o=
.doubleclick.net/	1970-01-20 16:51:00	Name: IDE Value: AHWqTUkvWiMMpqIoJnTiFaXJXimHc-tKeKobRMbTsLr29H9ETg2AYV8qPNAKW9bD54Y
.notisul.com.br/	1970-01-20 16:51:00	Name: __gads Value: ID=91ac088660c43abf:T=1668564368:S=ALNI_Ma-doAxPyOPHgJYOHkDUpUuWBcEeQ
.bidswitch.net/	1970-01-20 16:15:00	Name: tuuid Value: b8e71006-ff6c-4fb1-bb4a-981c72be3d29
.bidswitch.net/	1970-01-20 16:15:00	Name: c Value: 1668564370
.bidswitch.net/	1970-01-20 16:15:00	Name: tuuid_lu Value: 1668564370
.3lift.com/	1970-01-20 09:39:00	Name: tluid Value: 748749618644663641367
.quantserve.com/	1970-01-20 09:39:00	Name: d Value: EHQBCQHLJ4EA
.quantserve.com/	1970-01-20 16:59:38	Name: mc Value: 63744592-69890-59523-3a9f6
.360yield.com/	1970-01-20 09:39:00	Name: tuuid Value: 60cdbe02-6ed5-4b87-963c-06f1ea0a7bf4
.360yield.com/	1970-01-20 09:39:00	Name: tuuid_lu Value: 1668564370
.bidswitch.net/	1970-01-20 07:29:24	Name: google_push Value: ASkJ3FYgVNbQwd9nwfyxrnVDo5u6BoxQz_Jd4MizB4lMbjplUY8xHT8lA1IY7tTq7w9IZhRulUkclxXKski6PGRRN4SRwKzjBhQT
sync.srv.stackadapt.com/	1970-01-20 16:15:00	Name: sa-user-id Value: s%3A0-21ae3836-7d5f-4d26-6eb8-1815f9c5656d.toSLK7WSFGJ0uZbpotTmGDFnY4jGGv4LCjtflbCPltY
.srv.stackadapt.com/	1970-01-20 16:15:00	Name: sa-user-id-v2 Value: s%3AIa44Nn1fTSZuuBgV-cVlbcEbDiQ.uhjSGGpTz3GmLLXrqjBM%2Byw%2Fs2Iwgy5%2F4OkKRhdoxA0
.adnxs.com/	1970-01-20 09:39:00	Name: uuid2 Value: 5696324545669809430
.uuidksinc.net/	1970-01-20 16:15:00	Name: jcsuuid Value: lfsbc1mMoM8zJvX7e81U
.w55c.net/	1970-01-20 16:58:12	Name: wfivefivec Value: dJsZZgmN1OV7Oy5
.adform.net/	1970-01-20 08:12:36	Name: C Value: 1
.yieldmo.com/	1970-01-20 16:15:00	Name: yieldmo_id Value: g49a0d80a70a9d609c6d%7C1668564370829%7C0%7C
.de17a.com/	1970-01-20 16:07:48	Name: guid Value: 1.3647884434631201440
.doubleclick.net/	1970-01-20 07:29:27	Name: DSID Value: NO_DATA
.w55c.net/	1970-01-20 08:12:36	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 08:55:48	Name: uid Value: 288416384800543230
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129fZPKzAJc6s0NAtzivCL0g1MLk80SQYAs_roMR4AAAA
.rfihub.com/	1970-01-20 16:51:00	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129fZPKzAJc6s0NAtzivCL0g1MLk80SQ7iNTQzszA1MzE2N7Awt3jFiMK3BAApMc7ePQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjeyMDQ2tzAyMDIxsTA3MzQ2NBPiM9TNzLI0rXKqjE9xtQwBAIa8inglAAAA
.rfihub.com/	1970-01-20 16:51:00	Name: rud Value: H4sIAAAAAAAA_-MSNjeyMDQ2tzAyMDIxsTA3MzQ2NBPiM9TNzLI0rXKqjE9xtQwBAIa8inglAAAA
.yandex.ru/	1970-01-20 17:05:24	Name: yuidss Value: 2804685831668564370
.yandex.ru/	1970-01-20 17:05:24	Name: yandexuid Value: 2804685831668564370
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:15:00	Name: bcookie Value: "v=2&ceae3a87-1f22-4d1d-88dd-e6d403bd4805"
.linkedin.com/	1970-01-20 11:48:36	Name: li_gc Value: MTswOzE2Njg1NjQzNzA7MjswMjF8wuGkLnwCg9YfRKfAVPoetNAJl1oVWamapvYrfoiNfA==
.linkedin.com/	1970-01-20 07:30:50	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2517:u=1:x=1:i=1668564370:t=1668650770:v=2:sig=AQEWW1Jof5YIk04RlGcR9DeDhg5tj_qk"
.zemanta.com/	1970-01-20 16:15:00	Name: zuid Value: 4GPsDGvuvo7h0l0G9jLw
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8534\|Y3RFl
.awin1.com/	1970-01-20 07:39:29	Name: awpv11938 Value: 412871\|1668564371\|3dd6ed60-6553-11ed-89a3-223851067267
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 07:39:32	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1668564371_3dd6ed60-6553-11ed-89a3-223851067267%22%2C%22sp%22%3A%22awin%22%7D
.navdmp.com/	1970-01-20 16:15:21	Name: ac3 Value: 1
.notisul.com.br/	1970-01-20 16:51:00	Name: cto_bundle Value: l78tyF9YZXJ3ZWplbmhSd0JyemN3bmFEaW5maGh3aHY4TEg5aldmSXY3RkhxT2FwQWhjV05lbFRIeUl5UzV1VEQ5SEtqZEl2R1lIc0pIbDUlMkZ2eDhtSHVITUZ2ZnAlMkJDY09pZGE4eDdEMDBQbElYemZZYTZVM0YyOURCR1klMkJQaDlSbyUyRkdD
.notisul.com.br/	1970-01-20 16:51:00	Name: cto_bidid Value: fgXA_l9wZkswUEhldEZ3U0RvcHNWSUMlMkJVb01sWThDM3AzMzNHbktLY3NsSDZPVGloU2ElMkJVcmpCSklpbEp4Mk1KNjlNdUFrbUsxaW9zSXVNcjExM3NnRzlWZGclM0QlM0Q
.yahoo.com/	1970-01-20 16:15:21	Name: A3 Value: d=AQABBJVFdGMCEPpiibqjWLy_gAczMUpipl0FEgEBAQGXdWN-YwAAAAAA_eMAAA&S=AQAAAl_4522Ny6t5DtmPhtS-gws
.navdmp.com/	1970-01-20 17:05:24	Name: nid Value: 11be8bd30820b50532c6a8406b10\|1\|345
.amazon-adsystem.com/	1970-01-20 17:05:24	Name: ad-privacy Value: 0
.notisul.com.br/	1970-01-20 16:15:00	Name: nvg46575 Value: 11be8bd308c43595c937af246d10\|0_321
.amazon-adsystem.com/	1970-01-20 12:56:17	Name: ad-id Value: A9FTxcwJ7koypFo5mFpTTHc
.mathtag.com/	1970-01-20 16:55:19	Name: uuid Value: 1a0d6374-4595-4c00-b825-52266f04a9c9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1668564375096-959030016586-006362-011-005385%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5923f05231f5751b113725d83fb76ee9.safeframe.googlesyndication.com
a.rfihub.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad4m.at
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
an.yandex.ru
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
avm.avantisvideo.com
b1sync.zemanta.com
banner.congstar.de
bh.contextweb.com
c1.adform.net
c2shb.pubgw.yahoo.com
call.cleverwebserver.com
cdn.avantisvideo.com
cdn.navdmp.com
cdn.onesignal.com
cdn.track.production.webgains.team
cdn1.avantisvideo.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
controle.notisul.com.br
cpm.denakop.com
csync.loopme.me
d5p.de17a.com
dsp.adkernel.com
eb2.3lift.com
eus.rubiconproject.com
events1.avantisvideo.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image6.pubmatic.com
match.360yield.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
notisul.com.br
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.rubiconproject.com
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid-us.creativecdn.com
prg.smartadserver.com
prod-rtb.ad4mat.net
px.ads.linkedin.com
rtb.openx.net
rtb2-useast.e-volution.ai
s.amazon-adsystem.com
s.uuidksinc.net
scripts.cleverwebserver.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
static-de.ad4mat.net
static.avantisvideo.com
stats.g.doubleclick.net
sync.aniview.com
sync.go.sonobi.com
sync.navdmp.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync2.navdmp.com
t.adx.opera.com
tag.1rx.io
tag.navdmp.com
tags.denakop.com
tags.premiumads.com.br
tg.socdm.com
tg1.aniview.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
track1.aniview.com
u.openx.net
ui.cleverwebserver.com
ups.analytics.yahoo.com
usr.navdmp.com
vid.vidoomy.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www.tempo.com
x.bidswitch.net
bh.contextweb.com
image6.pubmatic.com
prebid-server.rubiconproject.com
ssc-cms.33across.com
sync.aniview.com
sync.technoratimedia.com
tag.1rx.io
vid.vidoomy.com
124.146.215.44
13.41.138.109
142.250.184.226
142.250.186.134
148.251.139.77
174.137.133.49
176.34.148.95
178.250.0.157
18.159.205.223
18.66.147.44
18.66.147.98
185.184.10.30
185.86.139.59
190.89.239.168
190.89.239.42
193.0.160.129
2.18.233.201
212.82.100.182
213.155.156.184
216.52.2.30
23.205.235.133
23.205.253.64
23.35.236.188
23.35.236.201
2600:1901:0:76b9::
2600:9000:223e:1200:3:748e:7940:93a1
2600:9000:2250:2600:8:9ed9:9c40:93a1
2600:9000:2251:e600:1c:38a0:8a40:93a1
2602:803:c003:200::41
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:e79
2606:4700::6810:bf3
2606:4700::6811:130e
2606:4700::6812:160e
2606:4700::6812:19f6
2606:4700::6812:e134
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c0b::9c
2a02:2638::1c
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:595::2c79
2a02:6b8::90
2a05:d018:d29:3605:8dd0:5d99:1539:a931
3.11.155.214
3.120.90.28
3.126.56.137
3.75.15.124
31.220.27.134
34.253.154.173
34.98.64.218
35.157.246.167
35.164.155.120
35.186.253.211
35.214.223.115
35.71.131.137
37.157.3.30
37.252.171.52
37.252.172.123
44.195.94.142
44.207.237.92
50.17.121.98
51.89.9.253
52.46.151.131
52.94.223.167
64.202.112.31
66.155.71.25
69.166.1.10
69.173.144.138
76.223.111.18
77.245.57.72
78.46.85.162
82.145.213.8
84.200.5.215
00206ea8d7a64b2e4a82cb324ddd7f187ac56c7176f025c42dfb2f3a6de54b34
0132c445af5b52b87b33cb784134f9cdf719da769a94aa8271cfa781b1fb60c5
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
05690f7b69a04a8171cf39119c7bbdc5dbd4530be85cdff4b56f5df1d3db5d2f
0572d3b87cb4f708f93efc2385baf6cacf1e930a1e2141a447932df1dee8ab3b
0693d7fc7aad9bd58ce2ffe91a554690f7f96d4879e44d33be5cdc1adc7810b4
071c23e9405617ff3e019bd638baa0b24e78d7280b7be778a9cb5db4892882c9
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09d1b448f2761aaf81fddcb9b7c084781936e67541485439ab4434593fa30f9d
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0a26ecf0bfc409eb128f277652edbfe7bcf26df39685d08c13aa06752f5d8729
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bed32805b51f622cfceea9fccef37690edfe32a1e964e5b04fc62ac99e33fb7
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01
0f74eda5ca917f0146ec28a71e0602f7a3b9dae063acfeecfe6549bdb165d47a
1078de14de13c6056ea86f4bffb141bced7db929e8d3a6d646d1310ef2d9f584
11d37d3b34be24fa29bd7c060b053845d0ec8a2b093252b243a6974b14ad1731
1314ee41fd2fd296d57a5ebefda335313377019f4aceeacb8529d61360ee47e8
1350d8093d507d77d3da4454ca00d2d0bf279f313c497714124ea0747c021158
13bc95bee4e1c7e98adba1f117c6e6d8275906b36fbe660d950dcc04e0e5f313
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e
262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
2980625ad01cf166c6f33b6b3a19bb3b1eb97f92f0417faa6265893ade0557d1
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32f6cc25116802b52fe895d99da8882aad27ee2993ce7603ae6bf3c20c5e7293
368349d380933af2788944678efbddab8fbb1704c65a860e5813907f67381bf3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b
425479c18872881809013182c01afa71f16bf180b0e99bb10cc880614ba88779
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37
443989495232e4f37b7b5c4f4f2e22549bd5dc7574090de86c8c665a6ad4f47c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
47a7bb8f018a562b2b53b1fee9d9bdc1f3b54201b3b4147ffc2b0589e91f99db
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8a9f91efa071fef1ae36b2178873b6c92e16a7d4a1087468e85609c2e68d85
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
50520b4f1d8da3541facee894169d279721caefb9e340c3ee103196de04e5dfb
53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59671205ce4d2ec4a037ba18847d2e02fddcce3eaed20a6a731161305b24aada
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
5cad8188d0867e66d1d34b614d80b1d63a19e02fdd2bdada57ed5333230117bd
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5dbd69865463b5447c0eb1cab89cf4960d607c0a9fc4a1617b66c6d4ffecd4dd
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bce6fcb6948fbf6fc7a31f9b087cc4c216dd486454deb32b786903b29a9aec9
6e8f163427787ebe81baef46ffb9bcfd8ed5779b49a92bcb8bd544b846a60b1e
729351c1cf9749f0cdc4a7f5167c4e0593a87bcc2f6e95e431b28a8702d70203
72b52854476d616830936b7a8ba4c0bdd2b81da722378f25ad5f4cd23a91ea61
73c5ba44aecd2536f60c1b51cffa23e1a986c9117db0ad04540673b1857b0f79
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
76141ad9154b037fa4d1cd707e805f19eb92a511bcdef1e88c73344dd54b8228
77ea6cd9543ee9fb5f047bda390018d0e7899038ad75daff6009e1418dba77bf
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
84068dc240bc5f59e2550d881316e25d7954d5e2a3747fb91a3ca30a044cc74c
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
84440ae9f8a49cd8e9d5bd08e72f42df812ce95ddde49d5b358070e462da7860
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8669bac76dfad0b29b184e01483f0b03636ae088152e2705e2739c9c5fc47d23
86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8833f7d490882a64e4f53ef446e81ddbf4962073052d526b00a35a92193061b7
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52
890c14f532cceef687542b680e98c3e1c86d50ed78aa11bee6f38874fa13c023
8c21cdf7be2219908a953d92fba153dcc7175f7ee238856bd9954da18b0e05dd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
936a633834201941d4c5cf4a32ccd0f991e882247db927b9bd68776c21eafcf8
94c859d3a92074c4618e4392687b10fd93855d76641ceefb16fc4cc5243fc0dc
9625f2b4bfca25b70aaa98a9048a16e6fc6049fc19e7583fa7db3df65e80c170
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97413a5a8027ce9bbe4e83a4db458516ff78d43be872c71873142c06498df6eb
9773cc0ff4f8a98729d9a2292b70da60cf02ba794b2f11e347a11e3ea5ebf113
99c1c39cf9067e986a9ae0011ae27b8e9d0c3ee2bb49f1fa0a6f01cc44403c0e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cbb670cf417ab9d4a22b9da28548d6ff456c3f2f5187338968edfd0a7ec445a
9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6
9d4e337f874813797b8895464a033859ecab2a195ce3d6768550de8035125a06
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9de2c14cc45cba95e1a4e182eee6f307b6ff7bfd6f854af5200188f695d12904
9e5e010c6d9a1e946993001e7503bbe1cb6fd54b133b4dc8e4c108952fa2ba7c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a28262a319628033bd722825f0ad04c07a80fe0ef587931f56ccfe05f9a3a5d5
a28c38eef6b3c31259aceb6d6bc6c4a72c850052a808fd51a0aa540a48710771
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8bf514d00100097f14d06b124c4107d3825bd0c9467d907ec0630bc96a0cc8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b23e0124a72edccea04fa3cad04a8b98c1d56b85070f4b6aa556557b6f25a93a
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5df54a65fdfe8ff900463bbf8891ab0cfe34e42cf17e5861c880862fe3e7554
b66bd81ddd68c8a8d92e75565702cd63ca7d6af7a26fa44d6707859e64c7d8bf
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b84a9f92c3dc5f6bea4945485ec899a5b5d6fa01967b390c0b60dbfb549c7639
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
ba33741f1b945cfb71d6fe3fb60628af0cb4cce7f464f84c43f5d6457b284272
beb5a92286b9f62be3f83cddca9762104e7e5b548395fc42e97e7af408556e0e
bf473c4b25057def8a517e9e49edebf50fe239c6373237d92b4879c2849974e9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c8da46706141cf58ec3ec42d737a821a9b6092dcdb911f43fcf86c43b0fdbafc
c95103116d2c97168d5f48ed5621a4a35902a78403963d1c791b5470b80b61be
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf89538cf9bade56fd7e7f5985f53ec530e93237348c07e633038eb141085fec
cfe6b6cf418ee93bdc17598567bdb9ae4377a336e500c20a30aed558fe4d8178
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c
d2b354c037b51c9300d20201cdbcfc135a296ae1832b559b387480dbc75668bb
d881f91d620786db06755849ea5cc0a06163e406c1a98c80fd926d892ea27fa2
d8fb0a8634238e7cbda4f0cd610086e27763e803af2039250d64482647a5f010
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0252f49bcf52a3b3509c218f2c0880eaceb1873efe1a5bc7b9a911ffc994082
e20ddcf85ef93d6ce4baec96216bc53a866c79b7920215578b373699834d0302
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e9e4e9c7f0efd249bcc0dd92e8dcea29c12fbcb3c1c400932bde9dbb506054
e54d4ad9e08ac47dccd401ce0ee85aa33b9dfe29a4179a5124bf34a0181a9732
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e8f4ae76e184e925f42d30ce7d3324ee8497ecc00013d2d7455791ed3d5ccd52
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e96d5a53bb7460500de8aa87f8a6af8bb211672506ba8d89bdc92b037bd78fb9
e983c556436a2f029f6e18bc5d281e8b453f0755d8054e409b5bcab0fb41e47e
ea0c62829fc6364d58c03041830660c3f48e1749aefbf912feafe5be2baaa92b
eb6e609ad072fb960afb0d96c7caa1eefd828b8ad01e703f88466e1374b7b698
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f0ece693fae75aee1acb9bb8b41a9205ab304494a793aaa30b20436b2ec33f84
f1ca167259710ba571862793c6536c2e4f4b9ebdc95fbded4b483143ee2a5fbe
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

controle.notisul.com.br Open in urlscan Pro 190.89.239.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

310 Requests

87 %HTTPS

39 %IPv6

69 Domains

110 Subdomains

72 IPs

13 Countries

3620 kBTransfer

8903 kBSize

56 Cookies

79 Outgoing links

Redirected requests

310 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

controle.notisul.com.br Open in urlscan Pro
190.89.239.42 Public Scan

Screenshot
Live screenshot

Full Image

310
Requests

87 %
HTTPS

39 %
IPv6

69
Domains

110
Subdomains

72
IPs

13
Countries

3620 kB
Transfer

8903 kB
Size

56
Cookies

310 HTTP transactions
17 data transactions