urlscan.io logo urlscan.io
SecurityTrails logo

www.catolicoorante.com.br Open in urlscan Pro
160.153.94.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.catolicoorante.com.br/
Effective URL: https://www.catolicoorante.com.br/
Submission: On December 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 11 countries across 63 domains to perform 389 HTTP transactions. The main IP is 160.153.94.137, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.catolicoorante.com.br.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 6th 2023. Valid for: a year.
This is the only time www.catolicoorante.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 160.153.94.137 398101 (GO-DADDY-...)
7 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
24 141.94.202.176 16276 (OVH)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:212... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.35.167 13335 (CLOUDFLAR...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
2 18.245.143.58 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
2 8 2a02:2638:3::c 44788 (ASN-CRITE...)
3 108.138.1.25 16509 (AMAZON-02)
3 162.19.138.83 16276 (OVH)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 54.194.196.88 16509 (AMAZON-02)
1 162.19.138.116 16276 (OVH)
1 3.75.62.37 16509 (AMAZON-02)
2 172.67.68.162 13335 (CLOUDFLAR...)
2 5 172.64.151.101 13335 (CLOUDFLAR...)
1 147.75.84.158 54825 (PACKET)
2 7 37.252.173.215 29990 (ASN-APPNEX)
2 37.157.2.229 198622 (ADFORM)
1 54.93.152.216 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2607:4f00:932::2 55081 (24SHELLS)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
2 216.52.2.91 32475 (SINGLEHOP...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
9 34.98.64.218 396982 (GOOGLE-CL...)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 3.160.196.77 16509 (AMAZON-02)
1 65.9.93.173 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
4 23.57.19.78 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
45 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 157.90.0.13 24940 (HETZNER-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
3 12 216.58.206.38 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
11 12 142.250.184.226 15169 (GOOGLE)
2 104.18.36.155 13335 (CLOUDFLAR...)
6 2.19.217.101 16625 (AKAMAI-AS)
4 159.89.25.223 14061 (DIGITALOC...)
12 78.46.23.46 24940 (HETZNER-AS)
1 4 138.201.63.150 24940 (HETZNER-AS)
1 5 138.201.84.245 24940 (HETZNER-AS)
3 138.201.63.145 24940 (HETZNER-AS)
9 91.121.248.44 16276 (OVH)
3 2a0b:4d07:101::1 44239 (PROINITY ...)
3 92.123.148.9 16625 (AKAMAI-AS)
3 35.178.224.52 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 143.204.176.108 16509 (AMAZON-02)
3 65.9.95.76 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.1.108 54113 (FASTLY)
1 1 2.18.160.23 16625 (AKAMAI-AS)
1 185.83.71.234 55081 (24SHELLS)
1 76.223.111.18 16509 (AMAZON-02)
2 2.19.217.60 16625 (AKAMAI-AS)
2 172.64.149.180 13335 (CLOUDFLAR...)
6 3.10.29.13 16509 (AMAZON-02)
1 69.173.144.165 26667 (RUBICONPR...)
3 3 34.197.138.42 14618 (AMAZON-AES)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
6 52.223.40.198 16509 (AMAZON-02)
1 2 52.46.128.147 16509 (AMAZON-02)
1 64.95.96.108 32475 (SINGLEHOP...)
1 3.69.41.2 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 2607:ae80:4::25 26558 (FREEWHEEL)
1 18.165.183.22 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 15.197.133.55 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 172.217.18.2 15169 (GOOGLE)
3 3 3.120.25.220 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 142.250.184.194 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 44.213.166.60 14618 (AMAZON-AES)
389 97
18    160.153.94.137 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 137.94.153.160.host.secureserver.net
www.catolicoorante.com.br
7    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
24    141.94.202.176 (France)

ASN16276 (OVH, FR)
PTR: ns31491888.ip-141-94-202.eu
amer.hhkld.com
cdn2.viads.net
hhkld.com
rtb.hhkld.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:9000:2127:ea00:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
connectid.analytics.yahoo.com
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    18.245.143.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-143-58.lhr5.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:1000:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
8    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    54.194.196.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-196-88.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    172.67.68.162 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
5    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
7    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
cm.adform.net
1    54.93.152.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-152-216.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
proc.ad.cpe.dotomi.com
1    2607:4f00:932::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
9    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
setupad-d.openx.net
google-bidout-d.openx.net
us-u.openx.net
u.openx.net
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
1    2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    3.160.196.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-196-77.mrs52.r.cloudfront.net
config.aps.amazon-adsystem.com
1    65.9.93.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-93-173.prg50.r.cloudfront.net
aax.amazon-adsystem.com
9    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    23.57.19.78 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-19-78.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
2    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
45    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
1    157.90.0.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.0.90.157.clients.your-server.de
s.richaudience.com
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
11    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
26    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
12    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f6.1e100.net
ad.doubleclick.net
5994599.fls.doubleclick.net
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
12    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
2    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
6    2.19.217.101 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com
sync.teads.tv
4    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
12    78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de
hal9000.redintelligence.net
4    138.201.63.150 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de
hal90008.redintelligence.net
5    138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de
hal900025.redintelligence.net
3    138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal900010.redintelligence.net
9    91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu
pv.medialead.de
3    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
3    92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com
www.awin1.com
3    35.178.224.52 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-224-52.eu-west-2.compute.amazonaws.com
track.webgains.com
6    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    143.204.176.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-176-108.lhr50.r.cloudfront.net
analytics.webgains.io
3    65.9.95.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-76.prg50.r.cloudfront.net
cdn.track.production.webgains.team
7    2607:f8b0:4008:806::2003 (Plant City, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
1    185.83.71.234 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
6    3.10.29.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
api.webgains.io
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    34.197.138.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-138-42.compute-1.amazonaws.com
i.liadm.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2600:1f18:ed:550f:4485:60d2:df0:ecb9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
6    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    3.69.41.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-41-2.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a05:d018:d29:3601:c84a:f3f:c1a8:24dc (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2607:ae80:4::25 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    18.165.183.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-22.zrh55.r.cloudfront.net
choices.trustarc.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:10::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r5---sn-4g5lznes.c.2mdn.net
1    15.197.133.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4b61a47cf5978487.awsglobalaccelerator.com
de2-bid.adsrvr.org
1    2600:9000:223c:a400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
googleads4.g.doubleclick.net
3    3.120.25.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-25-220.eu-central-1.compute.amazonaws.com
red.vtracy.de
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
ade.googlesyndication.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    44.213.166.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-166-60.compute-1.amazonaws.com
choices-or.trustarc.com
Apex Domain
Subdomains		 Transfer
79 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
ade.googlesyndication.com — Cisco Umbrella Rank: 293
558 KB
52 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
pubads.g.doubleclick.net — Cisco Umbrella Rank: 414
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 139
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
352 KB
24 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 37721
hal90008.redintelligence.net — Cisco Umbrella Rank: 251183
hal900025.redintelligence.net — Cisco Umbrella Rank: 263088
hal900010.redintelligence.net — Cisco Umbrella Rank: 243345
164 KB
23 hhkld.com
amer.hhkld.com — Cisco Umbrella Rank: 97475
hhkld.com — Cisco Umbrella Rank: 13775
rtb.hhkld.com — Cisco Umbrella Rank: 135415
511 KB
18 catolicoorante.com.br
www.catolicoorante.com.br
607 KB
16 gstatic.com
csi.gstatic.com Failed
www.gstatic.com
fonts.gstatic.com
105 KB
14 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 487
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 MB
11 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
setupad-d.openx.net — Cisco Umbrella Rank: 58986
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
us-u.openx.net — Cisco Umbrella Rank: 491
u.openx.net — Cisco Umbrella Rank: 672
2 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
bidder.criteo.com — Cisco Umbrella Rank: 776
mug.criteo.com — Cisco Umbrella Rank: 2811
dis.criteo.com — Cisco Umbrella Rank: 550
20 KB
9 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 24395
api.webgains.io — Cisco Umbrella Rank: 59842
56 KB
9 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47317
3 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 610
22 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
insight.adsrvr.org — Cisco Umbrella Rank: 557
de2-bid.adsrvr.org — Cisco Umbrella Rank: 13814
26 KB
7 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
4 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
76 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
545 KB
6 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
978 B
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
319 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
68 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
i6.liadm.com — Cisco Umbrella Rank: 2358
2 KB
4 setupad.com
node.setupad.com — Cisco Umbrella Rank: 47970
961 B
4 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 93
2 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r5---sn-4g5lznes.c.2mdn.net
55 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042
106 KB
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
16 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
24 KB
3 vtracy.de
red.vtracy.de — Cisco Umbrella Rank: 113854
2 KB
3 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264
7 KB
3 webgains.com
track.webgains.com — Cisco Umbrella Rank: 49821
5 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13930
2 KB
3 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 128498
3 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1673
a.ad.gt — Cisco Umbrella Rank: 1869
4 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
mp.4dex.io — Cisco Umbrella Rank: 2346
25 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
72 KB
3 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4156
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
10 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
5 KB
2 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 875
choices-or.trustarc.com — Cisco Umbrella Rank: 3869
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1640
2 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
511 B
2 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 4825
sync.adtelligent.com — Cisco Umbrella Rank: 6860
2 KB
2 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3862
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2813
691 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com — Cisco Umbrella Rank: 372
738 B
2 adform.net
adx.adform.net — Cisco Umbrella Rank: 4544
cm.adform.net — Cisco Umbrella Rank: 1211
645 B
2 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 41482
1 KB
2 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7367
2 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
315 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
63 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
638 B
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1795
580 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
653 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
146 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
283 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1215
414 B
1 richaudience.com
s.richaudience.com — Cisco Umbrella Rank: 21128
371 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1790
10 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
362 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
285 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
5 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 viads.net
cdn2.viads.net — Cisco Umbrella Rank: 101181
95 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
2 KB
1 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 40156
131 KB
389 63
Domain Requested by
45 pagead2.googlesyndication.com imasdk.googleapis.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.catolicoorante.com.br
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.googletagservices.com
26 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.catolicoorante.com.br
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
20 hhkld.com cdn2.viads.net
cdnjs.cloudflare.com
18 www.catolicoorante.com.br 1 redirects www.catolicoorante.com.br
12 hal9000.redintelligence.net e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
hal90008.redintelligence.net
hal900025.redintelligence.net
hal900010.redintelligence.net
12 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
12 googleads.g.doubleclick.net e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
pagead2.googlesyndication.com
11 pubads.g.doubleclick.net imasdk.googleapis.com
9 pv.medialead.de hal90008.redintelligence.net
hal900025.redintelligence.net
hal900010.redintelligence.net
9 imasdk.googleapis.com cdn2.viads.net
imasdk.googleapis.com
7 csi.gstatic.com imasdk.googleapis.com
7 ib.adnxs.com 2 redirects stpd.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
7 www.googletagmanager.com www.catolicoorante.com.br
adv.office-partner.de
www.googletagmanager.com
6 api.webgains.io analytics.webgains.io
6 fonts.gstatic.com fonts.googleapis.com
6 5994599.fls.doubleclick.net 3 redirects e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
6 sync.teads.tv googleads.g.doubleclick.net
6 us-u.openx.net googleads.g.doubleclick.net
6 ad.doubleclick.net www.catolicoorante.com.br
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
imasdk.googleapis.com
6 e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 gum.criteo.com 2 redirects stpd.cloud
static.criteo.net
5 hal900025.redintelligence.net 1 redirects e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
hal900025.redintelligence.net
5 fonts.googleapis.com e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
www.catolicoorante.com.br
hal90008.redintelligence.net
hal900025.redintelligence.net
hal900010.redintelligence.net
5 www.googletagservices.com e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
www.catolicoorante.com.br
4 insight.adsrvr.org imasdk.googleapis.com
4 hal90008.redintelligence.net 1 redirects e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
hal90008.redintelligence.net
4 node.setupad.com stpd.cloud
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 secure.cdn.fastclick.net www.catolicoorante.com.br
secure.cdn.fastclick.net
4 securepubads.g.doubleclick.net www.catolicoorante.com.br
securepubads.g.doubleclick.net
3 red.vtracy.de 3 redirects
3 i.liadm.com 3 redirects
3 cdn.track.production.webgains.team e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
track.webgains.com
3 analytics.webgains.io track.webgains.com
3 adservice.google.com 5994599.fls.doubleclick.net
3 track.webgains.com e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
3 www.awin1.com hal90008.redintelligence.net
hal900025.redintelligence.net
hal900010.redintelligence.net
3 adv.office-partner.de hal90008.redintelligence.net
hal900025.redintelligence.net
hal900010.redintelligence.net
3 hal900010.redintelligence.net hal9000.redintelligence.net
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
hal900010.redintelligence.net
3 www.gstatic.com www.catolicoorante.com.br
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
3 id5-sync.com stpd.cloud
cdn.id5-sync.com
3 c.amazon-adsystem.com stpd.cloud
c.amazon-adsystem.com
3 static.criteo.net securepubads.g.doubleclick.net
stpd.cloud
static.criteo.net
3 cdn.jsdelivr.net www.catolicoorante.com.br
securepubads.g.doubleclick.net
stpd.cloud
2 ade.googlesyndication.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 match.adsrvr.org ssum-sec.casalemedia.com
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 eus.rubiconproject.com stpd.cloud
eus.rubiconproject.com
2 s0.2mdn.net imasdk.googleapis.com
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
2 id.hadron.ad.gt cdn.hadronid.net
2 mug.criteo.com www.catolicoorante.com.br
2 ap.lijit.com stpd.cloud
2 prebid-stag.setupad.net stpd.cloud
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 oajs.openx.net 1 redirects www.catolicoorante.com.br
2 script.4dex.io stpd.cloud
script.4dex.io
2 tags.crwdcntrl.net securepubads.g.doubleclick.net
www.catolicoorante.com.br
2 cdn.id5-sync.com securepubads.g.doubleclick.net
www.catolicoorante.com.br
2 region1.google-analytics.com www.googletagmanager.com
2 amer.hhkld.com www.catolicoorante.com.br
amer.hhkld.com
1 choices-or.trustarc.com imasdk.googleapis.com
1 cdnjs.cloudflare.com cdn2.viads.net
1 dsp.adfarm1.adition.com 1 redirects
1 googleads4.g.doubleclick.net
1 secure-gl.imrworldwide.com
1 de2-bid.adsrvr.org
1 r5---sn-4g5lznes.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 choices.trustarc.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 x.bidswitch.net ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 i6.liadm.com ssum-sec.casalemedia.com
1 dis.criteo.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 js-sec.indexww.com stpd.cloud
1 eb2.3lift.com stpd.cloud
1 u.openx.net stpd.cloud
1 cm.adform.net stpd.cloud
1 sync.adtelligent.com stpd.cloud
1 hbx.media.net 1 redirects
1 acdn.adnxs.com stpd.cloud
1 rtb.hhkld.com imasdk.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 a.ad.gt cdn.hadronid.net
1 s.richaudience.com imasdk.googleapis.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 cdn.hadronid.net www.catolicoorante.com.br
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 fastlane.rubiconproject.com stpd.cloud
1 prebid-eu.creativecdn.com stpd.cloud
1 setupad-d.openx.net stpd.cloud
1 mp.4dex.io stpd.cloud
1 bidder.criteo.com stpd.cloud
1 ghb.adtelligent.com stpd.cloud
1 web.hb.ad.cpe.dotomi.com stpd.cloud
1 tlx.3lift.com stpd.cloud
1 adx.adform.net stpd.cloud
1 prebid.a-mo.net stpd.cloud
1 htlb.casalemedia.com stpd.cloud
1 ups.analytics.yahoo.com connectid.analytics.yahoo.com
1 lb.eu-1-id5-sync.com stpd.cloud
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 cdn2.viads.net amer.hhkld.com
1 www.facebook.com www.catolicoorante.com.br
1 stpd.cloud www.catolicoorante.com.br
389 115
Subject Issuer Validity Valid
catolicoorante.com.br
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-06-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
stpd.cloud
E1		 2023-10-18 -
2024-01-16		 3 months crt.sh
hhkld.com
R3		 2023-10-22 -
2024-01-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-14 -
2023-12-13		 3 months crt.sh
cdn2.viads.net
R3		 2023-10-18 -
2024-01-16		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-28 -
2024-02-26		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
node.setupad.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
pv.medialead.de
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
adv.office-partner.de
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-14		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh

This page contains 61 frames:

Primary Page: https://www.catolicoorante.com.br/
Frame ID: 50C649FBA698F3E68AE948D788798441
Requests: 122 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FCatolicoOrante&send=false&layout=standard&width=450&show_faces=true&action=like&colorscheme=light&font=tahoma&height=80&appId=309775235785366
Frame ID: 3ACEF241FD6A827E1E40E2CD13505A2F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.catolicoorante.com.br
Frame ID: 4AED1A9CCD6E74EFED57330AB81C38F4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Frame ID: 17B271C873F89954B0CEF731E131E5CB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D1BA5FF85A835A5CAA203ED615B026EB
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: FB82AE641199082C3065AC0F5355F640
Requests: 1 HTTP requests in this frame

Frame: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F1A0EDED4AE27FED6F12F124F99C4EC2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Frame ID: 5838F5230344CBAACC1DA9705A185B96
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 17B63E89395D405D8C1AB205BB0F3901
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9AAD2BB5752D6E80C643498D9D0413B2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F3115F3253BB733B7780CC8BF500A97
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.catolicoorante.com.br
Frame ID: 8757E23A9FAA1B682FD6E7B7846C4BDC
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Frame ID: AD6324260AD53BC8799596F10575B2F5
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E29635AED9495FBA8AC8617512927705
Requests: 1 HTTP requests in this frame

Frame: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1DCD61C1A94F06E136D93428DBD5A599
Requests: 13 HTTP requests in this frame

Frame: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8AD6AAFFFA0403A54E412053E9C0BD61
Requests: 5 HTTP requests in this frame

Frame: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3BB125324FF5D9862DE67D60E6ADDD1F
Requests: 22 HTTP requests in this frame

Frame: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F355088EDD0D2DB5F703013A955F24C8
Requests: 23 HTTP requests in this frame

Frame: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 12D03B2E9DA58BCA4C2748676D070348
Requests: 22 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Frame ID: 5EBED1FAB352454C8FE4E797263222E4
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 61EF6E23A2F00CE606EEE82FE0D4A0C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhiWv5D6ATAB&v=APEucNWEq80pc9GFqUwmTWHyLACaKvnmYCDioUJluSkPyGr_8YrlzVMWlO05pWN3z0itFZKlGd77xTO_7rbp1zTYa10wRrQ8UUCPDhAEqynJmQXHGKk8jMfWmpSviwfejwYhUHCgyLtruWSUDOxzYIT9meTqkEch23q1cq6Uk4rEHKhHSEvPn4ndjDMl6ifA_h41vBhiikkQa0SLShD6MiZB-UUJkJo7IQ
Frame ID: 14060ECB69A91770C5C69D45B594AC13
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DAB289631FEEC66099FE894864CDAB26
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWrEWotNImoc38ZCGPBNxULO1jrE2cQmKDndmKLC2oWxvkLwYaexn-zY2jukGmDQTGmXLl0BOw_rVAEtlCTl4Y4TBNmjEQnaA8lPaoQILUxF8pk0FBmA-ckYsgUJA92Q4rJjcgnB3u6sP3EufHwOemLoObwiglYeXQKytbgLElKF5LYC2DW98Ywzq1Hr9YckTw-V5pwxgDh47O8hofWlmRnZv0yuw
Frame ID: 2273BC98B84394DA95CC23C17243F613
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWb6toEaFLM23AXi7zrdYvVPSSjpktvhPKS0UfjfDP6xACeMe7YWoJ2COIZjghBof_usx9NYyCL2Dt60lFJmBWMNfYq5jJxpk8HSS0-Ly29gWYxfOvYp1YRsRbizoXnNbL_RcLLmWFDOceIZrmarVzta315RgB_p_Q-rT4PkX-UREdrkdGKYXHqqsiZSWAn0ZMqQ5KFpq4Yun-BaNZXQ1hUOEb5Kw
Frame ID: 37E5A039609F4ABFEF3D229E580EBB50
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVHhYRyOCLwgJmOn2B52MEiXXTmZYZx1MxV6aXQHnQxIQlEhu4wFbTh9sK5pC8cP2an8nU4F9FD7tWL4tpNs_7KEglJsblVBb7R6o2qGIfoZrzce24wATxGuaqsqkdJv-S0AlSMha8RG3zcBNueqUuLIJDa4Xqi940D2i3IHbf_KAMgYC34Jpin_Oi4-RJl9w8lSMBM_xblzs7D4JDXOcM-YhFfCA
Frame ID: 803A9205F2641CF540B425473E8AECDB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 31131EA1C0106370E928D2D59493243E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: EB624FF4FE194A174A82BFE78D9C42CB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4264432D06EB6965420F12491A84BA74
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Frame ID: C7B5618929550E8FCE4E6EB86D0C9D15
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1C21231C33B94F99AF40BC1F43073A23
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D4848C617615CD130251A070DD8437A7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B1EF079B95B0DC3950AC53AB3DC3AE80
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=92615400245745004444994012529008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: A76868EEA78CD27798B84AA8567E961F
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: E18A90AA7A743325D54C982B22F8E351
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=82044700193646804444994012529025&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: E642E8BED56BE798A7462D5FAF8812DB
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: DDABA8401728AF5016E3E45FF60E83B7
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CID71qSp-YIDFRrMOwId67QAWw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8857910644932.537
Frame ID: B616F19BEFD8FE10400FA2C39D0CC4B4
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=92615400245745004444994012529008&a=75cf4a59
Frame ID: 068B74531E256581ABF52DEA25476038
Requests: 8 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=68011200211274704444994012529010&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: F6BBB0F012C1FE8D1C5806191361CFEA
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 97DBE9E7118C35071A42AD370C8969E2
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COqE1qSp-YIDFUDMOwIdzlgLEA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8591514510048.945
Frame ID: DCB3B793B11E8EB620F35CC65415F8BE
Requests: 2 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=82044700193646804444994012529025&a=8992b0d9
Frame ID: 06576F8CAD07E0CC851FDAF599A671F4
Requests: 9 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPbo3KSp-YIDFYzaOwIdurAH-w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2460826182510.5625
Frame ID: DC8EB9B0DB27F723CF7E51FDD7077DCD
Requests: 2 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=68011200211274704444994012529010&a=852ae918
Frame ID: 56AA5D5607BDA3C081A7746D566C5E24
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Frame ID: 1D7947102CE982CFE427C12106EB5CE4
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: ED3E8F54BADB3951307B8571BA22D1E2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Frame ID: 0055959F166812F06EB22F3BE36E6796
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0843F896D8DD0824F2F93F75D6A30B19
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 435623F55791B711629311335AC8D0F5
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401985
Frame ID: F05384DD9677A5AE8B2E0B4C8C5019C4
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=139CBC8C5D00E1C6&sp=707647&pb=534151&c=750708&a=754412&domain=https://www.catolicoorante.com.br/&gdpr=0&gdpr_source=&gdpr_consent=
Frame ID: 67FAB40308E817A4DBC636196B0C355A
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D139CBC8C5D00E1C6%26sp%3D707647%26pb%3D534151%26c%3D709112%26a%3D743293%26domain%3Dhttps%3A%2F%2Fwww.catolicoorante.com.br%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Frame ID: 1F238A6BC6FD3B8F504C3299C53A43A9
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 655B7F59B66946CF119E1F288B8919A1
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 47AF1DE890AFFBB7B54CCAD806493DB5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1BDC524B8067917B3B46ECD2D53FD020
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 98BE890D2954D82B4BAF5E81AE97892F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.catolicoorante.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 739D5EA5462A3C1BB6A41105BB947448
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Frame ID: 52FA2114FED97F311EC1B3F88191B6F7
Requests: 32 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E3F58C1C149A3DC6F6944F1B2DDB5FB9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 900509C2AA46844C69F0D17963569C47
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Católico Orante

Page URL History Show full URLs

  1. http://www.catolicoorante.com.br/ HTTP 302
    https://www.catolicoorante.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

389
Requests

92 %
HTTPS

41 %
IPv6

63
Domains

115
Subdomains

97
IPs

11
Countries

6151 kB
Transfer

26106 kB
Size

45
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.catolicoorante.com.br/ HTTP 302
    https://www.catolicoorante.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&rid=esp&cc=1
Request Chain 66
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=catolicoorante.com.br&sn=ChromeSyncframe&so=0&topUrl=www.catolicoorante.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=tmNjVHxocmtVYTFSOTE4OFQ5K29TTlRzUTNQbzRkSk5lZmM5blNPVTgyOTdwWHdPWnRMRXVjcmkxUkRPbTgrMmo5STZWcnFOUk1UUGZaa0xPdzB5SmRYVEJ5aDhDTWJDVkdjeU1uVHZPdmQwL2x4UE1JTSs0L2VTaUtIQVJ4aGFoTVpGVk5EekNOMzMxK0Y5WXlwaHJoOENxeTZpVEdBZkEyREJOOXdSZ2JNNlRzYS9raTNyMmhnT0xjMGllYnJvN0ZwdmtvZ0xQTTlHcE4wRlcwb2lxYlhSNXdJMEdIVWN4dzRWcjFqQktmamRjZ0tEK2JjbXBGRVRPcGNMV05FQS9NQ1VKdFFOaTdobVdOemdjd0xRaVpaNXh6RVJqRWY0akVRcHhGaGdoZXZIT2JLST18&cppv=2
Request Chain 112
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=catolicoorante.com.br&sn=ChromeSyncframe&so=3&topUrl=www.catolicoorante.com.br&bundle=KwXxG19zakJWejRuczV3dWRyeFJkN3hFc2MyVEVpT21sY0RjVHFxVU5oWDRoS3pRVElWZU9FblE0VW1MZDVSdWZBdkIzeGFYRmhJYVh1QU04Nk5hZ09wQ0g2NGVzbWx4RE55OGZna2xpYldPNkZ3RFlqUnQ5eFFUb0h2YVlNYnhSWG1ZellzeFNFWjBJR3hyODFrcyUyQnZQclZqUEw0NTFUTVoyTGxwam92YUJVRE11TSUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Pp8yFnxnenhCaVRQc0RqVW5vSGsvdnc2MC84OUIzSDUyRU8xU3FTdElFQ2Z5NWtLUERNbjczVkxmQXdaRjY4Wi9mYmQyQXIvQ1d6SDNoUkxUVjFEL0tObVkvdENBZHFIMDEyZ05GMFMrdDFGbm0xT3RIeU9uY1hXOWNZcXpkRmV1aWduNnFLNGdaZkdqZUZHR2hTVVBkQzVXMnl2T2ZLd2t0L0ZLN2g5dG43bkF5RW1qTkNZakpaUnBBR3lBYWZFY0k3QVQwMU1XZzJyZGRKRUV2MlYwVTY4TGhJU3NVdjdJcVo2UCswcGdhejFkaEZST2RHOG1QV1VTK3lOL2k3ZVd6MzlIWlVTSHNMWnNBcXZrUkxXSTczYUJhaDJBend1RCtoOTdYV0UybDh0bDVsbz18&cppv=2
Request Chain 172
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI05OLI352AwZscsndHAikA&google_cver=1
Request Chain 173
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW.hI9rtvCrs9QKlZ6LNogAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI05OLI352AwZscsndHAikA&google_cver=1&google_hm=2
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHJvw4MLFcbXNE2cike0MnA&google_cver=1
Request Chain 175
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMTE0ODc3NTMzOTE5NTI4
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFFQc8yZCMgZTvVw0y9B_Hs&google_cver=1
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOMhEhPfV42GOOVH_EaXnQ4&google_cver=1
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFFQc8yZCMgZTvVw0y9B_Hs&google_cver=1
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOMhEhPfV42GOOVH_EaXnQ4&google_cver=1
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFFQc8yZCMgZTvVw0y9B_Hs&google_cver=1
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOMhEhPfV42GOOVH_EaXnQ4&google_cver=1
Request Chain 217
  • https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=429142cf21&subid=&uid=2c978bb2eb74a230&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG-JiIqFvZb7aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0CiNgOJc2ZIP_jvMwDEdrVrgFkOxRkueoRd2Z7y3BZXfcVfHM5oqlT7cfebVMGzVbFZcZ5Ut3H4RVJj7_sfcr6BNdEU-PQP1KdV6wwmrWLAlHbTosB25yHb7y5nlgzw0zEEeIwVCW0WjEA8mp03SX-_d5QNFjeuJGv7t0xzpOmaQwfIAbnO2l70OVGev2KYIQUDZ7q3ZgaSYTdlqdtr52c_6mXVpUKvnuWiU-1GGfYDC1YzfsxDDwm0eEqD9DRvuKsLzv2I7OW0EwJbn_JLpdf0MlbJ0kWTWj5KM1jl5hoa9gqe63k1Ph87eLij4Ic7NfwWw7-f3D89Dsk05LRJfBOaiR45lRuddxzq1CG2T8LNHOjSvaSWjFOFchFj3PcizZzgPXRjWhDHjH5pqFrLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuIrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_1qt3uT9FCVo8_yJ56ZBDoK0hdR8g%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BSNzIeh9Xa3O10MLHXEKjp42Ut-yCL-_L6IPoT9hMxSKEbonlfcmoMQ9uVaRKB1rTexLhzcqz0G-2Kd0qSudLVrui5SA4hlDPZVvwM0iS9XUwSBFzktVDhwpgIX612Wlu1jxqLEE1VIXr-Qe6gqjr96u3F9nxGjfKGfADfpUbBS7JoAhs%26cry%3D1%26dbm_d%3DAKAmf-A_EXTZ3sHUCt8YS2dZDaafohTW4w-WtnmTrEYCtwtKkNhXevQs820EBto0sqc0VsCLWUMRR7oeSp1hK5HhYj7_dUsKtlQa5kvgc6onrHZbBl3FROIWXgnnWqcQx1KH0Fq1xplYch68JSW6En5L9QZuhl8Wxwq9zJrLigwYqOXuWEdWqiHn6NyqpNaNiE9BbpZYBjwiQKWi4vNFrPo-0EmWXP8SkoiS-n-pYu1HI9YSij0G608cDFl6m3fJpA3s74zlHKXi4QgwInuaAAQsDWdOCCvYLQ3yd4Baz_dM4XHXpg1E4Csu8SGphFPT-OFbdX-ONZ5hjPFLaocaLhALgv9r9BTpuHmcTCLpR8vGdkTMc3L8BUoQ72a5OuWOp5RdgWIJQW1f0SmjiCd3RbDZy8GqInyCLy7mebzMk8Nh0fHn5x9TN7qYa8bWCZfgEyw400DAv0uUxPYhVMowhMtbil-LjBdGEW17S9Y4m0DkiLI-US_ZQ3QUgxo-zXZGzTDyd-xQUMvyqYIUUM1KVdbgsm8LIoTBbXv8C_iJCZnySaKxiHBOjIM-iXBjFEF3fyXnz4Bimktq%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=3147218723056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=429142cf21&subid=&uid=2c978bb2eb74a230&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG-JiIqFvZb7aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0CiNgOJc2ZIP_jvMwDEdrVrgFkOxRkueoRd2Z7y3BZXfcVfHM5oqlT7cfebVMGzVbFZcZ5Ut3H4RVJj7_sfcr6BNdEU-PQP1KdV6wwmrWLAlHbTosB25yHb7y5nlgzw0zEEeIwVCW0WjEA8mp03SX-_d5QNFjeuJGv7t0xzpOmaQwfIAbnO2l70OVGev2KYIQUDZ7q3ZgaSYTdlqdtr52c_6mXVpUKvnuWiU-1GGfYDC1YzfsxDDwm0eEqD9DRvuKsLzv2I7OW0EwJbn_JLpdf0MlbJ0kWTWj5KM1jl5hoa9gqe63k1Ph87eLij4Ic7NfwWw7-f3D89Dsk05LRJfBOaiR45lRuddxzq1CG2T8LNHOjSvaSWjFOFchFj3PcizZzgPXRjWhDHjH5pqFrLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuIrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_1qt3uT9FCVo8_yJ56ZBDoK0hdR8g%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BSNzIeh9Xa3O10MLHXEKjp42Ut-yCL-_L6IPoT9hMxSKEbonlfcmoMQ9uVaRKB1rTexLhzcqz0G-2Kd0qSudLVrui5SA4hlDPZVvwM0iS9XUwSBFzktVDhwpgIX612Wlu1jxqLEE1VIXr-Qe6gqjr96u3F9nxGjfKGfADfpUbBS7JoAhs%26cry%3D1%26dbm_d%3DAKAmf-A_EXTZ3sHUCt8YS2dZDaafohTW4w-WtnmTrEYCtwtKkNhXevQs820EBto0sqc0VsCLWUMRR7oeSp1hK5HhYj7_dUsKtlQa5kvgc6onrHZbBl3FROIWXgnnWqcQx1KH0Fq1xplYch68JSW6En5L9QZuhl8Wxwq9zJrLigwYqOXuWEdWqiHn6NyqpNaNiE9BbpZYBjwiQKWi4vNFrPo-0EmWXP8SkoiS-n-pYu1HI9YSij0G608cDFl6m3fJpA3s74zlHKXi4QgwInuaAAQsDWdOCCvYLQ3yd4Baz_dM4XHXpg1E4Csu8SGphFPT-OFbdX-ONZ5hjPFLaocaLhALgv9r9BTpuHmcTCLpR8vGdkTMc3L8BUoQ72a5OuWOp5RdgWIJQW1f0SmjiCd3RbDZy8GqInyCLy7mebzMk8Nh0fHn5x9TN7qYa8bWCZfgEyw400DAv0uUxPYhVMowhMtbil-LjBdGEW17S9Y4m0DkiLI-US_ZQ3QUgxo-zXZGzTDyd-xQUMvyqYIUUM1KVdbgsm8LIoTBbXv8C_iJCZnySaKxiHBOjIM-iXBjFEF3fyXnz4Bimktq%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=3147218723056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 220
  • https://hal900025.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee47f34bbf&subid=&uid=b5312c7b474c348c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIKRWIqFvZb_aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0GaPMgbKIFyxZeRdsD4HhFHIqIzM5eNbzt-CLGWIrxFU2_na5kxmxS2K7N7WWl2p9UNk-E2-OIA8tzQGFvSac7RmYRUfWpu6aHmyBtzogWcJ8eHExjky0ktS7DNve-oBANMuH6dumKDsCX-Vm0zcA-NuoNXNrjrEgyVZROzDlN7Zm72ReyJQiuqVM0eEgUlJyc3HNofy1JqGCMXzC4HjDIdInwh9ua8ozZytUCbp18ZwkfXe5OE1kOVYJ4p_JkdG601KfhFxmREfYbxJpBx0QhWhkrqxZ-lCMIamZVpsFk8d6ca3GUiGuYDeUzit6P-DHve9YDKgbv3d4CmwpkQoFCYq56EeRaKrtbxT1tRGG_774jLpoJLsmlsea1BIzGWZ-obmsvHXpXhJ46XYz0XABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuYrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_27NqC_q52rkZgZkvdjsAbpq1VWvQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-B0_VUE1WDnGaaIbdT6VtYKWtlgfDMrfLsi6RSElaID95CsYKnE1FW7zaVZDruFn2EnrbRoxpP_ZwmX4fe_V2UPgzFRGnWut90kMjeesC9aiqqp413Y44RCI3G2X37ko89CCWpg9QR164qUJiUbTEpj6I7NkoqgiCfdqqCgVIeFKlMInqo%26cry%3D1%26dbm_d%3DAKAmf-D5pqqucCx5s2vSNUNkvMT0sPkHTeFZBx1fLZyQXoRKlJ68F_g3fkP0EpvclCgDdgL8zb_rcuWygwQaLWUyXH22ZW9LcUkVrw9LO-PdY0I7o60CDrcrue9jOns19Tz9MZrU7BvWIjfXMgJMVnhdtHsGhm59g3MHfyInaD6PpVFt-wk2yaZDpYAL9kAdPuA-5_tMPlPP_HiF-WuifKvhzaEGXPp6ImLpCPgNUiQG1xyFuHqLO5gBfD3R4ZhiiHiz8xPmNx5xw24qExcdwWykOsFaX0yUl0dul532ydyAJnaEKJXPtsPeAFLDLKsiDjingG2urz4l5uXfLMTCvgz0aQVkZq0epIxAcL2vZmf1Pu-MQSdN7Q5UFUz6rOd8nRfIN1BQ-EActyVd2Mcvy9nlAJlbUaSQ7osyVSthxrTAyDZwV_C7nuE6OkYv2eT2uH46sVI8Pm7zinjLhPWucNTXFh7EbZhBS5QuVzgAv1azMRQs5yqdVHLbnByhlZPNAaC0eZuHV6u9ilNbaSeZyqxB7Uhi0Eti4HxZMJL0WRCWBBKvPxRIwZt3MybP27IkbVaEDuCQbpkm%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=4245406539549&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900025.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee47f34bbf&subid=&uid=b5312c7b474c348c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIKRWIqFvZb_aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0GaPMgbKIFyxZeRdsD4HhFHIqIzM5eNbzt-CLGWIrxFU2_na5kxmxS2K7N7WWl2p9UNk-E2-OIA8tzQGFvSac7RmYRUfWpu6aHmyBtzogWcJ8eHExjky0ktS7DNve-oBANMuH6dumKDsCX-Vm0zcA-NuoNXNrjrEgyVZROzDlN7Zm72ReyJQiuqVM0eEgUlJyc3HNofy1JqGCMXzC4HjDIdInwh9ua8ozZytUCbp18ZwkfXe5OE1kOVYJ4p_JkdG601KfhFxmREfYbxJpBx0QhWhkrqxZ-lCMIamZVpsFk8d6ca3GUiGuYDeUzit6P-DHve9YDKgbv3d4CmwpkQoFCYq56EeRaKrtbxT1tRGG_774jLpoJLsmlsea1BIzGWZ-obmsvHXpXhJ46XYz0XABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuYrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_27NqC_q52rkZgZkvdjsAbpq1VWvQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-B0_VUE1WDnGaaIbdT6VtYKWtlgfDMrfLsi6RSElaID95CsYKnE1FW7zaVZDruFn2EnrbRoxpP_ZwmX4fe_V2UPgzFRGnWut90kMjeesC9aiqqp413Y44RCI3G2X37ko89CCWpg9QR164qUJiUbTEpj6I7NkoqgiCfdqqCgVIeFKlMInqo%26cry%3D1%26dbm_d%3DAKAmf-D5pqqucCx5s2vSNUNkvMT0sPkHTeFZBx1fLZyQXoRKlJ68F_g3fkP0EpvclCgDdgL8zb_rcuWygwQaLWUyXH22ZW9LcUkVrw9LO-PdY0I7o60CDrcrue9jOns19Tz9MZrU7BvWIjfXMgJMVnhdtHsGhm59g3MHfyInaD6PpVFt-wk2yaZDpYAL9kAdPuA-5_tMPlPP_HiF-WuifKvhzaEGXPp6ImLpCPgNUiQG1xyFuHqLO5gBfD3R4ZhiiHiz8xPmNx5xw24qExcdwWykOsFaX0yUl0dul532ydyAJnaEKJXPtsPeAFLDLKsiDjingG2urz4l5uXfLMTCvgz0aQVkZq0epIxAcL2vZmf1Pu-MQSdN7Q5UFUz6rOd8nRfIN1BQ-EActyVd2Mcvy9nlAJlbUaSQ7osyVSthxrTAyDZwV_C7nuE6OkYv2eT2uH46sVI8Pm7zinjLhPWucNTXFh7EbZhBS5QuVzgAv1azMRQs5yqdVHLbnByhlZPNAaC0eZuHV6u9ilNbaSeZyqxB7Uhi0Eti4HxZMJL0WRCWBBKvPxRIwZt3MybP27IkbVaEDuCQbpkm%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=4245406539549&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 243
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8857910644932.537 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CID71qSp-YIDFRrMOwId67QAWw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8857910644932.537
Request Chain 254
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8591514510048.945 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COqE1qSp-YIDFUDMOwIdzlgLEA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8591514510048.945
Request Chain 263
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2460826182510.5625 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPbo3KSp-YIDFYzaOwIdurAH-w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2460826182510.5625
Request Chain 317
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E%26traffic_source%3Dsnippet%26session%3D139CBC8C5D00E1C6%26sp%3D707647%26pb%3D534151%26c%3D750708%26a%3D754412%26domain%3Dhttps%3A%2F%2Fwww.catolicoorante.com.br%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=139CBC8C5D00E1C6&sp=707647&pb=534151&c=750708&a=754412&domain=https://www.catolicoorante.com.br/&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZW-hI9rtvCrs9QKlZ6LNogAADG0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGanCDUcxh9pgQy2kF7Ww5w&google_cver=1
Request Chain 336
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZW.hI9rtvCrs9QKlZ6LNogAA%263181&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZW.hI9rtvCrs9QKlZ6LNogAA%263181&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=952aca83cf3d448a872a67514a679cb2 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wQJYBUEPsXpPqQfaWZIL-kYw-6lY5J5fCPMfRA HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wQJYBUEPsXpPqQfaWZIL-kYw-6lY5J5fCPMfRA
Request Chain 338
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZW-hI9rtvCrs9QKlZ6LNogAADG0AAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZW-hI9rtvCrs9QKlZ6LNogAADG0AAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 363
  • https://gcdn.2mdn.net/videoplayback/id/c4de64fe53c9cbd5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621061/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/94FFB1BCBA547C57446288BE32EDAA26CA33E4B7.70D427F4D3B240DF93117ABB1CA750D0F55163C8/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-4g5lznes.c.2mdn.net/videoplayback/id/c4de64fe53c9cbd5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621061/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/10EF4613D56D63C4B3CCB35D95CBF0E34ECEED68.6913E60851AB6F9AFD1845ACDE5E0954CD9A210A/key/cms1/cms_redirect/yes/mh/XP/mip/2a02:6ea0:c71b:0:1012:2834:6614:5e0e/mm/42/mn/sn-4g5lznes/ms/onc/mt/1701814022/mv/u/mvi/5/pl/40/file/file.mp4
Request Chain 372
  • https://red.vtracy.de/img.tr?tr_adid=k30120998_s8521416_p369578998_c195397362&tr_mid=0&tr_sync=true&tr_uid1=DC&gdpr_consent=&gdpr=&t=3679364308 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50&adid=k30120998_s8521416_p369578998_c195397362&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1701814566579&tamgdpr=&tamgdpr_consent=&request_uid=ZW-hJvg4O1yMuCqxkNJwbgAAAIk HTTP 302
  • https://red.vtracy.de/tr_cm?v3=vi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50&adid=k30120998_s8521416_p369578998_c195397362&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1701814566579&tamgdpr=&tamgdpr_consent=&request_uid=ZW-hJvg4O1yMuCqxkNJwbgAAAIk&google_gid=CAESEK79pASCDaHSCYgG6rXYgB4&google_cver=1 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fred.vtracy.de%2Ftr_aa%3Fv3%3Dvi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50%26adid%3Dk30120998_s8521416_p369578998_c195397362%26userId%3D%25%25COOKIE%25%25%26tr_timestamp%3D1701814566626%26tr_run%3Dfalse%26tr_ttd%3Dtrue%26tamgdpr%3D%26tamgdpr_consent%3D%26request_uid%3DZW-hJvg4O1yMuCqxkNJwbgAAAIk HTTP 302
  • https://red.vtracy.de/tr_aa?v3=vi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50&adid=k30120998_s8521416_p369578998_c195397362&userId=7309237904841635984&tr_timestamp=1701814566626&tr_run=false&tr_ttd=true&tamgdpr=&tamgdpr_consent=&request_uid=ZW-hJvg4O1yMuCqxkNJwbgAAAIk HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50&gdpr=&gdpr_consent=&request_uid=ZW-hJvg4O1yMuCqxkNJwbgAAAIk

389 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.catolicoorante.com.br/
Redirect Chain
  • http://www.catolicoorante.com.br/
  • https://www.catolicoorante.com.br/
13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache / PHP/8.1.24
Resource Hash
8e557e2ae5e80affd8253b1ea7b5130b8e2cdab7e61695015e701861a70532ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
3009
content-type
text/html; charset=UTF-8
date
Tue, 05 Dec 2023 22:16:00 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/8.1.24

Redirect headers

Connection
Keep-Alive
Content-Length
218
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 05 Dec 2023 22:16:00 GMT
Keep-Alive
timeout=5
Location
https://www.catolicoorante.com.br/
Server
Apache
iOS_gray.min.css
www.catolicoorante.com.br/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.catolicoorante.com.br/css/iOS_gray.min.css
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
8c1e2fb03402d2c9b2a28624b9fd6d8c17606d1e3f1102ae9a8aed8c359745a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
last-modified
Fri, 15 Sep 2023 15:41:17 GMT
server
Apache
etag
"518029e-4ae6-605679f8f4140-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2696
jquery.mobile.icons.min.css
www.catolicoorante.com.br/css/ 		124 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.catolicoorante.com.br/css/jquery.mobile.icons.min.css
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
3ddfd25eabeae10fb6bff1219d989f335577c2307fd3425acc9125283c0aaa4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
last-modified
Fri, 15 Sep 2023 15:41:17 GMT
server
Apache
etag
"518114e-1f04f-605679f8f4140-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8039
jquery.mobile.structure-1.4.5.min.css
www.catolicoorante.com.br/css/ 		67 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.catolicoorante.com.br/css/jquery.mobile.structure-1.4.5.min.css
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
7a0e15280ee20fb93c7a0c85ee15c48afd3685b91e5522ba55fcc397b894695a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
last-modified
Fri, 15 Sep 2023 15:41:17 GMT
server
Apache
etag
"51802a5-10c6a-605679f8f4140-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
9740
custom.css
www.catolicoorante.com.br/css/ 		3 KB
952 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.catolicoorante.com.br/css/custom.css
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
404f2470f42a0e99a20c263b2b597b50921b9c33b49883954a49c16117634524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
last-modified
Fri, 15 Sep 2023 15:41:17 GMT
server
Apache
etag
"5180290-afc-605679f8f4140-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
836
jquery-1.11.1.min.js
www.catolicoorante.com.br/js/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.catolicoorante.com.br/js/jquery-1.11.1.min.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
last-modified
Fri, 15 Sep 2023 15:41:20 GMT
server
Apache
etag
"5180278-1762e-605679fbd0800-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32337
jquery.mobile-1.4.5.min.js
www.catolicoorante.com.br/js/ 		195 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.catolicoorante.com.br/js/jquery.mobile-1.4.5.min.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
34c907374e938efced62f13f2a6755f9edcd5634ec946a74d936258ef1335c58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
last-modified
Fri, 15 Sep 2023 15:41:20 GMT
server
Apache
etag
"5180279-30dd8-605679fbd0800-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
53128
functions.js
www.catolicoorante.com.br/js/ 		2 KB
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.catolicoorante.com.br/js/functions.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
f927360910160d905cdfc51574946e52162dfc2a089d6eeb938d1317a94c5d0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
last-modified
Fri, 15 Sep 2023 15:41:20 GMT
server
Apache
etag
"51800df-732-605679fbd0800-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
551
jqm-docs.css
www.catolicoorante.com.br/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.catolicoorante.com.br/css/jqm-docs.css
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
bfabc5e8b04eec66b4431a7364a4c76cbb299b39ebbdafe7547b9dc37e3acda9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
last-modified
Fri, 15 Sep 2023 15:41:17 GMT
server
Apache
etag
"518114d-2295-605679f8f4140-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1966
jqm-docs.js
www.catolicoorante.com.br/js/ 		2 KB
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.catolicoorante.com.br/js/jqm-docs.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
38940629e963523e8f1bcca94d86d372c333c7f6fa4252973f70b5f148ddaa11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
last-modified
Fri, 15 Sep 2023 15:41:20 GMT
server
Apache
etag
"5180277-78b-605679fbd0800-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
867
js
www.googletagmanager.com/gtag/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TG9EP7WBY1
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e13fe27c71bb18d6bca0331a56765248d042a7cdf824461ac6b05c1bf30f47ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86195
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 22:16:01 GMT
in-view.min.js
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
585322
x-jsd-version
0.6.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230025-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYhxgE%2Bm4%2B3FB0GBMozjtqhjHBY6EgzMN1qBUxPm%2FpFjaMmRzYtMJVoo9vsmcXVZvT4fssGXqlMRuvZ1vIm7nFs0FlJrN2cDPPdPwJ4HWUswRU46i4kGUeqgEhaizsbaCWhinmpT%2By5CGCT83OY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
830fa6ae1d8e2c5b-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b646fe6769707fa5b0058c4cbd16400820d523c5a9e49ec882b70988a435d02e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30364
x-xss-protection
0
server
cafe
etag
275 / 19696 / 31079946 / config-hash: 15829356696885602339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 22:16:01 GMT
3639
stpd.cloud/saas/ 		430 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/saas/3639
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
359fe58a4f9e8cdf54cba69229104d117fa5a26545003edd25e892913c3cb4fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
s-maxage=300
cf-ray
830fa6b23fa671be-FRA
stpdhash
true
load-104541.js
amer.hhkld.com/tag/ 		277 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://amer.hhkld.com/tag/load-104541.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
c0ada3396a5c7fc9d2a65064afaee9c17a81414fa354fcf987ad82da584202d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type
application/javascript
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
qr-code.png
www.catolicoorante.com.br/images/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.catolicoorante.com.br/images/qr-code.png
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
119265cc0709da8217136d9dcbfff4ae7d1e3aec99cbd35bd43ccd8ef6666e87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
last-modified
Fri, 15 Sep 2023 15:41:20 GMT
server
Apache
accept-ranges
bytes
etag
"51802c9-152f8-605679fbd0800"
content-length
86776
content-type
image/png
adaptive-icon.png
www.catolicoorante.com.br/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.catolicoorante.com.br/images/adaptive-icon.png
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
5df62af3b3e903acdfab5cd9c96edd16f9ad0258da0309046f625844c5324f9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
last-modified
Fri, 15 Sep 2023 15:41:20 GMT
server
Apache
accept-ranges
bytes
etag
"518012e-9e2e-605679fbd0800"
content-length
40494
content-type
image/png
banner_diocese.jpg
www.catolicoorante.com.br/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.catolicoorante.com.br/images/banner_diocese.jpg
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
46cf6bd295f28386afc5f433a7623362cff006f29a63c192c0e340dd0d22c45a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
last-modified
Fri, 15 Sep 2023 15:41:20 GMT
server
Apache
accept-ranges
bytes
etag
"5180137-fb15-605679fbd0800"
content-length
64277
content-type
image/jpeg
android_logo.png
www.catolicoorante.com.br/images/ 		209 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.catolicoorante.com.br/images/android_logo.png
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
1b91eaa6e27d0f71c9348d19e5f78bf344f52cfa6ebe325cb5dcfd52ddc857e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
last-modified
Fri, 15 Sep 2023 15:41:20 GMT
server
Apache
accept-ranges
bytes
etag
"5180134-34457-605679fbd0800"
content-length
214103
content-type
image/png
apple_logo.png
www.catolicoorante.com.br/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.catolicoorante.com.br/images/apple_logo.png
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
a1c12175de1a0a767410e692e0af3ac427ded63ac1e3f195ab6d36fead747875

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
last-modified
Fri, 15 Sep 2023 15:41:20 GMT
server
Apache
accept-ranges
bytes
etag
"5180136-9902-605679fbd0800"
content-length
39170
content-type
image/png
cristo2.jpg
www.catolicoorante.com.br/images/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.catolicoorante.com.br/images/cristo2.jpg
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
c54ec4bfe7dbed5da4ecd8acfebca9aa51e92576fc5bb0881850fe6945ee93a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
last-modified
Fri, 15 Sep 2023 15:41:20 GMT
server
Apache
accept-ranges
bytes
etag
"518013d-db02-605679fbd0800"
content-length
56066
content-type
image/jpeg
like.php
www.facebook.com/plugins/ Frame 3ACE 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FCatolicoOrante&send=false&layout=standard&width=450&show_faces=true&action=like&colorscheme=light&font=tahoma&height=80&appId=309775235785366
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 05 Dec 2023 22:16:01 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
/4P2iqfuCDh5XGcggXLvSTxzQ8bldGHiw7ucBEovakmKWQgOeXkdplANENhDvbOjz17FWYYAN9KzqSXa7pYABg==
x-xss-protection
0
ajax-loader.gif
www.catolicoorante.com.br/css/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.catolicoorante.com.br/css/images/ajax-loader.gif
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/css/iOS_gray.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.94.137 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
137.94.153.160.host.secureserver.net
Software
Apache /
Resource Hash
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/css/iOS_gray.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
last-modified
Fri, 15 Sep 2023 15:41:17 GMT
server
Apache
accept-ranges
bytes
etag
"51802ad-1862-605679f8f4140"
content-length
6242
content-type
image/gif
truncated
/ 		550 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd015e20f539f3367dcd50dd2819bb137f0d907c720862ff715946065d5a87b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
truncated
/ 		465 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a1eb8e1fe0710673a983ab70704ed6b1c34ccdef2c8b754cd8657b61a0ecdc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
collect
region1.google-analytics.com/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TG9EP7WBY1&gtm=45je3bt0v894290888&_p=1701814561604&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1968407445.1701814562&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701814561&sct=1&seg=0&dl=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=Cat%C3%B3lico%20Orante&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1788
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TG9EP7WBY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
load-104541.js
amer.hhkld.com/tag/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amer.hhkld.com/tag/load-104541.js?page_url=https%3A%2F%2Fwww.catolicoorante.com.br%2F
Requested by
Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-104541.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
14efa5752b436fa5494bb8753fa6c11e9d3d3af4e390312a1d5ea724fafb84e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 11:36:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38382
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138089
x-xss-protection
0
server
cafe
etag
6648938400208870771
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 04 Dec 2024 11:36:19 GMT
index.js
cdn2.viads.net/1.0.7/ 		190 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.viads.net/1.0.7/index.js
Requested by
Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-104541.js?page_url=https%3A%2F%2Fwww.catolicoorante.com.br%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
f4dab19efec14205e419d50d7d094677303225e0d603b79c59395673d5be3993

Request headers

Referer
https://www.catolicoorante.com.br/
Origin
https://www.catolicoorante.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 13:37:21 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:ea00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 21:46:00 GMT
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
PRG50-C1
age
1803
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
WQvQcIuTnQVl-AOoj2nzBZ6IhIaIuT4a2VAyI8ygYkHWFnnlhTRGHg==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
31006
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230025-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BP7pxjS2IoOHjA5990D%2Bvj7DyfTJRbs7heAa%2FS12EpKNouxUoOnGTYLBveYoQX%2BOkWXDsmL9yrJNbGnHphbh7hKNydKqvaXyURrcJxXGqazcyLxAaY56DCj29rtudlRoqB4zOkihmGfP7YGDMg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
830fa6b329712c5b-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
THF1B04JGHSEFPSQ
age
287
etag
W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
830fa6b34cf84db3-FRA
x-amz-id-2
qGAOmLb1vwuTdhUs3EjmPZfg+BBSDsFFzIuSRs6mOWJmNa/P3zuGt0YImEWovPnzvXlKjrTolDQ=
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:22:56 GMT
content-encoding
gzip
age
265985
x-guploader-uploadid
ABPtcPre1U4HiY6WqF30zs-7H3NGrszEnSHbVnFT27X9GVDOMMChzfZ-c1a__e4CGhqxzvKP3jY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 01 Dec 2024 20:22:56 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
72936
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
830fa6b359751e50-FRA
expires
Fri, 08 Dec 2023 22:16:01 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 06 Dec 2023 22:16:01 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.143.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-143-58.lhr5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 05:59:07 GMT
content-encoding
gzip
via
1.1 281c9390ff02ec3c7b07e745cb742ca6.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
LHR5-P1
age
58615
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
sn4VRnJpPvhXF5HQeZZ0Ey1iFkVh6l8tUOFTW3CgQeAuFD88oHpbLQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1000:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Tue, 05 Dec 2023 10:03:28 GMT
Via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
47146
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
c5CSOzHIrXILrVgCP1bV3OBG5Ku7Xx-ImmqP9EhVx24eS4vWsulNQw==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
0fbe07ec781796af4e00f82834ca845e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.catolicoorante.com.br%2F&domain=www.catolicoorante.com.br&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.catolicoorante.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 05 Dec 2023 22:16:01 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
253737
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ 		270 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 21:43:07 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 20:39:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1975
etag
W/"aaba284d2b2910b9a4f56befae1e2e69"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
P8YOeguXQ9-dfsq6hDXQ7Ip6J5wyINIakgcR8OcufPwX1Vvg3KbOPQ==
prebid
id5-sync.com/api/config/ 		135 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.catolicoorante.com.br
date
Tue, 05 Dec 2023 22:16:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
json
gum.criteo.com/sid/ 		2 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.catolicoorante.com.br%2F&domain=www.catolicoorante.com.br&cw=1&lsw=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
397453
expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231205
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b0b122194485c91aacdd819e8687e299246e28949b99c5c321dbad6aeb3f45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22512
x-jsd-version
1.0.1895
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220058-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-EqcVoDJZgWuwiJzEOmym8EehJVA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bm8Q%2FwtDsdK%2Fov8yyF2fs7h1BzNklvGrSccuYrxv0mBTvIpnjRWtGAybFfYZalmDVPHCbGFY8K0PUk4rnRIXib00epMZrRPZtn17b%2F5btFZddhOie9v6YD%2FuhLfh%2BtDVoDh9OCavrI1DpNob4Hc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
830fa6b38f62037c-FRA
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:01 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
745273
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DsnsBjXA%2BJYLEUq0FGNLpHDlAo3xf8WIJEEcM9Qy%2B4dCZpueaWdp1odRhNlxlWld0ye3v%2FCCDxdd7%2FbsNnW8ZlbQCyd86kWEMWnoGfBH8OcNNxTtZ09yx%2BSWF2bk%2FeZ6SowfLTswCSjRTjq"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
830fa6b3abd41e20-FRA
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&rid=esp&cc=1
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
7da74e053f627c2af42abf9c00581ca66956d74c066d7d29f56aa07123e5b981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-5J1xUwFMGKZt9VtSBSRFkDyhaNs"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 05 Dec 2023 22:16:01 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.catolicoorante.com.br
location
/esp?url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame 4AED 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.catolicoorante.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:01 GMT
server
Kestrel
server-processing-duration-in-ticks
301034
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
increment
id5-sync.com/api/esp/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.catolicoorante.com.br
date
Tue, 05 Dec 2023 22:16:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
map
bcp.crwdcntrl.net/6/ 		60 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.196.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-196-88.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4df292e1aab61eae1c2ce33b5849e76c5eb2d46bffd8b4bf061f5677612cea23

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache
x-server
10.45.20.125
access-control-allow-credentials
true
content-length
60
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
ae9c5451af9acf0101a5da780b06bf4bc45af1bdb83d6d8502395fe021db3696
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.catolicoorante.com.br
date
Tue, 05 Dec 2023 22:16:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
fed
ups.analytics.yahoo.com/ups/58813/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://www.catolicoorante.com.br
content-type
application/json
access-control-allow-credentials
true
cookie_sync
prebid-stag.setupad.net/ 		42 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7Yv27KFxtShXoksFMdV97LIcP4jhopTF1QPECbg3NS04uMeUAf%2ButgxgYyAmh9rjZ5Od4nFlqyH6BBCNqkNWxhCoj%2FczeBZ6dBWMXInIWE9zute8UhaCLQcbxgiHRxOpfaT5rqCZAGp"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
830fa6b40e17368a-FRA
content-length
42
expires
0
auction
prebid-stag.setupad.net/openrtb2/ 		346 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb0b0004d992b2b3cdcb22482c30ebf0099dc1a9a2bea77035a6f54bd0dfe309

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.259.0
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZjHKoeTnCJOsMEL1M%2F1LHaTZiJoBez0KIdlrEh9MIqz%2FuTo9Zut4peYL%2F6Ag1gTIifDICE6Ql1l8pdwIG2C5DNOU5IgjZduZ3Q8127nXX7i90d9qaRNKzfMOhDmHRtZszXYdAMFngw8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
830fa6b40e18368a-FRA
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=819587
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61b656b1d00d0ce0f6c94f57f70f9f81f68db77d7afd672c36b264f1b7c57e7

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iz1hwRJaL6dk4eLERmEByi4H%2FX8lX0nMniSj59%2Bvd8SHPOP94b%2FQTxt7q90nV%2B2PwLYWe%2BPzZJVJxrCawYf2%2Bzumo1CaOsqhckvq62KhkfJU5yAlhKdSnbZGOLApVQpXWHB9vi%2BG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
830fa6b40be89034-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.catolicoorante.com.br
date
Tue, 05 Dec 2023 22:16:01 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
187
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		48 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:01 GMT
an-x-request-uuid
3375b47a-bc09-4a37-915c-c6c357008280
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.133; 138.199.38.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
48
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
auction
tlx.3lift.com/header/ 		19 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.27.0&referrer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&tmax=1000
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.93.152.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-152-216.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:01 GMT
accept-ch
sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
x-auction-status
12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:02 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache
access-control-allow-credentials
true
expires
0
/
ghb.adtelligent.com/v2/auction/ 		16 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8b02a04576f08fe90268edb3c12713fd169357a5101d46fc8c7b79368baed7a3

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 05 Dec 2023 22:16:01 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.catolicoorante.com.br
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1189
cdb
bidder.criteo.com/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.27.0&cb=47161933208&lsavail=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f1f7192930b6b59081b2ccac86768dad41b51a2ab7731613eacbd9aff9ec4833
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Dec 2023 22:16:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
bid
ap.lijit.com/rtb/ 		95 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.27.0
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
4d5eb13eddfd109240999eb7533995518fd97557de5192683c242ce6b33fce11

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 05 Dec 2023 22:16:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.catolicoorante.com.br
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
mp.4dex.io/ 		60 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Tue, 05 Dec 2023 22:16:02 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: stpd-610tz, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: stpd-ektsq, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: stpd-l316u, Process Floors. 6 inventory rules not found for mediatype: banner and adUnitCode: catolicoorante.com.br_970x90_anchor_responsive
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
830fa6b46f3665dc-FRA
expires
0
arj
setupad-d.openx.net/w/1.0/ 		73 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=90ad693a-964e-42c2-aa53-32d6a24df449%2C8832ff16-f253-48b3-b42f-da350eec37cf%2C349a0e9c-06d4-44b9-a475-349dc0d7b9eb%2Cb49eb6d1-d1f4-4f5d-b420-706a45109ffc&nocache=1701814561963&pubcid=40bfbec3-5d1f-4e6a-8f8d-f13f35c0a01d&schain=1.0%2C1!setupad.com%2C1555%2C1%2C%2C%2C&aus=300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250%7C1000x100%2C970x90%2C728x90%2C990x90%2C970x50%2C960x90%2C950x90%2C980x90&divids=stpd-610tz%2Cstpd-ektsq%2Cstpd-l316u%2Ccatolicoorante.com.br_970x90_anchor_responsive&aucs=%2C%2C%2C&auid=557314795%2C557314795%2C557314795%2C557314791
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c87c5f31e6467e8c29921a1041c879800169e3ee13b6c417a4f900fc38fbf22a

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:01 GMT
an-x-request-uuid
286c7a9a-d3b5-4cfd-941d-dfa0212efc3f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.133; 138.199.38.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.catolicoorante.com.br
date
Tue, 05 Dec 2023 22:16:02 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ 		594 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=2217894%3B2217894%3B2217894%3B1923074&size_id=15%3B15%3B15%3B2&alt_size_ids=16%2C159%3B16%2C159%3B16%2C159%3B55&rp_schain=1.0,1!setupad.com,1555,1,,,&rf=https%3A%2F%2Fwww.catolicoorante.com.br%2F&tk_flint=pbjs_lite_v7.27.0&x_source.tid=90ad693a-964e-42c2-aa53-32d6a24df449%3B8832ff16-f253-48b3-b42f-da350eec37cf%3B349a0e9c-06d4-44b9-a475-349dc0d7b9eb%3Bb49eb6d1-d1f4-4f5d-b420-706a45109ffc&l_pb_bid_id=1079d7ae90c16ee6%3B10838753d48281d%3B1097265ebaed4dac%3B110b96711e6efc42&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=4&rand=0.7654279468857912
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
27f971026b5f16bdb394808693b0e749d27798c97e182b595867f1ef2c8054b0

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
sid
mug.criteo.com/ Frame 4AED
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=catolicoorante.com.br&sn=ChromeSyncframe&so=0&topUrl=www.catolicoorante.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=tmNjVHxocmtVYTFSOTE4OFQ5K29TTlRzUTNQbzRkSk5lZmM5blNPVTgyOTdwWHdPWnRMRXVjcmkxUkRPbTgrMmo5STZWcnFOUk1UUGZaa0xPdzB5SmRYVEJ5aDhDTWJDVkdjeU1uVHZPdmQwL2x4UE1JTSs0L2VTaUtIQV...
441 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tmNjVHxocmtVYTFSOTE4OFQ5K29TTlRzUTNQbzRkSk5lZmM5blNPVTgyOTdwWHdPWnRMRXVjcmkxUkRPbTgrMmo5STZWcnFOUk1UUGZaa0xPdzB5SmRYVEJ5aDhDTWJDVkdjeU1uVHZPdmQwL2x4UE1JTSs0L2VTaUtIQVJ4aGFoTVpGVk5EekNOMzMxK0Y5WXlwaHJoOENxeTZpVEdBZkEyREJOOXdSZ2JNNlRzYS9raTNyMmhnT0xjMGllYnJvN0ZwdmtvZ0xQTTlHcE4wRlcwb2lxYlhSNXdJMEdIVWN4dzRWcjFqQktmamRjZ0tEK2JjbXBGRVRPcGNMV05FQS9NQ1VKdFFOaTdobVdOemdjd0xRaVpaNXh6RVJqRWY0akVRcHhGaGdoZXZIT2JLST18&cppv=2
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7badeb31ae3aaa8eee36ca62c1af0f7cc285eee388708050ce4b2efa9f293f29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
988072
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=tmNjVHxocmtVYTFSOTE4OFQ5K29TTlRzUTNQbzRkSk5lZmM5blNPVTgyOTdwWHdPWnRMRXVjcmkxUkRPbTgrMmo5STZWcnFOUk1UUGZaa0xPdzB5SmRYVEJ5aDhDTWJDVkdjeU1uVHZPdmQwL2x4UE1JTSs0L2VTaUtIQVJ4aGFoTVpGVk5EekNOMzMxK0Y5WXlwaHJoOENxeTZpVEdBZkEyREJOOXdSZ2JNNlRzYS9raTNyMmhnT0xjMGllYnJvN0ZwdmtvZ0xQTTlHcE4wRlcwb2lxYlhSNXdJMEdIVWN4dzRWcjFqQktmamRjZ0tEK2JjbXBGRVRPcGNMV05FQS9NQ1VKdFFOaTdobVdOemdjd0xRaVpaNXh6RVJqRWY0akVRcHhGaGdoZXZIT2JLST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
253476
content-length
0
expires
0
481.json
id5-sync.com/g/v2/ 		251 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
46735132123e5be41147f648041a3c0d618b3260569dbc94a78f5fb979e19beb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.catolicoorante.com.br
date
Tue, 05 Dec 2023 22:16:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
config.aps.amazon-adsystem.com/configs/ 		537 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.196.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-196-77.mrs52.r.cloudfront.net
Software
CloudFront /
Resource Hash
b0bc4832bff20424c219616d614a0da01ca98a13026edc54b008aa99db057011

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 21:57:53 GMT
via
1.1 e5c9ccf9978a5dc7af1f4be82495cd98.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MRS52-P6
age
1089
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
datDib7ur7U9AKbEAen3fsnSgKfCohn5oiN99hqOpBF9S0N12PQOKw==
config
c.amazon-adsystem.com/cdn/prod/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.catolicoorante.com.br&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 16:29:18 GMT
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
20802
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3623
x-amz-cf-id
QzVwHzE8AkjqnRCFLJ2-3uN166vkmDzrQRuJVH_bArhV3dbFkQrD1g==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.catolicoorante.com.br%2F&pid=lauaTQl3INqs2&cb=0&ws=1600x1200&v=23.1129.2055&t=1000&slots=%5B%7B%22sd%22%3A%22stpd-610tz%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22670896558%2Fcatolicoorante.com.br_336x280_desktop%22%7D%2C%7B%22sd%22%3A%22stpd-ektsq%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22670896558%2Fcatolicoorante.com.br_336x280_desktop%22%7D%2C%7B%22sd%22%3A%22stpd-l316u%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22670896558%2Fcatolicoorante.com.br_336x280_desktop%22%7D%2C%7B%22sd%22%3A%22catolicoorante.com.br_970x90_anchor_responsive%22%2C%22s%22%3A%5B%221000x100%22%2C%22970x90%22%2C%22728x90%22%2C%22990x90%22%2C%22970x50%22%2C%22960x90%22%2C%22950x90%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F147246189%2C22670896558%2Fcatolicoorante.com.br_970x90_anchor_desktop%22%7D%5D&schain=1.0%2C1!setupad.com%2C1555%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.93.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-93-173.prg50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
VV4NS2QYY7CFJCPCGB70
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
xN8PKysTWcOHZAgyknnK02bCzN6q-H4G2mLSOwr98sKP8ltgmpQMig==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 05:34:30 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
60093
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ogTxih6E_4o_cXQzK52hkOwcO_4zguKHMJ5pTaFeW4eLfALhLSnyuQ==
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:02 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
321800
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWqpRKFRcpSsPihdWxVpm0AYR%2BS8Ezpe8UvNng%2FeVxd1n40f4jMn1DmPg8Dly14R3dzqv7uK4a4nrsd%2Fm0ShvI2AtvTZX%2FkUJnz5%2BxByyrR1GQtIAGX9NsXIUPlSxHAmQKOhrZSeGkuRWwLn"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
830fa6b49a169a33-FRA
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
site
hhkld.com/logs/req/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/req/site?sid=104541&uid=50b80a04-b567-4a9f-b1e3-47fb35fb0986&event=playerLoaded&v=20&cb=1701814562187&t_player_start=78&t_page_load=2287
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
dsp
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=104541&tids=30081&v=20&cb=1701814562189&t_player_start=81&t_page_load=2290
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab2bdee249dc6f9a8858d65ec384ef177257e47f2b5d784e9c1caf4d82fa11f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128281
x-xss-protection
0
expires
Tue, 05 Dec 2023 22:16:02 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 05 Dec 2023 22:31:02 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.143.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-143-58.lhr5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:11:20 GMT
content-encoding
gzip
via
1.1 281c9390ff02ec3c7b07e745cb742ca6.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
LHR5-P1
age
67221
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
HeBNqRp_jqxZn51hEUE6sWLqQEDSHIHuUIIFUQ_Ua6VupCDso5IO8w==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ref=&_it=amazon&partner_id=533
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
6580
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
830fa6b5ec9c367e-FRA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
EZ1PSDERW218FAFW
age
3508
etag
W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
830fa6b5bf894db3-FRA
x-amz-id-2
oVMb9IMEvqTWZ9GB/BWAm8aRsH+Zcvpp191pIn1JsRaQpy0cXvIAvv0GANwtze044P3BZQDZL2E=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Tue, 05 Dec 2023 22:31:02 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.196.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-196-88.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
10e99a7be21041e3dd05c48cb19ce6a10e0c350a41dd696eca04a7730ab170cd

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache
x-server
10.45.17.216
access-control-allow-credentials
true
content-length
60
expires
0
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=www.catolicoorante.com.br&url=https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.catolicoorante.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
830fa6b65fad04a3-FRA
content-length
0
content-type
application/json
date
Tue, 05 Dec 2023 22:16:02 GMT
debug
OPTIONS block
expires
Wed, 04 Dec 2024 22:16:02 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		106 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=www.catolicoorante.com.br&url=https://www.catolicoorante.com.br/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ref=&_it=amazon&partner_id=533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f2fc9a98b85c7b3afeac545c86d1f24a99fa59cc3000752666adaa2e13f98ea

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
830fa6b7082b04a3-FRA
bridge3.607.0_en.html
imasdk.googleapis.com/js/core/ Frame 17B2 		751 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
102051
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246373
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 17:55:11 GMT
expires
Tue, 03 Dec 2024 17:55:11 GMT
last-modified
Mon, 04 Dec 2023 15:54:30 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 22:16:02 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D1BA 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 21:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 05 Dec 2023 22:35:04 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame FB82 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 05 Dec 2023 22:16:02 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Tue, 05 Dec 2023 22:31:02 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		347 KB
103 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4498226347652466&correlator=1852264207145624&eid=31078987%2C31079968%2C31079970%2C31079946%2C44807689%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fifs&iu_parts=147246189%3A22670896558%2Ccatolicoorante.com.br_970x90_anchor_desktop%2Ccatolicoorante.com.br_interstitial%2Ccatolicoorante.com.br_336x280_desktop&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F3&prev_iu_szs=970x90%7C1000x100%7C728x90%7C990x90%7C970x50%7C960x90%7C950x90%7C980x90%2C1x1%2C300x250%7C336x280%7C320x250%2C300x250%7C336x280%7C320x250%2C300x250%7C336x280%7C320x250&ifi=1&didk=3904210928~385851010~2560934476~2788957252~3213647463&sfv=1-0-40&ists=8&fas=0%2C8%2C0%2C0%2C0&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701814562364&lmt=1701814562&adxs=0%2C-9%2C80%2C992%2C992&adys=0%2C-9%2C1065%2C431%2C1257&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&vis=1&psz=1600x-1%7C0x-1%7C640x-1%7C480x-1%7C480x-1&msz=1600x-1%7C0x-1%7C640x-1%7C480x-1%7C480x-1&fws=4%2C2%2C4%2C4%2C4&ohw=1600%2C0%2C1600%2C1600%2C1600&ga_vid=1968407445.1701814562&ga_sid=1701814562&ga_hid=1386569909&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGQoKcHViY2lkLm9yZxiK2LXgwzFIAFICCGoSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRj517XgwzFIAFICCGQSFwoIcnRiaG91c2UYsNi14MMxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVNtUXpXRXRRSzA5VFEybEVNRzFpUjJONlVGbFJkejA5SW4wPRiM3LXgwzFIABIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghq&dlt=1701814560959&idt=805&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D115528070c6f289f%26hb_bidder%3Dcriteo%7C%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.06%26hb_adid%3D11218b46c5c795de%26hb_bidder%3Dcriteo%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.07%26hb_adid%3D113ff348ea5b31bc%26hb_bidder%3Dcriteo%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D114cecda2529a66a%26hb_bidder%3Dcriteo&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=2280894051%2C2714642644%2C3069326686%2C2496449170%2C8701940&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65926557c27a0db201ecfd4df5e141d49a7bbdcf9728dfe3612cc7117deab590
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104980
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F1A0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:02 GMT
expires
Wed, 04 Dec 2024 22:16:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl_page_level_ads.js?cb=31079946
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2fdc9998bb1b65f7bd255818faae25b40e971e10880297da69bc7390ba227ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 11:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
38372
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13838
x-xss-protection
0
server
cafe
etag
15153371613945751543
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 04 Dec 2024 11:36:30 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Tue, 05 Dec 2023 22:46:02 GMT
/
s.richaudience.com/vid/qzYNRNx62A/1701814562301/ Frame 17B2 		161 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/vid/qzYNRNx62A/1701814562301/?consentString=&_timestamp=1701814562301
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
47140bff0b022092763677ad76e2c5701f0d421d488c9e20aa60f4d297087a15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
access-control-allow-credentials
true
533
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ref=&_it=amazon&partner_id=533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9106a8e5ad1e3052ed073f8dcd9685580582085bdea341e8876ff8363354c765

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 22:12:38 GMT
server
cloudflare
age
204
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
830fa6b80ca465b4-FRA
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Tue, 05 Dec 2023 22:31:02 GMT
player
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=104541&tid=30081&v=20&cb=1701814562573&t_dsp_request=385&t_player_start=464&t_page_load=2674
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
dsp
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=104541&tids=34088&v=20&cb=1701814562576&t_player_start=467&t_page_load=2676
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
bridge3.607.0_en.html
imasdk.googleapis.com/js/core/ Frame 5838 		751 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
102051
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246373
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 17:55:11 GMT
expires
Tue, 03 Dec 2024 17:55:11 GMT
last-modified
Mon, 04 Dec 2023 15:54:30 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 17B6 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 21:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 05 Dec 2023 22:35:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311300101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a5d37bb26bdd71dc2b0790bb17f0105249fe589cda6a63160fc8ef3f30484a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12203
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 5838 		156 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22785811991%2Fapl%2Fviaaplads8204%2Fvast_075&description_url=www.catolicoorante.com.br&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=308164563568977&&_timestamp=1701814562579&vpa=auto&vpmute=1&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=3197081657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&a3p=EhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGQoKcHViY2lkLm9yZxiK2LXgwzFIAFICCGoSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRj517XgwzFIAFICCGQSFwoIcnRiaG91c2UYsNi14MMxSABSAghqEhQKBW9wZW54GPnXteDDMUgAUgIIZBIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghq&nel=0&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=1701814562659&cookie_enabled=1&scor=1713715446500749&ged=ve4_td2_tt0_pd2_la2000_er0.0.156.300_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Dec 2023 22:16:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9AAD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
24984
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 15:19:38 GMT
expires
Wed, 04 Dec 2024 15:19:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5F31 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f0ed5ac7b07ed001f7aa1a50ebf555ee50e64b8cedbeec0381fe2258e49cca79
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J5TL3J_rof0E0NvH5ACGqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-J5TL3J_rof0E0NvH5ACGqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:02 GMT
expires
Tue, 05 Dec 2023 22:16:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9AAD 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:11:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
25457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 15:11:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5F31 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311300101&jk=4498226347652466&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9AAD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1A_h8Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 06 Dec 2023 22:16:02 GMT
syncframe
gum.criteo.com/ Frame 8757 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.catolicoorante.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:02 GMT
server
Kestrel
server-processing-duration-in-ticks
743431
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 06 Dec 2023 22:16:03 GMT
sid
mug.criteo.com/ Frame 8757
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=catolicoorante.com.br&sn=ChromeSyncframe&so=3&topUrl=www.catolicoorante.com.br&bundle=KwXxG19zakJWejRuczV3dWRyeFJkN3hFc2MyVEVpT21sY0RjVHFx...
  • https://mug.criteo.com/sid?cpp=Pp8yFnxnenhCaVRQc0RqVW5vSGsvdnc2MC84OUIzSDUyRU8xU3FTdElFQ2Z5NWtLUERNbjczVkxmQXdaRjY4Wi9mYmQyQXIvQ1d6SDNoUkxUVjFEL0tObVkvdENBZHFIMDEyZ05GMFMrdDFGbm0xT3RIeU9uY1hXOWNZcX...
449 B
671 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Pp8yFnxnenhCaVRQc0RqVW5vSGsvdnc2MC84OUIzSDUyRU8xU3FTdElFQ2Z5NWtLUERNbjczVkxmQXdaRjY4Wi9mYmQyQXIvQ1d6SDNoUkxUVjFEL0tObVkvdENBZHFIMDEyZ05GMFMrdDFGbm0xT3RIeU9uY1hXOWNZcXpkRmV1aWduNnFLNGdaZkdqZUZHR2hTVVBkQzVXMnl2T2ZLd2t0L0ZLN2g5dG43bkF5RW1qTkNZakpaUnBBR3lBYWZFY0k3QVQwMU1XZzJyZGRKRUV2MlYwVTY4TGhJU3NVdjdJcVo2UCswcGdhejFkaEZST2RHOG1QV1VTK3lOL2k3ZVd6MzlIWlVTSHNMWnNBcXZrUkxXSTczYUJhaDJBend1RCtoOTdYV0UybDh0bDVsbz18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3d4b54a543ebd314e0951aa7abf497e02ea95edea5a0d9e416d0d00916650420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
737364
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Pp8yFnxnenhCaVRQc0RqVW5vSGsvdnc2MC84OUIzSDUyRU8xU3FTdElFQ2Z5NWtLUERNbjczVkxmQXdaRjY4Wi9mYmQyQXIvQ1d6SDNoUkxUVjFEL0tObVkvdENBZHFIMDEyZ05GMFMrdDFGbm0xT3RIeU9uY1hXOWNZcXpkRmV1aWduNnFLNGdaZkdqZUZHR2hTVVBkQzVXMnl2T2ZLd2t0L0ZLN2g5dG43bkF5RW1qTkNZakpaUnBBR3lBYWZFY0k3QVQwMU1XZzJyZGRKRUV2MlYwVTY4TGhJU3NVdjdJcVo2UCswcGdhejFkaEZST2RHOG1QV1VTK3lOL2k3ZVd6MzlIWlVTSHNMWnNBcXZrUkxXSTczYUJhaDJBend1RCtoOTdYV0UybDh0bDVsbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
290182
content-length
0
expires
0
csi
csi.gstatic.com/ Frame 5838 		0
0
player
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=104541&tid=34088&v=20&cb=1701814563041&t_dsp_request=466&t_player_start=932&t_page_load=3142
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
csi
csi.gstatic.com/ Frame 5838 		0
0
dsp
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=104541&tids=34087&v=20&cb=1701814563045&t_player_start=936&t_page_load=3145
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
bridge3.607.0_en.html
imasdk.googleapis.com/js/core/ Frame AD63 		751 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
102052
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246373
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 17:55:11 GMT
expires
Tue, 03 Dec 2024 17:55:11 GMT
last-modified
Mon, 04 Dec 2023 15:54:30 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E296 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 21:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 05 Dec 2023 22:35:04 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame AD63 		156 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22785811991%2Fapl%2Fviaaplads7047%2Fvast_075&description_url=www.catolicoorante.com.br&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1775569934217246&&_timestamp=1701814563051&vpa=auto&vpmute=1&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=1024182231&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&a3p=EhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGQoKcHViY2lkLm9yZxiK2LXgwzFIAFICCGoSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRj517XgwzFIAFICCGQSFwoIcnRiaG91c2UYsNi14MMxSABSAghqEhQKBW9wZW54GPnXteDDMUgAUgIIZBIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghq&nel=0&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=1701814563136&cookie_enabled=1&scor=122244535756336&ged=ve4_td2_tt0_pd2_la2000_er0.0.156.300_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311300101&jk=4498226347652466&bg=!JCelJ2jNAAY3kmNgF5I7ADQBe5WfONkP4ZAQeYswPy_nutuduNRT1WeWtpgTCzZJ_vAeUzioEBslmIsMWBJD8ax-tno1AgAAADxSAAAAA2gBB5kCx6HHakYb0vY4fn1Rq6ng8sUNqQBKJN6315OK2uyWVDtSyG4AiEzksDnhTHglMYBiTPTe5-9uER8IbWGp8k0JlaHT15iqn6JqmFRgURqvT1hDV2O2yoB79VPVGj0MyIfM973nvTXTV7wemEdsHYN2b29q9bsuJrsVgwiAIpDfoFNp_cknCelN7iyzRWaH0p5IFT0TqBQTmmxO7gXcT5yS5CVoVmE4qgxEyHKoMrltEMw8_DUOAe6s3oI1_J4IefEzKJ6vFzIfeUPX5gQrizz0pNd02u3NXHgkY1fk42PISHvdhL6IJ6oEdlQ4Z6ZHsYO9QeUlI_Ff2LqV4iGKA2k3HC0KjZFPNKEsTH3BNDca-qe5Cofd4n5Z8iqjUnUjoaXeLg406GVFFT-9pRmNlEegc7C_Ak8mZK_Uz4yk08Mh3QNWSPFzg6aqQDaqyd0bcbEV6uwM9OmDzxdyb0_IUUUzjy23Jbz4HFe05o4ozyk-65DseKZunGOYDS8cJz5UsDKMU0EpNvF3fpop1tolOGWg3-D5yR5a8B_62Xc8iqW81kMUFBaxGUB-3MWsoPfZ3gsIyNAbV0THOEG89y6m-BC8B1GJrfd0V14LHzwO2reYjYq-auPSSPdtApWKwueC7x97a19PjFrO19Xq72WpOZm3zigcVe-KgZf4LnRVnX_Nl0Qoq4jGhZKjcW3dgEDGFVvmRKTHHWXOsGvN_uKcOb6QWL-g8Bc7MoDGUoXrJJcMfuJjvOar1NusYa3VTd5nf-i4fqJTnHBFlAzcwRMTO0PgdPbaB6myWXB7sVz0-UNcOOvveJ3yEWM4O5lLfpL2K8tAZOyNLM9fWU2LMDSvbdp-LHjdbgSi_5QuQOGPhoOvRVJBNIb5Fb6eRUSGUQB99t5NkVGtS6qWu-7kbiE8P56jb1uVpME5O8tmNG3AnH4emTwfiv8DtpV7_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
container.html
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DCD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:02 GMT
expires
Wed, 04 Dec 2024 22:16:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8AD6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:02 GMT
expires
Wed, 04 Dec 2024 22:16:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3BB1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:02 GMT
expires
Wed, 04 Dec 2024 22:16:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F355 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:02 GMT
expires
Wed, 04 Dec 2024 22:16:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 12D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:02 GMT
expires
Wed, 04 Dec 2024 22:16:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame AD63 		0
0
player
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=104541&tid=34087&v=20&cb=1701814563522&t_dsp_request=478&t_player_start=1413&t_page_load=3623
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
csi
csi.gstatic.com/ Frame AD63 		0
0
dsp
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=104541&tids=8599&v=20&cb=1701814563524&t_player_start=1415&t_page_load=3625
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
bridge3.607.0_en.html
imasdk.googleapis.com/js/core/ Frame 5EBE 		751 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
102052
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246373
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 17:55:11 GMT
expires
Tue, 03 Dec 2024 17:55:11 GMT
last-modified
Mon, 04 Dec 2023 15:54:30 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 61EF 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 21:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 05 Dec 2023 22:35:04 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1406 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhiWv5D6ATAB&v=APEucNWEq80pc9GFqUwmTWHyLACaKvnmYCDioUJluSkPyGr_8YrlzVMWlO05pWN3z0itFZKlGd77xTO_7rbp1zTYa10wRrQ8UUCPDhAEqynJmQXHGKk8jMfWmpSviwfejwYhUHCgyLtruWSUDOxzYIT9meTqkEch23q1cq6Uk4rEHKhHSEvPn4ndjDMl6ifA_h41vBhiikkQa0SLShD6MiZB-UUJkJo7IQ
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame 1DCD 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
23446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 15:45:17 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/ Frame 1DCD 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
15590
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 17:56:13 GMT
view
ad.doubleclick.net/pcs/ Frame 1DCD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstaiu2Qsct-bMVpdA-_ejJu9elKC0QlbptSYLDoD7_8wQJ9P4K5Ejv2nL00gGyLQwUzxGncuIGU9G90Y1jPRBlhyur84mPizKe1mY25fuel-bMZkn_2B7L-sdDKP0pNTPn28zrGVehmAzv2xycv939rCKefiOJyDIcAxNnoQFsZDChK5TVepxKnmO21cQbF6ISlv-BMdqMzUAJWLQ9M9f_hNVsTlRHLZ-s7kgNJ_orYx9Wbj06y2aR30s0iTMxRvrNxgvLbL9v337VHdu2-MA0obyc75LdymmmcKI7gTL1VLG_6NXLRuOUFVwMBlonkKuC2ZFcGuRyVdHNTSYdyc8NkXtqiOq_em8hn-WX4rY6piXVq4-5D_a7St_cp5-GmLLRF6awftRYaltpof59XZRkLlt7HUznMt9uj61Hj2enk84OmfsbYdD-9qIiP9dcLkkwkQDLHMe6MhW61tEX-J0koX0uV0oAOpaxHVf59vxHAcfvL1txiA95UE0vmpCNYZAko9YTOHhK9cczMaoJUf78pDmfDOw9N6X9yYf_o5UYJl0ghk6OScbkXtO47FcBRTUAMlIUa1yHpkH-0XzbDC1vtIsVlhVmWZ_OZviCCBNoMhj3JUCpGTPCWCvp8bI49InxfBoDrCdS8Up4OnRN1N5qTrid1xlHrFFzVJ6pQbNXINlQCw1_wEoRaP_tUhj_aRf21iymEoOr46oemC5YayKWzdKVlCzxDn8KMEStWHnqiWu92KUg4LM1mmxcKNr49OFQkpks2zBHzI8iX62UWklqmEc-HFdbhc10TtqkvZFOxuPFzVKZOWKkghFu6ikUZjlaEKSDwgKYGmiz_1t-ik9sY5W9f-mzTGXAvoVd7BcJ4DHlbOO3mH1FBVs9Mz8YR-4b57knTU-W_H59_Ee2RIjh4OeZ6LxlziKIOKkhYkgj2jE9cngPoofG-2u6iu89MLPe4tssHXbaBsL606KMU9rIREwB6OHsxZBodZXtgpNpt1o0NUQRIy0GwLOtrpAfOwWLES6B1gY9NLXhn0gcqY7Z9M0Dz-gS3YS23dRUfik4mhwo4--YWcqhzDJIn162uW6XJ7GGQjG-6l1XgxpsDdLhOyAxzMYi5bJ6yoMwXyHJaIV8W2hYKayyEYtqBebgudQFjZaxMX9O9i5meUJybQ2RW9ir7r09Aj10hn2VMRiI48REEw0g1AjRinQE8G8XsbzBjZXAJBPTqhD16yIvJywJRFLOu1kuOwXk3CVxyc8pV9Q_vW20U7t18juE8Io6obq0_aky_V1UWoPsDhByZlRsBBotGYc-33rzClF7xCkN5VHcfIS-cdTpQKCMGT_BlprCPs066KdojhNHgG_k_LJVtheGNbGStt2XGBXwN9wo40QzFQ1YBVyXAaDZZtbAP8nxsf2RqSRtsMEoXbKfPE7yGgulwebMyDDhCKTNJvd1EOoS2s6aUo1KLdnJQtVvUFpt_VcNRnprLq0gRhg2bzrraQW08CsMdkxRKONn8-Wbdj5TXvbsp&sai=AMfl-YQAweMRHcJGJ8PiB2EJcE6KsyUzq0L45xOekGmwzYc6iQIrv1qsCJ3xs4KwuEt0iudxkwiOUjz9e3q_fG6ho5dRjHgeO0tPH1bqsrn4RRy0EmlyzTRv0fHYChlx34_2u06UrJ-IBsr79_KzVqSOXBBOCtjGlpLiL4TQisvjviPw-o3M8o4Ui_VckaOnNIJrrReP7depgIfi5tk0-5wjDq_3Cx9_X-p6GnWefzIemZG_F2AsGpd0VIvJK_2SJazgw9SDDCX3mxU5if5A6-7ByTTvXnG_awVNof5tz_AAwzYjT262bOEoxgrSuNnG23FzjFaA5WioQQMisjtyLq1mEEMGXhYWBYTnbJNC2zOxzRoVywzxJZ9wjbHT182glNFybeOvHob37M_dPBG3Hr8SRzMADfqXvmGgwvOoQ6yymL5XxhnRmqZ6vFnto9QG8GBKnlPkP8mOsVGvhw8h9C0KIhb08gJqGx3VoS0oJ-Cw6zOlaOKOtokJOHVIGOhQV02y_KgC0QQbzJxm&sig=Cg0ArKJSzOuwdPlzIW5UEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYWRpc3NvbmhvdGVscy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231204.94867&arae=0&ftch=1&adurl=
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 05 Dec 2023 22:16:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1DCD 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
280721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 1DCD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
48589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:46:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 1DCD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
24365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8554
x-xss-protection
0
server
cafe
etag
636498438165408290
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 15:29:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DCD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BBDVZ8RJDoPaNj66w020AoIBWm9zUNV--FUHWdaTdthBIqb-th6zRA-NZhsHwEuUXPNYbBfD3Co5vi3s_GXishH0eCd2rp3W_uc0mUZelJfCerGRc
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1DCD 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 22:16:03 GMT
1726757212055071192
s0.2mdn.net/simgad/ Frame 1DCD 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1726757212055071192
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e5e811ff27f2393bd60fece92e6dc42a68e67a60b0646d13db5145537c64ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:19:22 GMT
x-content-type-options
nosniff
age
50201
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38329
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 11:59:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Dec 2024 08:19:22 GMT
css2
fonts.googleapis.com/ Frame 8AD6 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 21:54:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 22:16:03 GMT
css
fonts.googleapis.com/ Frame DAB2 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 20:18:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 22:16:03 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame DAB2 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:30:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
24358
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 15:30:05 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame DAB2 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 19:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 19:50:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame DAB2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
48589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:46:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame DAB2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
24365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8554
x-xss-protection
0
server
cafe
etag
636498438165408290
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 15:29:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DAB2 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 22:16:03 GMT
7a8419aef3683f04c437bd15cecf843d.js
www.gstatic.com/mysidia/ Frame DAB2 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
94001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 19:10:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 03 Mar 2024 20:09:22 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/ Frame 8AD6 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 19:50:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
8717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 19:50:46 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8AD6 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:13:25 GMT
x-content-type-options
nosniff
age
122558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 03 Dec 2024 12:13:25 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8AD6 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 16:29:57 GMT
x-content-type-options
nosniff
age
20766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 04 Dec 2024 16:29:57 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2273 		640 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWrEWotNImoc38ZCGPBNxULO1jrE2cQmKDndmKLC2oWxvkLwYaexn-zY2jukGmDQTGmXLl0BOw_rVAEtlCTl4Y4TBNmjEQnaA8lPaoQILUxF8pk0FBmA-ckYsgUJA92Q4rJjcgnB3u6sP3EufHwOemLoObwiglYeXQKytbgLElKF5LYC2DW98Ywzq1Hr9YckTw-V5pwxgDh47O8hofWlmRnZv0yuw
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3BB1 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 22:16:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BB1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BHjupQ4bMmAVhRxzkeMvggETE3eqaMf6CHHYYEpYS6PPHphw4coH1Tb0NZqMgdenZdhq6DY7zEWSD7lkBO0bv9Z0i33sfi18sc5tU2E_mdrh03S1A
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 3BB1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
48589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:46:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 3BB1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
24365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8554
x-xss-protection
0
server
cafe
etag
636498438165408290
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 15:29:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3BB1 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 22:16:03 GMT
view
ad.doubleclick.net/pcs/ Frame 1DCD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstaiu2Qsct-bMVpdA-_ejJu9elKC0QlbptSYLDoD7_8wQJ9P4K5Ejv2nL00gGyLQwUzxGncuIGU9G90Y1jPRBlhyur84mPizKe1mY25fuel-bMZkn_2B7L-sdDKP0pNTPn28zrGVehmAzv2xycv939rCKefiOJyDIcAxNnoQFsZDChK5TVepxKnmO21cQbF6ISlv-BMdqMzUAJWLQ9M9f_hNVsTlRHLZ-s7kgNJ_orYx9Wbj06y2aR30s0iTMxRvrNxgvLbL9v337VHdu2-MA0obyc75LdymmmcKI7gTL1VLG_6NXLRuOUFVwMBlonkKuC2ZFcGuRyVdHNTSYdyc8NkXtqiOq_em8hn-WX4rY6piXVq4-5D_a7St_cp5-GmLLRF6awftRYaltpof59XZRkLlt7HUznMt9uj61Hj2enk84OmfsbYdD-9qIiP9dcLkkwkQDLHMe6MhW61tEX-J0koX0uV0oAOpaxHVf59vxHAcfvL1txiA95UE0vmpCNYZAko9YTOHhK9cczMaoJUf78pDmfDOw9N6X9yYf_o5UYJl0ghk6OScbkXtO47FcBRTUAMlIUa1yHpkH-0XzbDC1vtIsVlhVmWZ_OZviCCBNoMhj3JUCpGTPCWCvp8bI49InxfBoDrCdS8Up4OnRN1N5qTrid1xlHrFFzVJ6pQbNXINlQCw1_wEoRaP_tUhj_aRf21iymEoOr46oemC5YayKWzdKVlCzxDn8KMEStWHnqiWu92KUg4LM1mmxcKNr49OFQkpks2zBHzI8iX62UWklqmEc-HFdbhc10TtqkvZFOxuPFzVKZOWKkghFu6ikUZjlaEKSDwgKYGmiz_1t-ik9sY5W9f-mzTGXAvoVd7BcJ4DHlbOO3mH1FBVs9Mz8YR-4b57knTU-W_H59_Ee2RIjh4OeZ6LxlziKIOKkhYkgj2jE9cngPoofG-2u6iu89MLPe4tssHXbaBsL606KMU9rIREwB6OHsxZBodZXtgpNpt1o0NUQRIy0GwLOtrpAfOwWLES6B1gY9NLXhn0gcqY7Z9M0Dz-gS3YS23dRUfik4mhwo4--YWcqhzDJIn162uW6XJ7GGQjG-6l1XgxpsDdLhOyAxzMYi5bJ6yoMwXyHJaIV8W2hYKayyEYtqBebgudQFjZaxMX9O9i5meUJybQ2RW9ir7r09Aj10hn2VMRiI48REEw0g1AjRinQE8G8XsbzBjZXAJBPTqhD16yIvJywJRFLOu1kuOwXk3CVxyc8pV9Q_vW20U7t18juE8Io6obq0_aky_V1UWoPsDhByZlRsBBotGYc-33rzClF7xCkN5VHcfIS-cdTpQKCMGT_BlprCPs066KdojhNHgG_k_LJVtheGNbGStt2XGBXwN9wo40QzFQ1YBVyXAaDZZtbAP8nxsf2RqSRtsMEoXbKfPE7yGgulwebMyDDhCKTNJvd1EOoS2s6aUo1KLdnJQtVvUFpt_VcNRnprLq0gRhg2bzrraQW08CsMdkxRKONn8-Wbdj5TXvbsp&sai=AMfl-YQAweMRHcJGJ8PiB2EJcE6KsyUzq0L45xOekGmwzYc6iQIrv1qsCJ3xs4KwuEt0iudxkwiOUjz9e3q_fG6ho5dRjHgeO0tPH1bqsrn4RRy0EmlyzTRv0fHYChlx34_2u06UrJ-IBsr79_KzVqSOXBBOCtjGlpLiL4TQisvjviPw-o3M8o4Ui_VckaOnNIJrrReP7depgIfi5tk0-5wjDq_3Cx9_X-p6GnWefzIemZG_F2AsGpd0VIvJK_2SJazgw9SDDCX3mxU5if5A6-7ByTTvXnG_awVNof5tz_AAwzYjT262bOEoxgrSuNnG23FzjFaA5WioQQMisjtyLq1mEEMGXhYWBYTnbJNC2zOxzRoVywzxJZ9wjbHT182glNFybeOvHob37M_dPBG3Hr8SRzMADfqXvmGgwvOoQ6yymL5XxhnRmqZ6vFnto9QG8GBKnlPkP8mOsVGvhw8h9C0KIhb08gJqGx3VoS0oJ-Cw6zOlaOKOtokJOHVIGOhQV02y_KgC0QQbzJxm&sig=Cg0ArKJSzOuwdPlzIW5UEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYWRpc3NvbmhvdGVscy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=102&vt=11&dtpt=101&dett=2&cstd=0&cisv=r20231204.94867&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 37E5 		640 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWb6toEaFLM23AXi7zrdYvVPSSjpktvhPKS0UfjfDP6xACeMe7YWoJ2COIZjghBof_usx9NYyCL2Dt60lFJmBWMNfYq5jJxpk8HSS0-Ly29gWYxfOvYp1YRsRbizoXnNbL_RcLLmWFDOceIZrmarVzta315RgB_p_Q-rT4PkX-UREdrkdGKYXHqqsiZSWAn0ZMqQ5KFpq4Yun-BaNZXQ1hUOEb5Kw
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F355 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 22:16:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F355 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AdfXbQxhO2lsU7jsPWdFPLZ2k5wVsuTvcPzTbdWyOvykUNWKl4q4Od81XeEvQ9NJuto32ZTfk5v1VWR3GDW6rFbB3xZHf22J5U_rnRiQU7VM5CFt0
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame F355 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
48589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:46:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame F355 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
24365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8554
x-xss-protection
0
server
cafe
etag
636498438165408290
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 15:29:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F355 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 22:16:03 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 803A 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVHhYRyOCLwgJmOn2B52MEiXXTmZYZx1MxV6aXQHnQxIQlEhu4wFbTh9sK5pC8cP2an8nU4F9FD7tWL4tpNs_7KEglJsblVBb7R6o2qGIfoZrzce24wATxGuaqsqkdJv-S0AlSMha8RG3zcBNueqUuLIJDa4Xqi940D2i3IHbf_KAMgYC34Jpin_Oi4-RJl9w8lSMBM_xblzs7D4JDXOcM-YhFfCA
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 12D0 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 22:16:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 12D0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AYKvxsD7OOsbzXCrI1Jl9QjPdLoM738XsILPMOzcv6qYkJ7AxnxJcUBKf3iATV3uNuQDHIyCHSVCMNlq2G8WK2Rw6UdD6x1gCP1eRkTa_0afnoe9Q
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 12D0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
48589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:46:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 12D0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
24365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8554
x-xss-protection
0
server
cafe
etag
636498438165408290
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 15:29:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 12D0 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 22:16:03 GMT
rum
dsum-sec.casalemedia.com/ Frame 1406
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI05OLI352AwZscsndHAikA&google_cver=1
43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI05OLI352AwZscsndHAikA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhiWv5D6ATAB&v=APEucNWEq80pc9GFqUwmTWHyLACaKvnmYCDioUJluSkPyGr_8YrlzVMWlO05pWN3z0itFZKlGd77xTO_7rbp1zTYa10wRrQ8UUCPDhAEqynJmQXHGKk8jMfWmpSviwfejwYhUHCgyLtruWSUDOxzYIT9meTqkEch23q1cq6Uk4rEHKhHSEvPn4ndjDMl6ifA_h41vBhiikkQa0SLShD6MiZB-UUJkJo7IQ
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27Gdia1psJFiCNUmVIUr31lTktJsuvD12mz2WONU8WlZY2M%2BcbbKY3IdeIXQ74Uhhr6zP1o27Q%2FqoozyJvBhmLJtT4VFiFNTVlMnS2DAMTVK4ZIIwt0mu6UlGdJKudi2WuZUYbDUtsu%2BFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830fa6c02c6e9034-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI05OLI352AwZscsndHAikA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1406
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW.hI9rtvCrs9QKlZ6LNogAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI05OLI352AwZscsndHAikA&google_cver=1&google_hm=2
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI05OLI352AwZscsndHAikA&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhiWv5D6ATAB&v=APEucNWEq80pc9GFqUwmTWHyLACaKvnmYCDioUJluSkPyGr_8YrlzVMWlO05pWN3z0itFZKlGd77xTO_7rbp1zTYa10wRrQ8UUCPDhAEqynJmQXHGKk8jMfWmpSviwfejwYhUHCgyLtruWSUDOxzYIT9meTqkEch23q1cq6Uk4rEHKhHSEvPn4ndjDMl6ifA_h41vBhiikkQa0SLShD6MiZB-UUJkJo7IQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znnDe6JykHKQ%2BA6h5v0tvgTw03SZS6ROtFfKCl%2F5ABpFT44Zr6riUZB%2BVgpOhk2nGgINGQlzGKPC636bvJ1yvGhsCG2nhsc03m0X%2Fma5Om7yvr%2FVwDI1Fg7qvtk7S2fKEK2m4vl7QQhTyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830fa6c07a6d3a9a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI05OLI352AwZscsndHAikA&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1406
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHJvw4MLFcbXNE2cike0MnA&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHJvw4MLFcbXNE2cike0MnA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhiWv5D6ATAB&v=APEucNWEq80pc9GFqUwmTWHyLACaKvnmYCDioUJluSkPyGr_8YrlzVMWlO05pWN3z0itFZKlGd77xTO_7rbp1zTYa10wRrQ8UUCPDhAEqynJmQXHGKk8jMfWmpSviwfejwYhUHCgyLtruWSUDOxzYIT9meTqkEch23q1cq6Uk4rEHKhHSEvPn4ndjDMl6ifA_h41vBhiikkQa0SLShD6MiZB-UUJkJo7IQ
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
an-x-request-uuid
1947c1bf-e6c4-4e86-a986-5b974c621937
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.133; 138.199.38.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHJvw4MLFcbXNE2cike0MnA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1406
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMTE0ODc3NTMzOTE5NTI4
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMTE0ODc3NTMzOTE5NTI4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhiWv5D6ATAB&v=APEucNWEq80pc9GFqUwmTWHyLACaKvnmYCDioUJluSkPyGr_8YrlzVMWlO05pWN3z0itFZKlGd77xTO_7rbp1zTYa10wRrQ8UUCPDhAEqynJmQXHGKk8jMfWmpSviwfejwYhUHCgyLtruWSUDOxzYIT9meTqkEch23q1cq6Uk4rEHKhHSEvPn4ndjDMl6ifA_h41vBhiikkQa0SLShD6MiZB-UUJkJo7IQ
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
an-x-request-uuid
579678ea-7cad-4ac3-bc41-48c2eb13d80e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMTE0ODc3NTMzOTE5NTI4
x-proxy-origin
138.199.38.133; 138.199.38.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 1DCD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5784a9b0b3f9a385a59421977d70fce3d94ef63baac2c769929a4f9fc9e51d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3113 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122978
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 12:06:25 GMT
expires
Tue, 03 Dec 2024 12:06:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cs
rtb.hhkld.com/vast/ Frame 5EBE 		71 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.hhkld.com/vast/cs?zone=104541&w=432&h=243&vp=4&site=https%3A%2F%2Fwww.catolicoorante.com.br%2F&gdpr=1&consent=&_timestamp=1701814563527
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
gzip
server
nginx
age
0
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept
sd
us-u.openx.net/w/1.0/ Frame 803A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFFQc8yZCMgZTvVw0y9B_Hs&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFFQc8yZCMgZTvVw0y9B_Hs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVHhYRyOCLwgJmOn2B52MEiXXTmZYZx1MxV6aXQHnQxIQlEhu4wFbTh9sK5pC8cP2an8nU4F9FD7tWL4tpNs_7KEglJsblVBb7R6o2qGIfoZrzce24wATxGuaqsqkdJv-S0AlSMha8RG3zcBNueqUuLIJDa4Xqi940D2i3IHbf_KAMgYC34Jpin_Oi4-RJl9w8lSMBM_xblzs7D4JDXOcM-YhFfCA
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFFQc8yZCMgZTvVw0y9B_Hs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 803A 		43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVHhYRyOCLwgJmOn2B52MEiXXTmZYZx1MxV6aXQHnQxIQlEhu4wFbTh9sK5pC8cP2an8nU4F9FD7tWL4tpNs_7KEglJsblVBb7R6o2qGIfoZrzce24wATxGuaqsqkdJv-S0AlSMha8RG3zcBNueqUuLIJDa4Xqi940D2i3IHbf_KAMgYC34Jpin_Oi4-RJl9w8lSMBM_xblzs7D4JDXOcM-YhFfCA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 803A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOMhEhPfV42GOOVH_EaXnQ4&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOMhEhPfV42GOOVH_EaXnQ4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVHhYRyOCLwgJmOn2B52MEiXXTmZYZx1MxV6aXQHnQxIQlEhu4wFbTh9sK5pC8cP2an8nU4F9FD7tWL4tpNs_7KEglJsblVBb7R6o2qGIfoZrzce24wATxGuaqsqkdJv-S0AlSMha8RG3zcBNueqUuLIJDa4Xqi940D2i3IHbf_KAMgYC34Jpin_Oi4-RJl9w8lSMBM_xblzs7D4JDXOcM-YhFfCA
Protocol
H2
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Tue, 05 Dec 2023 22:16:04 GMT
pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOMhEhPfV42GOOVH_EaXnQ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 803A 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVHhYRyOCLwgJmOn2B52MEiXXTmZYZx1MxV6aXQHnQxIQlEhu4wFbTh9sK5pC8cP2an8nU4F9FD7tWL4tpNs_7KEglJsblVBb7R6o2qGIfoZrzce24wATxGuaqsqkdJv-S0AlSMha8RG3zcBNueqUuLIJDa4Xqi940D2i3IHbf_KAMgYC34Jpin_Oi4-RJl9w8lSMBM_xblzs7D4JDXOcM-YhFfCA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Tue, 05 Dec 2023 22:16:04 GMT
pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 2273
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFFQc8yZCMgZTvVw0y9B_Hs&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFFQc8yZCMgZTvVw0y9B_Hs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWrEWotNImoc38ZCGPBNxULO1jrE2cQmKDndmKLC2oWxvkLwYaexn-zY2jukGmDQTGmXLl0BOw_rVAEtlCTl4Y4TBNmjEQnaA8lPaoQILUxF8pk0FBmA-ckYsgUJA92Q4rJjcgnB3u6sP3EufHwOemLoObwiglYeXQKytbgLElKF5LYC2DW98Ywzq1Hr9YckTw-V5pwxgDh47O8hofWlmRnZv0yuw
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFFQc8yZCMgZTvVw0y9B_Hs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 2273 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWrEWotNImoc38ZCGPBNxULO1jrE2cQmKDndmKLC2oWxvkLwYaexn-zY2jukGmDQTGmXLl0BOw_rVAEtlCTl4Y4TBNmjEQnaA8lPaoQILUxF8pk0FBmA-ckYsgUJA92Q4rJjcgnB3u6sP3EufHwOemLoObwiglYeXQKytbgLElKF5LYC2DW98Ywzq1Hr9YckTw-V5pwxgDh47O8hofWlmRnZv0yuw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 2273
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOMhEhPfV42GOOVH_EaXnQ4&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOMhEhPfV42GOOVH_EaXnQ4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWrEWotNImoc38ZCGPBNxULO1jrE2cQmKDndmKLC2oWxvkLwYaexn-zY2jukGmDQTGmXLl0BOw_rVAEtlCTl4Y4TBNmjEQnaA8lPaoQILUxF8pk0FBmA-ckYsgUJA92Q4rJjcgnB3u6sP3EufHwOemLoObwiglYeXQKytbgLElKF5LYC2DW98Ywzq1Hr9YckTw-V5pwxgDh47O8hofWlmRnZv0yuw
Protocol
H2
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Tue, 05 Dec 2023 22:16:04 GMT
pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOMhEhPfV42GOOVH_EaXnQ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 2273 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWrEWotNImoc38ZCGPBNxULO1jrE2cQmKDndmKLC2oWxvkLwYaexn-zY2jukGmDQTGmXLl0BOw_rVAEtlCTl4Y4TBNmjEQnaA8lPaoQILUxF8pk0FBmA-ckYsgUJA92Q4rJjcgnB3u6sP3EufHwOemLoObwiglYeXQKytbgLElKF5LYC2DW98Ywzq1Hr9YckTw-V5pwxgDh47O8hofWlmRnZv0yuw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Tue, 05 Dec 2023 22:16:04 GMT
pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 37E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFFQc8yZCMgZTvVw0y9B_Hs&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFFQc8yZCMgZTvVw0y9B_Hs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWb6toEaFLM23AXi7zrdYvVPSSjpktvhPKS0UfjfDP6xACeMe7YWoJ2COIZjghBof_usx9NYyCL2Dt60lFJmBWMNfYq5jJxpk8HSS0-Ly29gWYxfOvYp1YRsRbizoXnNbL_RcLLmWFDOceIZrmarVzta315RgB_p_Q-rT4PkX-UREdrkdGKYXHqqsiZSWAn0ZMqQ5KFpq4Yun-BaNZXQ1hUOEb5Kw
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFFQc8yZCMgZTvVw0y9B_Hs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 37E5 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWb6toEaFLM23AXi7zrdYvVPSSjpktvhPKS0UfjfDP6xACeMe7YWoJ2COIZjghBof_usx9NYyCL2Dt60lFJmBWMNfYq5jJxpk8HSS0-Ly29gWYxfOvYp1YRsRbizoXnNbL_RcLLmWFDOceIZrmarVzta315RgB_p_Q-rT4PkX-UREdrkdGKYXHqqsiZSWAn0ZMqQ5KFpq4Yun-BaNZXQ1hUOEb5Kw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 37E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOMhEhPfV42GOOVH_EaXnQ4&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOMhEhPfV42GOOVH_EaXnQ4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWb6toEaFLM23AXi7zrdYvVPSSjpktvhPKS0UfjfDP6xACeMe7YWoJ2COIZjghBof_usx9NYyCL2Dt60lFJmBWMNfYq5jJxpk8HSS0-Ly29gWYxfOvYp1YRsRbizoXnNbL_RcLLmWFDOceIZrmarVzta315RgB_p_Q-rT4PkX-UREdrkdGKYXHqqsiZSWAn0ZMqQ5KFpq4Yun-BaNZXQ1hUOEb5Kw
Protocol
H2
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Tue, 05 Dec 2023 22:16:04 GMT
pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOMhEhPfV42GOOVH_EaXnQ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 37E5 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWb6toEaFLM23AXi7zrdYvVPSSjpktvhPKS0UfjfDP6xACeMe7YWoJ2COIZjghBof_usx9NYyCL2Dt60lFJmBWMNfYq5jJxpk8HSS0-Ly29gWYxfOvYp1YRsRbizoXnNbL_RcLLmWFDOceIZrmarVzta315RgB_p_Q-rT4PkX-UREdrkdGKYXHqqsiZSWAn0ZMqQ5KFpq4Yun-BaNZXQ1hUOEb5Kw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Tue, 05 Dec 2023 22:16:04 GMT
pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BB1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2374060200092&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BB1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2374060200092&version=m202309260101&ct=77&x=1&cor=7631771484594619000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3BB1 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADPM4Lih8B6qixL1dXfcV5LjFMY9hhCn6Pre7Xf7NPQLFatiT5YafuGeap3-ZjQY2Zna4wwULrrYkR6kg98CXsjFE9tw5NIunOfx4h2AkXkGNCU15yeZrWRYdL_KWSMAvBYhjzW5zGhRHUW5o9_SRa4dgBgCcxttmp9zgHKjelpYaouiM&cry=1&dbm_d=AKAmf-DJjW5pe79mffd3BKIbhw8s6f8eC-6B7nPC_ynO0N6tgbJmSTWkSzvYzvtaymaiIU-z0BNRNxl2DQLgjIfrCnKrNY5R0aKdl6DHYQd2RaZ9e8ZRd0s-Gff86Pw3LpHdZHlUeaRrb2_QxFBHIY-M0Yy6FKvHMa_Pul9ALNlTA-tIV3ewjBmQg8tp_BbdWTqj4fiCVeUafMI9Wh_8VgGploUwlxxgNwEZNasmqsaFnshRlCXx3sC8ZMc7VUmNSLncKDqZYbTjeQOeQMMmmhWnvKYhyB5FWhhcK10uky-mJjjiULzHbc8Ya-dRYnvNxbN7-h9-dXFZHd0diGoUEfV8R2_Iiw4vr4MWc2YG45s7gD7yL1kREIC7TzKn-DqhFnriibSmTyUQoS_fk2byOROOfuc7Bmrd2KYwCwJJM_kaeYXJAam9VIcaobrGhLxQWYk-xB8DhTfEgyDy-VWbC87aDKv9clDK7cMO6vNlkRl7YcpQpPkJuraQxy3VyXGx__YWYaEqnFDcIx6WhpfHtl1jszeSi2UOvfm8rQ3Y5uKV8Z0GDTFO2V90ls1X3vmHJlKXXHWvL76QErOGvpdOGeQioslcY4_d5aUvBe3AjAZ7Kp2wI4iqM_TGzGnKWAAkfjfwdCS4JZSEbv5nqFX7FNsTV94YAAjB0Ecn8XRncbJkwdhmr4pE0xuJ0mHA5nLXxLgDyj14jwROm8-pcT2L9oDpHmdBdX-da1upzHqRliu6PmamdM5-vsh6Egy13lAcuEIYqOKXjSpir0pt3Hya-eZ7Tr8c-lQktO8gaEKo5gNnpVtJWmGGeX-vL2Q0nIEiAD6Bz7r4xxV-tdEFlzwkUiD3sK3jHO3ZQTj4VxTvmh8-CZAeTkWcmcQow85iev4fGiPtW-OKv5kLLRUaP_drN1225_Qzqv4AMaC_HjgJ7b_vkr5y6Sp9T0X0d-WE66Fusv3L0cCY74KtbquPQn4PJkItsZjYcI6_xzYulx61tq2ity-FUulRuReA5hZ3lXKU8pbjVBltve2LcU0SaG0N-DzXJeGmi7C3i1uG7u80WrqnvKcDC5TNidQQuneJI8aoJC6kk2Hljbn5m4UTo9ZgcoArFXE9y52-QpN04SF_GNhvgkgSM61yxkMD4D6BIcm2N2fvMJqsOHZhhusPBSwG8f8w4Ohj8E2qmhy56JE_qUkECrNh-r2oUzlAI25OtOnx1kBSQWfzCcN22lobrbgGvHQ5jnM8x1C2b_8Ne3pvxkg5i7rukzW3q_O5JDS_hGf0yEfuf9-NLIJz2zCmPnhvadHMZWS1TnK7vcii3YNlPSoNau2jvx1UY5HuBpXwtmdoUBSN5BrIRvsUz0aa5LFMex_O3Y77m1VLhqDsVUuCitPEJKhJbLlEbbKI5CGtQAMGZPzoBpKi3m0p0T_Szqb7T4foaTKLTl2eA0-w-aHBTiGslasf5wCelBo4P8PJdvMGvcE5sONTJicPatghptw6-AJUO3lPwuR8AQHeKOeqe8tIpb4MybdosyeerOokO2Gw4MPrGNz9R-WUsLweRkAbiHc8w8gVqtn3zNvFHOj06C_y6d3mNeWmObDukzps851fPdJymfzvOotHWxSyY4ShPWG2quKsg_1BpWydMRbcDwTh1xwte3nxLj-UEKUiW6mh6kIasnZUvDuDkfwINlaF2gN7cmJ2ZpuKIY2eTorJD-h2cytvxgbwBoVlocnJndZ-MIzyBWRe76kgam-DrcsJlqMU00Xju3do5Mhb9Nh9MZMJaxqXD0gWT9F2o1vaKhyYC5EYSm6Y11GSAh17lwWu7l9Z92J-FhN6Gpamhq5WSX5CmBviu9eOBFgErQ8Tf3WoekG5m6782j85o3-HqIzzwLBwq6giJfvlXYaHyKi5h2_jL8knLvl8pZtwI8fcY0FHKg1IBV0VBy3flGkgh5NuWsr0FnM7mqrfrecaR6wuUaRu_0I8vyUKbGay-fckKSGV7AcleUOyYCustJ41NUKHoONvkj7apit5k-VnD1nZ8H8aeNhXoIDij1ANHfeRHLsObje8GUSPoT87c-Ba0VM_-rVSQk3IvZ_1t1HVXErCgLCZSIrGYKXbQVcWapF1vfcHbFqKlyHLDQPgahLnIogoZWeC6mv6SG0mkDDBfig_bWPRVDltuHNKIS61wR3IJys8lU3IyPzJ-voHeeJjeZe3dZgMCgv85FHOm6N7z7vu3ljaW7WLbfO8Dadu0E8hEQ9G9NmWc5RL2ccpV5XmKU22O3M3hr2YkCJUHu-Nh5K77FQ-6r6NPzxH_QXOCOIdXWlxThg5G-OU3yMoxE2ILMCH1zBJY6q03Yqaf2oo3F8r-YHelROpj2cJ0B1XDIyIYvfy1MNsST4ceyvcEEWjNNDWh-foROGgvw9E7_qi4wkdryiMWiKKJNtAcfgSTLyZhraSrb_ffdf6f8uCSGYKiN2cyUVH7TF2vRKd4RkiMJiXP8ZQhpjTUDdMJIIdS_gtlxdUydP02DhxwWHg4Mlr1N59Lsp7GEpmBhnXz6binWwURn8723CbQYSj8Ht-9Qi8Z1QeZ1eTnH-486tICxD67OPx42Hsz98NXXbSsRK3nDdnBXrCoPv9IigfQ3-InCixJSZW-A0PdU8gyk5utcKosModekiBcqzlao7jSPJs_o7NClXTbknBcMmwcovpmFHgJIetDwcKdSWwJvRaG0O1HjUhO1yMo1OnZP55zj5DPSNcJXFzVtSfd_eel4S73GMlTW_iAbRNjNTGMFa1oqiKRlGBiG47QEh8PiC_LPS4wh2SxOygYmEyhuwWvSzWYB2pWRq0UrqTFDBu5_c0SErd5Ad41O5LtFSP3x_5dzS1xuQKaT3ubcwA17RbuD4ReA_C9ewrtEON_YEsugB6CIcxYFk002Cxpxu94BsJPEeSlkhk5zyVahv6cwX7YT03TN-6NVpb7yflkRzNauq4c3dO1XnCXL5AMc9O9ybu7t4HW03jfRp08j3-m1RmUJn8I0HVYK178xwPcbvlbXECJ4XklhTYhMIMozpth7I2EVSldr89Pm-FH9aaKfa86akj88cZCFe5RUVurRwdfsEA8T8wl-5HbgL0_lchcSFqdIfcDg6F8bmUmSmn5p7NIdMjE6FqvXClABlMDILljKXDIr4Wh7ZVVabz2ROt2uXtqK0kKzrulZYlnH-cPfXV5A9fDW1nDkCHEDLnCCqWRwS4mH8l-H9SQB3K2xYZZphzTLsAQZe1LwBCPtcgAWpfPnahBl3pdR8LH8wXt76QF1OiAy2KWAY8mTUbVdExzTZT7lJfeICFYaiB8ZpT24r0QTtis_KAVL1WVdrlqg_JwntAZK-V3B5t9MFkm_ybXXngnIfHWNqLnFVM3cA848XewCysv3RYC7tqwthGYTrn6xtmdaDN1W-emHdHceBSsBAPVstGCc6qtX7E8QJaqP3IufwJCvEFGZiYO-hexb8TGz5X4aQV1Wx_TYHngmCrz8eUoUopMwiTa_QKERNKwVd6IuLIJs0S76T1VzzUWf1H4Bri1f-B9Dp94ujqF2eeym6VfvwQaGm4jsgPnp4GCMNGi5i57zh3rFpt5Zz8GI5Q5OwLRAXpURToOc8VvfmmUCh07Auacdhnel4k-eVfVFjZrcDi2yJvTehmFfg4LWNX1jCRDB9NxsqzwAgxf90mfcX4-7W9RpiIgZCzOtM2T9rfEYHzCy_K0-P9_3ksmy4BCb032jOz45C3fBfx1WOrh5nGTKI6e0bdlc42l8P2VhDzOt-J9_0YOoYwzfCiZPdRMqT-FrxtTmCDE3ZSVEIpOLk2HBhqRIL3BphUMwkfBApav_UvWXs69lZT5xFMzMw83xMT1f0FTbmAGOW3jwkdApakeFJdte2lDnIGrZKDXiEMfx7TdeIRVPbgaLhBJvD1flLV17JPRRGJZPX0pmR-3Crnd93F706S5BSuvh_6qIxu5viEGHnsJbJZZYujkGXsPIVfHRYnWfPcJGS4rt8NER-Z4xEJqMxJgJjHU_s9TOvP282hXGXF7PiMWfXhFnM7tDGiaq5vWaMgd7LA9QKhoOp5SfHLDDz4aSkLg5p5XExXv9Ivu1xcKvyCQyr2IGxoWMe2lER4eEEK_vYQlx-mFxt-O98W_iEBpFJ7-lXVmCwYeCMz3zTAdsV5N-A8IY5X-Z8DW7bErC-tsQijcr-yv0-2Iw&cid=CAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ds=l&xdt=1&iif=1&cor=7631771484594619000&adk=2857193499&idt=89&cac=0&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd0b4d3d4d051f94f33a8bd47fedd54ceed1066e0efb17fc0d3ebca003491310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13838
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame EB62 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: www.catolicoorante.com.br
URL: https://www.catolicoorante.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
86278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 22:18:05 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 3113 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:11:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
25458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 15:11:45 GMT
node.php
node.setupad.com/node/ 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
gen_204
pagead2.googlesyndication.com/pagead/ Frame F355 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4310724938745&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F355 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4310724938745&version=m202309260101&ct=77&x=1&cor=1839541915241770000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F355 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1jDqBPaVcScsJCZkLMPgoFQ4_6Nonv0OKF7mOCPsTD5ysFAWt9zmPP6SGjUt3QE3a6CMRSn8JFXn7lLNhgMAQ3fFcapLOIqnEJl7JjSW49RubOWT2WOr_Zm0l9IWwKJdtd4_KD8DNi5vaWoURvwTuc4YU9LG84nmfach1UT-0paC_axg&cry=1&dbm_d=AKAmf-DeObnqylSik9xkAcLuVshyVxFq7R-uotUGHc2RtAtV72YuaqfwXD9u1Tlq6c6YFzOxJfxcLLEGJgK6WM52r0h_MR00gjx-KWCaFvLvGU7TPsTQKbIWEh6g4pqRBp8ziHPUDHaUn-6rHp5fQj9CwwN5ywRtpp-6H8Qc-3M5rF5fVlgmtpAPxemZn0EPgLd_5dP1RYGsa1Ec3qEUNTl_LGdAB_9d2s4-SyEd9DfcGFu-9GbcZtiZxpYfM9MvLhOp7HjJMLiy7pWIQwjmRhUBgDnnihTeieKoFRPyySXrWkPXW3-AIxPhx5-F-8hoLq_v-ywH1ubiN1Oi59dDX8osAZn0Aa85DRlgAyRIaQp0NUQDod1vnonuzQnZXwcNL83ZZNoIAmICmQvkrnDsqO5avVgBRVlG2YJL9twcQy4qOjTnqMbiDcTWp3zOUjD8HIyc5WyLpWaj_Hr17iuZ91YVbkMgxkOQIVNuqUB4qvBpUd5WwotzaWC_LvwxblrJvEFlNZ5v3KzXF5XNvbY6FFSt1kQzYO4j3zhJHHYoXVrPw6u5LPx007sCcEzZudG5q_nSvRi2uoWSdRgUhfcTkizRJ7EZzRo4xAcq2ILZd312eUWWbWqaV4z8dHfek9KYKTijTD3Ajpn8KHWMLgg1fA6hilNszkttqLnjgcpNPpdhuORRAaL3I0mC0UFqWzIWF9g0TVlrnIzCoeRNOM6_rIYOTViTp1bCZPjeTptj4a--eYWWrU-IOw6cvHK85rT_NN8p95DiD77zK1ZY8sVMqojNGuv8FotC2NEKsxGrblv57VcGwq-MpSiGCHNeFkZVKn_PmfOm9JXZ52c0LThRC4D06unkeEdQXIZFTvEliwmqQ3ZOy3R6KYrXkojRPP-LQ94fUahAWCYbVVxPjWQxN1mb6QDvBV0vFq6o6ig62CygEeQa0kY0x9C4cPOj9pwV6DDxqrszpqB_y3h0aABGcR_JU2PvmB4NfM5XytzLnct-nXiFnbIsJuHDhdhECqYfex7oEROWkmoD-e7IzBQ2pMFlJHxUbv-w9SRMog-sdEj8vqnZDS9ucgl5iAEsglA8XLzFID73HrYw-JnPLWalW994qExtMQYWZDuRtLrvkRmG54cDFZ74dI9ysQWfEYtajxx4akhI4i8Ti0oJJPPPw5L_-ppIe_CeH7iUX2OOambXPdyHGkZsAFR24zoe1_scqKiWq5Yvfq1CToppbS-zvgXpqNTrgPJkL34FBjU8FuaVVWx3IqYC0Rpb1QC1cv2Nh7hdFnSsAAI08agLOFJ1kk700HUAIcFrvRaBWnEV_-gwzvTnJBfXlqzXxlb8RwzCvA8DQ11TICjlwjziQ_bRUkMHgwIRxW5OsZlUZ3T9rcz7A-ThzYcfp9LOXVl3aotYujlzO0bHbs_DsyxBjCpgVVgRENdTYa0PJw1NgXqAN8xQ9x4ck8wjWPYz0cSAR8073VBBpjL-zS7RnOoToWkZyg52jVycLHIher-1Jo9Fcq5iQ6N41aEDYIq-fHbJhKRKPhoX9pbxPsLqFD-HoWtN_29p33aIqq21VcUKvyMQiZVqBqZoPpjwSLELod6vdsnW-NYC5sTvWlH9wuMGYSVk3LNJM4Zr2oZJkydweP_v81HPML2MkubQ72LnNHECtpsQdj8RZnZ9xx4SRaK7BG_Aoxtz1FthmpK2AJ7JTGfVVxE50AXCJHP_IOMesFWMvwx0N-9Cz7QQ2VhLBPnRZ3svf5v2dB8PZyOP2Gh_Vh8HNb8qRHWr7MehFVrJMwL_AbjFNOoT5PxZqSmfMRka624292T9WNenehp4JPU5Ldmzw2FOQAHtPCNajyJiN02gBzPPdcvpfm33zgMZpH-8_ZIor_Rb7FelyDp1xROS0Ru030PVxDZJyl4ko5DkO6-m2lvxSa6MeurxzoMdB3WmYY40ZolD8exzhtvZXJnc8eFwhA0VyA1xAMg2W7_35YomjakogYeShrUlplOvL00FgyvU0aSuiFiXouzIR1qKKVjbMFssLQ5Cr8-COQQT_WVtkv5Qha9Ve8lQvyQqd0Ru9BLg6b5BE3t5T6vBMA_0WD6uqxiDNmYZBlhwwSoo46BDj3TWk6VTtcri-45-8LMbQl2ZXVdSsHLy-p4zfc3WEUV5ipS3TH__vPIs1IEogrEhepKUuVIlyiZ96yinf1CQRUkD6nEd5s4uegTmCoCdUQTpi1mETYLwqi8rKj7Yaft-wYwe7DRGfxfLMs1QUPAgqwRb5PvkG6pc8J3na5Ia5JU85BUTW8xT0VXzB2cfxN9qWahewRMYnsoFTOzKGViobVDLRe3T6NPbka-bKi9RgJM40BHabeuA5lw06gJPIc1PrRIKfqgimLRrcr9IlKNLdB94uqA2w9jB9RjwUeiRAcVGc0--JxZwE9ZWsWKWOQvwT3Um8Q25RueiNGArgXS-5o26My8bOkUIbMskAKNGd20pBM-ODj33jzPwieI3oIWjGVxPyePrRliT19D09O3y2nP3ONDCdTTwoblJcqnDnzFYbQEkPDdqrxshpHDDZAL_5rdyfsfm4ZzT6Hni12pK6TWP6cFHKcva0Xo3qpZOELqDuC3HF4idTu5w4v6R3LXz54rBg627BLQn35t_o6TPaM50T_GlYHIZ9XJQMO5Tz-Dra_CZ7-qpvUmOcBqSiMCnjqNLRFOFyIZLyT-iaUllaOYDFTn83aHFAYbSfwu4wLGL-So4iC_ykIumMxNMogYSC48wv0p9FnZYdjfUCVFAQTbWgnV8XF3wXMzNHO7yjn0SF47X1_3VMj-w9exu-MldtbsiSd7hgDmXeZbF9u0qMI9qFGCqwEg756XBTogs1bjL-f4NEqG01bMI-1Osfgj2pzq3t5UARv56OSl_QhRrkKCU8tNTy-GrnoZST7QkJqNMU12nu3qiiiXz5xwdvgsUXm6WoBDPpUv5RFVm25kvYrF0HMvSmvFPmtRIItyjQWyU5S0npzdDU9R3jGmsA_uFi9Q9uESPXxSOqTAtV1N3v2muZ7sSoUFIqYNTkc5OzvFWKQK0sskzpPo0irA3Yfk63_3LKyapG6NIKIRV1JXSby6AGjjcPRyv16RZHvDIoVoF45rgCr45DZsMT5kG2KheN_HsnPAo_dNL-BBOz1qCQmQMjPw-NomDltihCLPKpzhFdZAbTrD_FRnuLSjcEKITLOu3qyvJurevsHORtLw9LMpBGYWGE1SljKgk6xEWa0pi-fv6VeKmH5O4BWaXZOGKsFoIJU1m-_FzmLeE3qJE0zfeETzss7_RtRbMlZvMx5tP7CcymC_Ak-uTmDX2mN7YmVrL7wryoh1dac5mSI8oaOmvYIHlqJuOCd_NFsxjbpP-C1XW80jLFdzpyT5lTb1eb2agrbwKVwH0Xnk9R5oC5KmH71URBximITBvRjNAOl-PZbXAmRh4Z3kekxhQHnTIB6enMce-Mrva3o0h8NqYN5z7r68vTGWWijfe2cQJ4M1o5VllyHh_mHCkQDiKtgXlQ_t0_-_rnJEq4RcktRTNU06TO1iCOEkIL5t12_0DsVDK6GBjh-_2iBqctF6NFDFVN5OtOuxOXGsNQRHFZbYiTaYBy92T2a19UQQvDVfRTkjl6e-lbmdzYNG_ZXa8s1UVW47mKen7sdmh9ntOjVveGIv7bonawCZEQA02ZMJSRbskWyWMzezunEPtOAHHGSVXgCSaGFvcaMtaAWOH0Ug7LUT0g5R86S_k53-3qY0jofa-JMANoewvRRRYIE9O0ZKTIxh3SVzICGW205QxH2XTmXQ1hleEtlzc4UWo_S6xgkxEnB_y2VdDtaEWgqrwC8R_wV0EJ6URU5wEjnGIyeN_02T26WwHC9h9z4FioGEauTIWyTRJqrLmh-2o7a5qH1WyURDySLD0Q5ABVCyW9Ex7c9w6XpNQA8DqdNjFWitNa3qES_Kn7WERntAQ1bfGMxOYRbJMDxsoCKANkiKu20gjdSDVTk6OqfMdyhKgBuLUDGsIMliwrCGpn0PbApgErQ4fqnvnV1g-Uvrn5OOwiPSNGVRbTw_78PE3CPkGw8VA-5Rj60l06C9eAmLNCBYS3Ls4YdwlQDTZnVkbvHN4AH18BRZSALQvGG7fqyvIjJsMEunJ7PUiUdDM-SlM06ScyABp-GINjjJ_FgCi91ip3XBlXTnmIGxmZGJCig8YCg&cid=CAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ds=l&xdt=1&iif=1&cor=1839541915241770000&adk=2086295848&idt=170&cac=0&dtd=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80138f1d92fdbcbd98f16d1b8a98f71122b6462f17c9152a6889f797bbfd752e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13972
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3BB1 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADPM4Lih8B6qixL1dXfcV5LjFMY9hhCn6Pre7Xf7NPQLFatiT5YafuGeap3-ZjQY2Zna4wwULrrYkR6kg98CXsjFE9tw5NIunOfx4h2AkXkGNCU15yeZrWRYdL_KWSMAvBYhjzW5zGhRHUW5o9_SRa4dgBgCcxttmp9zgHKjelpYaouiM&cry=1&dbm_d=AKAmf-DJjW5pe79mffd3BKIbhw8s6f8eC-6B7nPC_ynO0N6tgbJmSTWkSzvYzvtaymaiIU-z0BNRNxl2DQLgjIfrCnKrNY5R0aKdl6DHYQd2RaZ9e8ZRd0s-Gff86Pw3LpHdZHlUeaRrb2_QxFBHIY-M0Yy6FKvHMa_Pul9ALNlTA-tIV3ewjBmQg8tp_BbdWTqj4fiCVeUafMI9Wh_8VgGploUwlxxgNwEZNasmqsaFnshRlCXx3sC8ZMc7VUmNSLncKDqZYbTjeQOeQMMmmhWnvKYhyB5FWhhcK10uky-mJjjiULzHbc8Ya-dRYnvNxbN7-h9-dXFZHd0diGoUEfV8R2_Iiw4vr4MWc2YG45s7gD7yL1kREIC7TzKn-DqhFnriibSmTyUQoS_fk2byOROOfuc7Bmrd2KYwCwJJM_kaeYXJAam9VIcaobrGhLxQWYk-xB8DhTfEgyDy-VWbC87aDKv9clDK7cMO6vNlkRl7YcpQpPkJuraQxy3VyXGx__YWYaEqnFDcIx6WhpfHtl1jszeSi2UOvfm8rQ3Y5uKV8Z0GDTFO2V90ls1X3vmHJlKXXHWvL76QErOGvpdOGeQioslcY4_d5aUvBe3AjAZ7Kp2wI4iqM_TGzGnKWAAkfjfwdCS4JZSEbv5nqFX7FNsTV94YAAjB0Ecn8XRncbJkwdhmr4pE0xuJ0mHA5nLXxLgDyj14jwROm8-pcT2L9oDpHmdBdX-da1upzHqRliu6PmamdM5-vsh6Egy13lAcuEIYqOKXjSpir0pt3Hya-eZ7Tr8c-lQktO8gaEKo5gNnpVtJWmGGeX-vL2Q0nIEiAD6Bz7r4xxV-tdEFlzwkUiD3sK3jHO3ZQTj4VxTvmh8-CZAeTkWcmcQow85iev4fGiPtW-OKv5kLLRUaP_drN1225_Qzqv4AMaC_HjgJ7b_vkr5y6Sp9T0X0d-WE66Fusv3L0cCY74KtbquPQn4PJkItsZjYcI6_xzYulx61tq2ity-FUulRuReA5hZ3lXKU8pbjVBltve2LcU0SaG0N-DzXJeGmi7C3i1uG7u80WrqnvKcDC5TNidQQuneJI8aoJC6kk2Hljbn5m4UTo9ZgcoArFXE9y52-QpN04SF_GNhvgkgSM61yxkMD4D6BIcm2N2fvMJqsOHZhhusPBSwG8f8w4Ohj8E2qmhy56JE_qUkECrNh-r2oUzlAI25OtOnx1kBSQWfzCcN22lobrbgGvHQ5jnM8x1C2b_8Ne3pvxkg5i7rukzW3q_O5JDS_hGf0yEfuf9-NLIJz2zCmPnhvadHMZWS1TnK7vcii3YNlPSoNau2jvx1UY5HuBpXwtmdoUBSN5BrIRvsUz0aa5LFMex_O3Y77m1VLhqDsVUuCitPEJKhJbLlEbbKI5CGtQAMGZPzoBpKi3m0p0T_Szqb7T4foaTKLTl2eA0-w-aHBTiGslasf5wCelBo4P8PJdvMGvcE5sONTJicPatghptw6-AJUO3lPwuR8AQHeKOeqe8tIpb4MybdosyeerOokO2Gw4MPrGNz9R-WUsLweRkAbiHc8w8gVqtn3zNvFHOj06C_y6d3mNeWmObDukzps851fPdJymfzvOotHWxSyY4ShPWG2quKsg_1BpWydMRbcDwTh1xwte3nxLj-UEKUiW6mh6kIasnZUvDuDkfwINlaF2gN7cmJ2ZpuKIY2eTorJD-h2cytvxgbwBoVlocnJndZ-MIzyBWRe76kgam-DrcsJlqMU00Xju3do5Mhb9Nh9MZMJaxqXD0gWT9F2o1vaKhyYC5EYSm6Y11GSAh17lwWu7l9Z92J-FhN6Gpamhq5WSX5CmBviu9eOBFgErQ8Tf3WoekG5m6782j85o3-HqIzzwLBwq6giJfvlXYaHyKi5h2_jL8knLvl8pZtwI8fcY0FHKg1IBV0VBy3flGkgh5NuWsr0FnM7mqrfrecaR6wuUaRu_0I8vyUKbGay-fckKSGV7AcleUOyYCustJ41NUKHoONvkj7apit5k-VnD1nZ8H8aeNhXoIDij1ANHfeRHLsObje8GUSPoT87c-Ba0VM_-rVSQk3IvZ_1t1HVXErCgLCZSIrGYKXbQVcWapF1vfcHbFqKlyHLDQPgahLnIogoZWeC6mv6SG0mkDDBfig_bWPRVDltuHNKIS61wR3IJys8lU3IyPzJ-voHeeJjeZe3dZgMCgv85FHOm6N7z7vu3ljaW7WLbfO8Dadu0E8hEQ9G9NmWc5RL2ccpV5XmKU22O3M3hr2YkCJUHu-Nh5K77FQ-6r6NPzxH_QXOCOIdXWlxThg5G-OU3yMoxE2ILMCH1zBJY6q03Yqaf2oo3F8r-YHelROpj2cJ0B1XDIyIYvfy1MNsST4ceyvcEEWjNNDWh-foROGgvw9E7_qi4wkdryiMWiKKJNtAcfgSTLyZhraSrb_ffdf6f8uCSGYKiN2cyUVH7TF2vRKd4RkiMJiXP8ZQhpjTUDdMJIIdS_gtlxdUydP02DhxwWHg4Mlr1N59Lsp7GEpmBhnXz6binWwURn8723CbQYSj8Ht-9Qi8Z1QeZ1eTnH-486tICxD67OPx42Hsz98NXXbSsRK3nDdnBXrCoPv9IigfQ3-InCixJSZW-A0PdU8gyk5utcKosModekiBcqzlao7jSPJs_o7NClXTbknBcMmwcovpmFHgJIetDwcKdSWwJvRaG0O1HjUhO1yMo1OnZP55zj5DPSNcJXFzVtSfd_eel4S73GMlTW_iAbRNjNTGMFa1oqiKRlGBiG47QEh8PiC_LPS4wh2SxOygYmEyhuwWvSzWYB2pWRq0UrqTFDBu5_c0SErd5Ad41O5LtFSP3x_5dzS1xuQKaT3ubcwA17RbuD4ReA_C9ewrtEON_YEsugB6CIcxYFk002Cxpxu94BsJPEeSlkhk5zyVahv6cwX7YT03TN-6NVpb7yflkRzNauq4c3dO1XnCXL5AMc9O9ybu7t4HW03jfRp08j3-m1RmUJn8I0HVYK178xwPcbvlbXECJ4XklhTYhMIMozpth7I2EVSldr89Pm-FH9aaKfa86akj88cZCFe5RUVurRwdfsEA8T8wl-5HbgL0_lchcSFqdIfcDg6F8bmUmSmn5p7NIdMjE6FqvXClABlMDILljKXDIr4Wh7ZVVabz2ROt2uXtqK0kKzrulZYlnH-cPfXV5A9fDW1nDkCHEDLnCCqWRwS4mH8l-H9SQB3K2xYZZphzTLsAQZe1LwBCPtcgAWpfPnahBl3pdR8LH8wXt76QF1OiAy2KWAY8mTUbVdExzTZT7lJfeICFYaiB8ZpT24r0QTtis_KAVL1WVdrlqg_JwntAZK-V3B5t9MFkm_ybXXngnIfHWNqLnFVM3cA848XewCysv3RYC7tqwthGYTrn6xtmdaDN1W-emHdHceBSsBAPVstGCc6qtX7E8QJaqP3IufwJCvEFGZiYO-hexb8TGz5X4aQV1Wx_TYHngmCrz8eUoUopMwiTa_QKERNKwVd6IuLIJs0S76T1VzzUWf1H4Bri1f-B9Dp94ujqF2eeym6VfvwQaGm4jsgPnp4GCMNGi5i57zh3rFpt5Zz8GI5Q5OwLRAXpURToOc8VvfmmUCh07Auacdhnel4k-eVfVFjZrcDi2yJvTehmFfg4LWNX1jCRDB9NxsqzwAgxf90mfcX4-7W9RpiIgZCzOtM2T9rfEYHzCy_K0-P9_3ksmy4BCb032jOz45C3fBfx1WOrh5nGTKI6e0bdlc42l8P2VhDzOt-J9_0YOoYwzfCiZPdRMqT-FrxtTmCDE3ZSVEIpOLk2HBhqRIL3BphUMwkfBApav_UvWXs69lZT5xFMzMw83xMT1f0FTbmAGOW3jwkdApakeFJdte2lDnIGrZKDXiEMfx7TdeIRVPbgaLhBJvD1flLV17JPRRGJZPX0pmR-3Crnd93F706S5BSuvh_6qIxu5viEGHnsJbJZZYujkGXsPIVfHRYnWfPcJGS4rt8NER-Z4xEJqMxJgJjHU_s9TOvP282hXGXF7PiMWfXhFnM7tDGiaq5vWaMgd7LA9QKhoOp5SfHLDDz4aSkLg5p5XExXv9Ivu1xcKvyCQyr2IGxoWMe2lER4eEEK_vYQlx-mFxt-O98W_iEBpFJ7-lXVmCwYeCMz3zTAdsV5N-A8IY5X-Z8DW7bErC-tsQijcr-yv0-2Iw&cid=CAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ds=l&xdt=1&iif=1&cor=7631771484594619000&adk=2857193499&idt=89&cac=0&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
280721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 16:17:22 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTgxNDU2MzkzMjIwNQogIHNlcnZlcl9pcDogMTgyMzU0MTMxCiAgcHJvY2Vzc19pZDogMTQ3NzM0OTg5MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 3BB1 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTgxNDU2MzkzMjIwNQogIHNlcnZlcl9pcDogMTgyMzU0MTMxCiAgcHJvY2Vzc19pZDogMTQ3NzM0OTg5MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMTA3NTc4NjA2NTIyMDU5MTczOQpkZWJ1Z19rZXk6IDExOTY3NTA1ODI5OTQ4NTUzMzc1CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wNSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMjU5NzQxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTIzMjAKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x67c171d8ba4de45f0000000000000000","13":"0xb668e6866b4772090000000000000000","14":"0xd33526cf05b9123c0000000000000000","15":"0xff96e38e0e3df10a0000000000000000"},"debug_key":"11967505829948553375","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"11075786065220591739"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wmoiqux43uzw
hal9000.redintelligence.net/zone/ Frame 3BB1 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1701814562470334&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG-JiIqFvZb7aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0CiNgOJc2ZIP_jvMwDEdrVrgFkOxRkueoRd2Z7y3BZXfcVfHM5oqlT7cfebVMGzVbFZcZ5Ut3H4RVJj7_sfcr6BNdEU-PQP1KdV6wwmrWLAlHbTosB25yHb7y5nlgzw0zEEeIwVCW0WjEA8mp03SX-_d5QNFjeuJGv7t0xzpOmaQwfIAbnO2l70OVGev2KYIQUDZ7q3ZgaSYTdlqdtr52c_6mXVpUKvnuWiU-1GGfYDC1YzfsxDDwm0eEqD9DRvuKsLzv2I7OW0EwJbn_JLpdf0MlbJ0kWTWj5KM1jl5hoa9gqe63k1Ph87eLij4Ic7NfwWw7-f3D89Dsk05LRJfBOaiR45lRuddxzq1CG2T8LNHOjSvaSWjFOFchFj3PcizZzgPXRjWhDHjH5pqFrLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuIrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_1qt3uT9FCVo8_yJ56ZBDoK0hdR8g%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BSNzIeh9Xa3O10MLHXEKjp42Ut-yCL-_L6IPoT9hMxSKEbonlfcmoMQ9uVaRKB1rTexLhzcqz0G-2Kd0qSudLVrui5SA4hlDPZVvwM0iS9XUwSBFzktVDhwpgIX612Wlu1jxqLEE1VIXr-Qe6gqjr96u3F9nxGjfKGfADfpUbBS7JoAhs%26cry%3D1%26dbm_d%3DAKAmf-A_EXTZ3sHUCt8YS2dZDaafohTW4w-WtnmTrEYCtwtKkNhXevQs820EBto0sqc0VsCLWUMRR7oeSp1hK5HhYj7_dUsKtlQa5kvgc6onrHZbBl3FROIWXgnnWqcQx1KH0Fq1xplYch68JSW6En5L9QZuhl8Wxwq9zJrLigwYqOXuWEdWqiHn6NyqpNaNiE9BbpZYBjwiQKWi4vNFrPo-0EmWXP8SkoiS-n-pYu1HI9YSij0G608cDFl6m3fJpA3s74zlHKXi4QgwInuaAAQsDWdOCCvYLQ3yd4Baz_dM4XHXpg1E4Csu8SGphFPT-OFbdX-ONZ5hjPFLaocaLhALgv9r9BTpuHmcTCLpR8vGdkTMc3L8BUoQ72a5OuWOp5RdgWIJQW1f0SmjiCd3RbDZy8GqInyCLy7mebzMk8Nh0fHn5x9TN7qYa8bWCZfgEyw400DAv0uUxPYhVMowhMtbil-LjBdGEW17S9Y4m0DkiLI-US_ZQ3QUgxo-zXZGzTDyd-xQUMvyqYIUUM1KVdbgsm8LIoTBbXv8C_iJCZnySaKxiHBOjIM-iXBjFEF3fyXnz4Bimktq%26adurl%3D
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
c4e08ed2fcf2572bf0d6085601e132c547331d03b3521c2243cbb3e7ed08c079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4286
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4264 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122979
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 12:06:25 GMT
expires
Tue, 03 Dec 2024 12:06:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 12D0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3380018451903&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 12D0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3380018451903&version=m202309260101&ct=77&x=1&cor=6990165532659251000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 12D0 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdhQz3HyH1ILw7pKhYZngguFiUjegSP4ddI07Jtabm2xGMjtO6W5oYi3iVySuTeHBrnGAJIEBJ63Zaqx-2zc_3yfVPRuISRgYkQz-i1fbUKL0ioHtC-kryI4VsWqcDVpZsp8XFsE_n-Qj1n9W0dAa70rboIJIC3vxxjJ0rXdahi5jmfhc&cry=1&dbm_d=AKAmf-C5r48iT-mhXJHAt2-Tk45AusWrwVf8tINI2Bo6UwbGXp6MF4JMTR6hKE5kbe5AsxLQbZ_idhV2zZM_yxRgerGyrbVf3K2TAcn6LzKL2LTHxT_RrHx2U_hXVRUPzLkAQtbkdGrjr76pQhOiI_A98WYfEzgcALQqrqh-nQOxQjPfsSWsPIsCcuGm2idz9Pp3yq4MbNnzHH-5bNVO9c97IMHqSWy_L27ik5aM9dQrk2L6AnbuAHKtPg6MpKx3a-NkpQGMn4FtmCj4NOacIUo1_UlKex0ImTlGOn3heiBzMaprAzNtOl1q4EESxLusLpz7PIcQBOfSA3iFNoM1N1N-Y-DspwRiBJA_D-kBEU_4O8EvyIhRny6NgOqg84Nbx7DGyr7VXwfnMxPZq2wVUgI1riSclYLe-MBRTopHsq_am_k8hIey_v0h4jnFIFd8hg-oiGqpeY97f9ObP-5G_R-2mnhJJg7ESTrss8g7HIG-k1oKCtgw0OPZoVVj0lrBWoZSKkVETaxagYegFQZM9FpbjXt6bTPN4H43HvTaLPNi1sJWIfI7b28M1ZezTc_0eDqdDz2ux7doLL36qbKmKfYS1G9C5ux8yw3sJAEM9hs_QRKYHI60bLTmZKvRt_sAOGov9bXTkFxADFAiHEuGiX4jJb3dsK_Rdzmebn6oMetlerD5NEZQcBaa5x5s6lP1FM4LT7lNVhkImrt4L_By8iNkmmoGfNgHrqICC4cyHhouxTfqjvkZcXQZ5CgJfM3NNiGhIkZZgjCFne71IIPt4kYriiciWgmV_7kNG70prQCgd5h0BcvItSDT9sWs7nQXw0yXh1813MxAt0CPEAQmS1IucVlgM0-R1PokjgaKEgMWUKsCT-caSyyTMqusj9Cloj6rsRzMNrcZnwj3Dml7c0JDFEx2fv0S3NIzTkd1P5mLPIuvUaVfS3_ZWnlH-JGbWt3nrp45hoaNgnQ9WDENNn0PNG9pELTSnm_VGkfE5RtQ4pY-uP1sgx38iD-kGRAB6AmtIEd-z7LWaavAtEZGnNgp9tnKF0whTM0V0hocUEMc040fO2slRndt0iPU0ZreIIiffZaAt-VQfxcQ9PfYM94II-ukB5KDqunt23xGBXXXjpZBx1D3H9Wa3vXW7xURkCiP6ayz19bEtsS0PjTChwUw_9bL2JDTam4hqyfgJZb0GJMhWEH0BSx6-k6QotSOJUzYNXhZtMhD9UaJ5aibMo2pX0ZUOcTgeoOSqK_58boNJm6mVCLpA27H2I1Ey8qXl-8n6ZQeERcfyZL-AernrxpO5jyPcs0bBv_QeBOxGZT-Fvf9Rrh14BXaFRjZkCatc82qL-j2UZ_hZxKqSVihMojh-uyNG0s0UEGM58oSuNs-25AImV67bHX09ze7yqjFB2ZPs-kxtJWPVKKl84a5z5dHoPCJ-UVS3jz3rm9ebNIYK9hpEMevF9ROoHCr9IlER0lYxIgb2OxMnv_Rrdv4Yac9bH5W90iTTHIFIFGAM6VnC7KMlIgkvaHTREGvQfr7_cZRZm1LgkIhduepC8eXuL3qCifA0j5Ly4-KsHdFHjTjb8v4EpXwPbUOF8THstk_4CUtUP7OxGxpoQpQSr-6K38OoZH32vlq-Rc9sbrZRN6s05YlJqi1SNVRdyQ82A8i3_GaSyyvnmMi3vLyaDpel8jspifZKPs92i4CgwkCPxA3aX9aVDmoY9x-vqNHV7oQWv4CWWbxnBdQpsDNXhqJV8SQRPbJvVOkBX2wRRYkri0v73xg8o8vLrmmJIm08W-7NnT8mEPmNIQNH5eIdM5TIm4G0Fl1-Xly-XiilcV6oiWpo9rCA-cdzVovctP_NQkUmmALNiorNRK1PZW318NhBmiqi_F3VbmcfRPcHtxoAcz0nB9bJBI-NHozF6GPhL7bAA6h1iW8b5OPERgxgy1iTcPfmbPVMRj47C9w7B-zkBBIbz1FOhUxn6hLf2uQrdmvCLSLPDI4APMvnonIwXF_2DO8PKSAelx2tsv55pFAXOqwucjK3sfG7TaBByqCmAFj9yJj2cWnWPn5a9gLpzpYzB5HZgdbqL6-QzD_ijp_kmww-7ieFxEY7FFy11LkMCuqqKSSwkZuieEnjO7PCC3qigSfDQqAI4HI4WzeUx40RVoZe4tK99TyH4__p2QJY3Hxul6MBbiaRJ83vFpAQWCQCDPUjVsNVVcvNKY5KLabAqwsdxSsyLButLQgSuuTBD8pSzsxA_YC-NTRdw9RTbvQw8azD0IYE7JltHjR7IDRyn4wjf0pO5qPzF1oeExXpYao77vDinU-Gw7JHtFzagW1rmFd9ZF1QZu0mM_Zt8uw5ySpiHzug6yO2cg9m6NVr5D3uY_IiHVPDGPkR-CeDKeD2g0PnagpTXkXMXVirzUyHmDf3a-V3nnZWeKD3j8_ylz9Ma3bEmLM0ldTsnPnka4o-qrhjQWiKEBuYKjgstwFdM-KsXELya8oPqUvE8G_V5l8_vbqOczGYHtq83j7z5kgTyY2Tc7UEuJGK7TfnloYywTMwFQE3yzcfj2GjDDVZHvk067jOX11UJlPhbb-OOR2-t_tLmYDKSM7ZznCFA7ZI2PLAkWcrv25Txe6BmXi6xAD2baoVJPOQB_OSvxjRNhpXI_WTa1bCdsp7SNT8vTv9JcY7OPA8wzLb6Ik3P24yP8PSf9iAqoQ7UYMFXGLYqNQfsJ6OOMU7p12H_RwbGhhfg5eTvUDXh6IOwkj26s87m-QhW45jYoGvv3AjGRESswELIhCXWz3XPED1GpzRzZLYFg-ULssCU60Wn5NJvoSDZ3eB3axcWapQuLDTbZYVMtewumRvgXGKiggbY-EN3LPVImTKaBDjZiiBft91OqXFxN8xTXcduP6UI1sTmbtBKj_vrwZm817CCgucidOGXh7v4kFUpTQ3Z3-rhZ90tBWSg4EHFXmV2NCpvy-4L6v4u9HUSyu2_hbRP3DAAVu7U_qhKvP181k6H7HZUiLJArB_Ipe_gXylGoshrNymCYfGaDF1pJ7kxRUmfwu2YLKH1yTDCAuC6oaCsodhOAmjtRN9xRBxruX-LzAP1m7seogo6AqzN-O5m_LJ0dcf2AF28-8DRJKT8NAcoZJJ61NR-IWAbWn68jfetRBK_O1owyNNvPU9Ok4QrhzvCtlR-LjtuOg7Es2JaKCpH9xL-Xd-yRk_qPN0MOGfv5AZY9ejwVUN-c3QftqDQ9cPvK4McI_SO2v9NgxXHPEhx981Xyzv7BS-MmJHBVU6SeB-StofQDHWlEIu9V83lpUDW2kfaWgPk-ZadKDWChDXXMQTrXQ8onNWrMWrY4A_pJ5u_G5aVTxN-WJlJtpXWoGTJCmfNcymT6KtDEqnK5y5WmpR_Cr-QaPDjP2p9EivO9kZEm4mrRumaaGVs039U2ldMvHSTrEutxQcZeTII0n48EbXWHYTNpkHY9zMHqULiUMjGRRQpgtG4KPV0e0u0O9BGF-9gu-kGD_vtwdMpHTE6hO_HxTMPXy0jLfzgwbiLMzWp_CdK7kWdRXQUWQJvpuJQVnLXcbtAo5ik8DXSRdZI3BT8-HU6m5dhcLDwhoU7jLxuUFjpgrk69AXS0m1QCLtfoGebv0ip_QdExHIGAzrcqC0yy-RWbSz5ziyOMnHowYmeUxsSgv39TMF8J9mT0D8Rd5yjnY6wppHPqwpwVbxuv0CAgegcVLRPtx9Em1k9PUNZW_JOod6iJxvcm8apxfhKJwTcI5b2Z7Hkh57LhyyfQ1MlC2QRWuS-4s3gCMQqtdp5Ptp2PDKQYWy37NFPnikJHYHLR95sRVcuEW2N1UMx7i4qNxo6PFfQqnG5zyoEGTndunxBXFv5btWqkmLeN6Dyn1UhXoyfUWoTwZHsrn4wLZi-LffAPkgYwU4sKrUtZGILO91XHJ3DfSmEmUXIWmPqQ4JQ_MzvE21rvthy6L98_NhCWpnbp_u2usBPPPeVhDk73-A1S71ZS4xuWi7IU0PbkLES9FREgFN4x4ptPTuaTZf8kHR_1qnHO4RSj-MI5HPjWrheG7y5DWh14FHmDd5UbjCWy3MoAbtNRPXKGDWFxyxiRjf8Pwb81o280Mo3uVgMcTLO6aPfN7Tb6UrRXPsVqwBVTVt1DO2heFN2PJU4Zoke5fJn487gNayMFzv-Jw-MlhHURBiYYoF5G-K87MR0sVww&cid=CAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ds=l&xdt=1&iif=1&cor=6990165532659251000&adk=3944675603&idt=216&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfbae21e5eb164e33321ed1ae74d223ea0668e98601d9fff68674d07019da643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13752
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 5EBE 		0
0
player
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=104541&tid=8599&v=20&cb=1701814564019&t_dsp_request=495&t_player_start=1910&t_page_load=4119
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
csi
csi.gstatic.com/ Frame 5EBE 		0
0
dsp
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=104541&tids=30383&v=20&cb=1701814564027&t_player_start=1918&t_page_load=4128
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
bridge3.607.0_en.html
imasdk.googleapis.com/js/core/ Frame C7B5 		751 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
102053
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246373
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 17:55:11 GMT
expires
Tue, 03 Dec 2024 17:55:11 GMT
last-modified
Mon, 04 Dec 2023 15:54:30 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1C21 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 21:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 05 Dec 2023 22:35:04 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 4264 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:11:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
25459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 15:11:45 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F355 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1jDqBPaVcScsJCZkLMPgoFQ4_6Nonv0OKF7mOCPsTD5ysFAWt9zmPP6SGjUt3QE3a6CMRSn8JFXn7lLNhgMAQ3fFcapLOIqnEJl7JjSW49RubOWT2WOr_Zm0l9IWwKJdtd4_KD8DNi5vaWoURvwTuc4YU9LG84nmfach1UT-0paC_axg&cry=1&dbm_d=AKAmf-DeObnqylSik9xkAcLuVshyVxFq7R-uotUGHc2RtAtV72YuaqfwXD9u1Tlq6c6YFzOxJfxcLLEGJgK6WM52r0h_MR00gjx-KWCaFvLvGU7TPsTQKbIWEh6g4pqRBp8ziHPUDHaUn-6rHp5fQj9CwwN5ywRtpp-6H8Qc-3M5rF5fVlgmtpAPxemZn0EPgLd_5dP1RYGsa1Ec3qEUNTl_LGdAB_9d2s4-SyEd9DfcGFu-9GbcZtiZxpYfM9MvLhOp7HjJMLiy7pWIQwjmRhUBgDnnihTeieKoFRPyySXrWkPXW3-AIxPhx5-F-8hoLq_v-ywH1ubiN1Oi59dDX8osAZn0Aa85DRlgAyRIaQp0NUQDod1vnonuzQnZXwcNL83ZZNoIAmICmQvkrnDsqO5avVgBRVlG2YJL9twcQy4qOjTnqMbiDcTWp3zOUjD8HIyc5WyLpWaj_Hr17iuZ91YVbkMgxkOQIVNuqUB4qvBpUd5WwotzaWC_LvwxblrJvEFlNZ5v3KzXF5XNvbY6FFSt1kQzYO4j3zhJHHYoXVrPw6u5LPx007sCcEzZudG5q_nSvRi2uoWSdRgUhfcTkizRJ7EZzRo4xAcq2ILZd312eUWWbWqaV4z8dHfek9KYKTijTD3Ajpn8KHWMLgg1fA6hilNszkttqLnjgcpNPpdhuORRAaL3I0mC0UFqWzIWF9g0TVlrnIzCoeRNOM6_rIYOTViTp1bCZPjeTptj4a--eYWWrU-IOw6cvHK85rT_NN8p95DiD77zK1ZY8sVMqojNGuv8FotC2NEKsxGrblv57VcGwq-MpSiGCHNeFkZVKn_PmfOm9JXZ52c0LThRC4D06unkeEdQXIZFTvEliwmqQ3ZOy3R6KYrXkojRPP-LQ94fUahAWCYbVVxPjWQxN1mb6QDvBV0vFq6o6ig62CygEeQa0kY0x9C4cPOj9pwV6DDxqrszpqB_y3h0aABGcR_JU2PvmB4NfM5XytzLnct-nXiFnbIsJuHDhdhECqYfex7oEROWkmoD-e7IzBQ2pMFlJHxUbv-w9SRMog-sdEj8vqnZDS9ucgl5iAEsglA8XLzFID73HrYw-JnPLWalW994qExtMQYWZDuRtLrvkRmG54cDFZ74dI9ysQWfEYtajxx4akhI4i8Ti0oJJPPPw5L_-ppIe_CeH7iUX2OOambXPdyHGkZsAFR24zoe1_scqKiWq5Yvfq1CToppbS-zvgXpqNTrgPJkL34FBjU8FuaVVWx3IqYC0Rpb1QC1cv2Nh7hdFnSsAAI08agLOFJ1kk700HUAIcFrvRaBWnEV_-gwzvTnJBfXlqzXxlb8RwzCvA8DQ11TICjlwjziQ_bRUkMHgwIRxW5OsZlUZ3T9rcz7A-ThzYcfp9LOXVl3aotYujlzO0bHbs_DsyxBjCpgVVgRENdTYa0PJw1NgXqAN8xQ9x4ck8wjWPYz0cSAR8073VBBpjL-zS7RnOoToWkZyg52jVycLHIher-1Jo9Fcq5iQ6N41aEDYIq-fHbJhKRKPhoX9pbxPsLqFD-HoWtN_29p33aIqq21VcUKvyMQiZVqBqZoPpjwSLELod6vdsnW-NYC5sTvWlH9wuMGYSVk3LNJM4Zr2oZJkydweP_v81HPML2MkubQ72LnNHECtpsQdj8RZnZ9xx4SRaK7BG_Aoxtz1FthmpK2AJ7JTGfVVxE50AXCJHP_IOMesFWMvwx0N-9Cz7QQ2VhLBPnRZ3svf5v2dB8PZyOP2Gh_Vh8HNb8qRHWr7MehFVrJMwL_AbjFNOoT5PxZqSmfMRka624292T9WNenehp4JPU5Ldmzw2FOQAHtPCNajyJiN02gBzPPdcvpfm33zgMZpH-8_ZIor_Rb7FelyDp1xROS0Ru030PVxDZJyl4ko5DkO6-m2lvxSa6MeurxzoMdB3WmYY40ZolD8exzhtvZXJnc8eFwhA0VyA1xAMg2W7_35YomjakogYeShrUlplOvL00FgyvU0aSuiFiXouzIR1qKKVjbMFssLQ5Cr8-COQQT_WVtkv5Qha9Ve8lQvyQqd0Ru9BLg6b5BE3t5T6vBMA_0WD6uqxiDNmYZBlhwwSoo46BDj3TWk6VTtcri-45-8LMbQl2ZXVdSsHLy-p4zfc3WEUV5ipS3TH__vPIs1IEogrEhepKUuVIlyiZ96yinf1CQRUkD6nEd5s4uegTmCoCdUQTpi1mETYLwqi8rKj7Yaft-wYwe7DRGfxfLMs1QUPAgqwRb5PvkG6pc8J3na5Ia5JU85BUTW8xT0VXzB2cfxN9qWahewRMYnsoFTOzKGViobVDLRe3T6NPbka-bKi9RgJM40BHabeuA5lw06gJPIc1PrRIKfqgimLRrcr9IlKNLdB94uqA2w9jB9RjwUeiRAcVGc0--JxZwE9ZWsWKWOQvwT3Um8Q25RueiNGArgXS-5o26My8bOkUIbMskAKNGd20pBM-ODj33jzPwieI3oIWjGVxPyePrRliT19D09O3y2nP3ONDCdTTwoblJcqnDnzFYbQEkPDdqrxshpHDDZAL_5rdyfsfm4ZzT6Hni12pK6TWP6cFHKcva0Xo3qpZOELqDuC3HF4idTu5w4v6R3LXz54rBg627BLQn35t_o6TPaM50T_GlYHIZ9XJQMO5Tz-Dra_CZ7-qpvUmOcBqSiMCnjqNLRFOFyIZLyT-iaUllaOYDFTn83aHFAYbSfwu4wLGL-So4iC_ykIumMxNMogYSC48wv0p9FnZYdjfUCVFAQTbWgnV8XF3wXMzNHO7yjn0SF47X1_3VMj-w9exu-MldtbsiSd7hgDmXeZbF9u0qMI9qFGCqwEg756XBTogs1bjL-f4NEqG01bMI-1Osfgj2pzq3t5UARv56OSl_QhRrkKCU8tNTy-GrnoZST7QkJqNMU12nu3qiiiXz5xwdvgsUXm6WoBDPpUv5RFVm25kvYrF0HMvSmvFPmtRIItyjQWyU5S0npzdDU9R3jGmsA_uFi9Q9uESPXxSOqTAtV1N3v2muZ7sSoUFIqYNTkc5OzvFWKQK0sskzpPo0irA3Yfk63_3LKyapG6NIKIRV1JXSby6AGjjcPRyv16RZHvDIoVoF45rgCr45DZsMT5kG2KheN_HsnPAo_dNL-BBOz1qCQmQMjPw-NomDltihCLPKpzhFdZAbTrD_FRnuLSjcEKITLOu3qyvJurevsHORtLw9LMpBGYWGE1SljKgk6xEWa0pi-fv6VeKmH5O4BWaXZOGKsFoIJU1m-_FzmLeE3qJE0zfeETzss7_RtRbMlZvMx5tP7CcymC_Ak-uTmDX2mN7YmVrL7wryoh1dac5mSI8oaOmvYIHlqJuOCd_NFsxjbpP-C1XW80jLFdzpyT5lTb1eb2agrbwKVwH0Xnk9R5oC5KmH71URBximITBvRjNAOl-PZbXAmRh4Z3kekxhQHnTIB6enMce-Mrva3o0h8NqYN5z7r68vTGWWijfe2cQJ4M1o5VllyHh_mHCkQDiKtgXlQ_t0_-_rnJEq4RcktRTNU06TO1iCOEkIL5t12_0DsVDK6GBjh-_2iBqctF6NFDFVN5OtOuxOXGsNQRHFZbYiTaYBy92T2a19UQQvDVfRTkjl6e-lbmdzYNG_ZXa8s1UVW47mKen7sdmh9ntOjVveGIv7bonawCZEQA02ZMJSRbskWyWMzezunEPtOAHHGSVXgCSaGFvcaMtaAWOH0Ug7LUT0g5R86S_k53-3qY0jofa-JMANoewvRRRYIE9O0ZKTIxh3SVzICGW205QxH2XTmXQ1hleEtlzc4UWo_S6xgkxEnB_y2VdDtaEWgqrwC8R_wV0EJ6URU5wEjnGIyeN_02T26WwHC9h9z4FioGEauTIWyTRJqrLmh-2o7a5qH1WyURDySLD0Q5ABVCyW9Ex7c9w6XpNQA8DqdNjFWitNa3qES_Kn7WERntAQ1bfGMxOYRbJMDxsoCKANkiKu20gjdSDVTk6OqfMdyhKgBuLUDGsIMliwrCGpn0PbApgErQ4fqnvnV1g-Uvrn5OOwiPSNGVRbTw_78PE3CPkGw8VA-5Rj60l06C9eAmLNCBYS3Ls4YdwlQDTZnVkbvHN4AH18BRZSALQvGG7fqyvIjJsMEunJ7PUiUdDM-SlM06ScyABp-GINjjJ_FgCi91ip3XBlXTnmIGxmZGJCig8YCg&cid=CAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ds=l&xdt=1&iif=1&cor=1839541915241770000&adk=2086295848&idt=170&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
280722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 16:17:22 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTgxNDU2NDAwMjM2MAogIHNlcnZlcl9pcDogMTI2MDYxOTM4CiAgcHJvY2Vzc19pZDogOTczNzg1ODA2Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame F355 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTgxNDU2NDAwMjM2MAogIHNlcnZlcl9pcDogMTI2MDYxOTM4CiAgcHJvY2Vzc19pZDogOTczNzg1ODA2Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDEwMzU4NTE2MzkwMTU4MjEyMTEzCmRlYnVnX2tleTogNDQ0NzQxOTI1NDE1MzkyMTQ2MwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMDUiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjI1OTc0MQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjEyMzIwCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x67c171d8ba4de45f0000000000000000","13":"0xb668e6866b4772090000000000000000","14":"0xd33526cf05b9123c0000000000000000","15":"0xff96e38e0e3df10a0000000000000000"},"debug_key":"4447419254153921463","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"10358516390158212113"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wmoiqux43uzw
hal9000.redintelligence.net/zone/ Frame F355 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1701814562470335&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIKRWIqFvZb_aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0GaPMgbKIFyxZeRdsD4HhFHIqIzM5eNbzt-CLGWIrxFU2_na5kxmxS2K7N7WWl2p9UNk-E2-OIA8tzQGFvSac7RmYRUfWpu6aHmyBtzogWcJ8eHExjky0ktS7DNve-oBANMuH6dumKDsCX-Vm0zcA-NuoNXNrjrEgyVZROzDlN7Zm72ReyJQiuqVM0eEgUlJyc3HNofy1JqGCMXzC4HjDIdInwh9ua8ozZytUCbp18ZwkfXe5OE1kOVYJ4p_JkdG601KfhFxmREfYbxJpBx0QhWhkrqxZ-lCMIamZVpsFk8d6ca3GUiGuYDeUzit6P-DHve9YDKgbv3d4CmwpkQoFCYq56EeRaKrtbxT1tRGG_774jLpoJLsmlsea1BIzGWZ-obmsvHXpXhJ46XYz0XABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuYrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_27NqC_q52rkZgZkvdjsAbpq1VWvQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-B0_VUE1WDnGaaIbdT6VtYKWtlgfDMrfLsi6RSElaID95CsYKnE1FW7zaVZDruFn2EnrbRoxpP_ZwmX4fe_V2UPgzFRGnWut90kMjeesC9aiqqp413Y44RCI3G2X37ko89CCWpg9QR164qUJiUbTEpj6I7NkoqgiCfdqqCgVIeFKlMInqo%26cry%3D1%26dbm_d%3DAKAmf-D5pqqucCx5s2vSNUNkvMT0sPkHTeFZBx1fLZyQXoRKlJ68F_g3fkP0EpvclCgDdgL8zb_rcuWygwQaLWUyXH22ZW9LcUkVrw9LO-PdY0I7o60CDrcrue9jOns19Tz9MZrU7BvWIjfXMgJMVnhdtHsGhm59g3MHfyInaD6PpVFt-wk2yaZDpYAL9kAdPuA-5_tMPlPP_HiF-WuifKvhzaEGXPp6ImLpCPgNUiQG1xyFuHqLO5gBfD3R4ZhiiHiz8xPmNx5xw24qExcdwWykOsFaX0yUl0dul532ydyAJnaEKJXPtsPeAFLDLKsiDjingG2urz4l5uXfLMTCvgz0aQVkZq0epIxAcL2vZmf1Pu-MQSdN7Q5UFUz6rOd8nRfIN1BQ-EActyVd2Mcvy9nlAJlbUaSQ7osyVSthxrTAyDZwV_C7nuE6OkYv2eT2uH46sVI8Pm7zinjLhPWucNTXFh7EbZhBS5QuVzgAv1azMRQs5yqdVHLbnByhlZPNAaC0eZuHV6u9ilNbaSeZyqxB7Uhi0Eti4HxZMJL0WRCWBBKvPxRIwZt3MybP27IkbVaEDuCQbpkm%26adurl%3D
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
aec1e9ca1ea1dde271c337c7e33e110e8709cbaeeb6a68bf6fe046d60383ff33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4286
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
hal90008.redintelligence.net/ Frame 3BB1
Redirect Chain
  • https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=429142cf21&subid=&uid=2c978bb2eb74a230&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=429142cf21&subid=&uid=2c978bb2eb74a230&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=429142cf21&subid=&uid=2c978bb2eb74a230&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG-JiIqFvZb7aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0CiNgOJc2ZIP_jvMwDEdrVrgFkOxRkueoRd2Z7y3BZXfcVfHM5oqlT7cfebVMGzVbFZcZ5Ut3H4RVJj7_sfcr6BNdEU-PQP1KdV6wwmrWLAlHbTosB25yHb7y5nlgzw0zEEeIwVCW0WjEA8mp03SX-_d5QNFjeuJGv7t0xzpOmaQwfIAbnO2l70OVGev2KYIQUDZ7q3ZgaSYTdlqdtr52c_6mXVpUKvnuWiU-1GGfYDC1YzfsxDDwm0eEqD9DRvuKsLzv2I7OW0EwJbn_JLpdf0MlbJ0kWTWj5KM1jl5hoa9gqe63k1Ph87eLij4Ic7NfwWw7-f3D89Dsk05LRJfBOaiR45lRuddxzq1CG2T8LNHOjSvaSWjFOFchFj3PcizZzgPXRjWhDHjH5pqFrLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuIrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_1qt3uT9FCVo8_yJ56ZBDoK0hdR8g%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BSNzIeh9Xa3O10MLHXEKjp42Ut-yCL-_L6IPoT9hMxSKEbonlfcmoMQ9uVaRKB1rTexLhzcqz0G-2Kd0qSudLVrui5SA4hlDPZVvwM0iS9XUwSBFzktVDhwpgIX612Wlu1jxqLEE1VIXr-Qe6gqjr96u3F9nxGjfKGfADfpUbBS7JoAhs%26cry%3D1%26dbm_d%3DAKAmf-A_EXTZ3sHUCt8YS2dZDaafohTW4w-WtnmTrEYCtwtKkNhXevQs820EBto0sqc0VsCLWUMRR7oeSp1hK5HhYj7_dUsKtlQa5kvgc6onrHZbBl3FROIWXgnnWqcQx1KH0Fq1xplYch68JSW6En5L9QZuhl8Wxwq9zJrLigwYqOXuWEdWqiHn6NyqpNaNiE9BbpZYBjwiQKWi4vNFrPo-0EmWXP8SkoiS-n-pYu1HI9YSij0G608cDFl6m3fJpA3s74zlHKXi4QgwInuaAAQsDWdOCCvYLQ3yd4Baz_dM4XHXpg1E4Csu8SGphFPT-OFbdX-ONZ5hjPFLaocaLhALgv9r9BTpuHmcTCLpR8vGdkTMc3L8BUoQ72a5OuWOp5RdgWIJQW1f0SmjiCd3RbDZy8GqInyCLy7mebzMk8Nh0fHn5x9TN7qYa8bWCZfgEyw400DAv0uUxPYhVMowhMtbil-LjBdGEW17S9Y4m0DkiLI-US_ZQ3QUgxo-zXZGzTDyd-xQUMvyqYIUUM1KVdbgsm8LIoTBbXv8C_iJCZnySaKxiHBOjIM-iXBjFEF3fyXnz4Bimktq%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=3147218723056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1fd78ed0e48b9f1e0584afde0ceb72276040509f2d0a808416cc7defab3cf8cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
92615400245745004444994012529008
Connection
close
Content-Length
1353
Expires
Tue, 05 Dec 2023 22:16:04 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 22:16:04 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=429142cf21&subid=&uid=2c978bb2eb74a230&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG-JiIqFvZb7aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0CiNgOJc2ZIP_jvMwDEdrVrgFkOxRkueoRd2Z7y3BZXfcVfHM5oqlT7cfebVMGzVbFZcZ5Ut3H4RVJj7_sfcr6BNdEU-PQP1KdV6wwmrWLAlHbTosB25yHb7y5nlgzw0zEEeIwVCW0WjEA8mp03SX-_d5QNFjeuJGv7t0xzpOmaQwfIAbnO2l70OVGev2KYIQUDZ7q3ZgaSYTdlqdtr52c_6mXVpUKvnuWiU-1GGfYDC1YzfsxDDwm0eEqD9DRvuKsLzv2I7OW0EwJbn_JLpdf0MlbJ0kWTWj5KM1jl5hoa9gqe63k1Ph87eLij4Ic7NfwWw7-f3D89Dsk05LRJfBOaiR45lRuddxzq1CG2T8LNHOjSvaSWjFOFchFj3PcizZzgPXRjWhDHjH5pqFrLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuIrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_1qt3uT9FCVo8_yJ56ZBDoK0hdR8g%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BSNzIeh9Xa3O10MLHXEKjp42Ut-yCL-_L6IPoT9hMxSKEbonlfcmoMQ9uVaRKB1rTexLhzcqz0G-2Kd0qSudLVrui5SA4hlDPZVvwM0iS9XUwSBFzktVDhwpgIX612Wlu1jxqLEE1VIXr-Qe6gqjr96u3F9nxGjfKGfADfpUbBS7JoAhs%26cry%3D1%26dbm_d%3DAKAmf-A_EXTZ3sHUCt8YS2dZDaafohTW4w-WtnmTrEYCtwtKkNhXevQs820EBto0sqc0VsCLWUMRR7oeSp1hK5HhYj7_dUsKtlQa5kvgc6onrHZbBl3FROIWXgnnWqcQx1KH0Fq1xplYch68JSW6En5L9QZuhl8Wxwq9zJrLigwYqOXuWEdWqiHn6NyqpNaNiE9BbpZYBjwiQKWi4vNFrPo-0EmWXP8SkoiS-n-pYu1HI9YSij0G608cDFl6m3fJpA3s74zlHKXi4QgwInuaAAQsDWdOCCvYLQ3yd4Baz_dM4XHXpg1E4Csu8SGphFPT-OFbdX-ONZ5hjPFLaocaLhALgv9r9BTpuHmcTCLpR8vGdkTMc3L8BUoQ72a5OuWOp5RdgWIJQW1f0SmjiCd3RbDZy8GqInyCLy7mebzMk8Nh0fHn5x9TN7qYa8bWCZfgEyw400DAv0uUxPYhVMowhMtbil-LjBdGEW17S9Y4m0DkiLI-US_ZQ3QUgxo-zXZGzTDyd-xQUMvyqYIUUM1KVdbgsm8LIoTBbXv8C_iJCZnySaKxiHBOjIM-iXBjFEF3fyXnz4Bimktq%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=3147218723056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 05 Dec 2023 22:16:04 +0100
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 12D0 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdhQz3HyH1ILw7pKhYZngguFiUjegSP4ddI07Jtabm2xGMjtO6W5oYi3iVySuTeHBrnGAJIEBJ63Zaqx-2zc_3yfVPRuISRgYkQz-i1fbUKL0ioHtC-kryI4VsWqcDVpZsp8XFsE_n-Qj1n9W0dAa70rboIJIC3vxxjJ0rXdahi5jmfhc&cry=1&dbm_d=AKAmf-C5r48iT-mhXJHAt2-Tk45AusWrwVf8tINI2Bo6UwbGXp6MF4JMTR6hKE5kbe5AsxLQbZ_idhV2zZM_yxRgerGyrbVf3K2TAcn6LzKL2LTHxT_RrHx2U_hXVRUPzLkAQtbkdGrjr76pQhOiI_A98WYfEzgcALQqrqh-nQOxQjPfsSWsPIsCcuGm2idz9Pp3yq4MbNnzHH-5bNVO9c97IMHqSWy_L27ik5aM9dQrk2L6AnbuAHKtPg6MpKx3a-NkpQGMn4FtmCj4NOacIUo1_UlKex0ImTlGOn3heiBzMaprAzNtOl1q4EESxLusLpz7PIcQBOfSA3iFNoM1N1N-Y-DspwRiBJA_D-kBEU_4O8EvyIhRny6NgOqg84Nbx7DGyr7VXwfnMxPZq2wVUgI1riSclYLe-MBRTopHsq_am_k8hIey_v0h4jnFIFd8hg-oiGqpeY97f9ObP-5G_R-2mnhJJg7ESTrss8g7HIG-k1oKCtgw0OPZoVVj0lrBWoZSKkVETaxagYegFQZM9FpbjXt6bTPN4H43HvTaLPNi1sJWIfI7b28M1ZezTc_0eDqdDz2ux7doLL36qbKmKfYS1G9C5ux8yw3sJAEM9hs_QRKYHI60bLTmZKvRt_sAOGov9bXTkFxADFAiHEuGiX4jJb3dsK_Rdzmebn6oMetlerD5NEZQcBaa5x5s6lP1FM4LT7lNVhkImrt4L_By8iNkmmoGfNgHrqICC4cyHhouxTfqjvkZcXQZ5CgJfM3NNiGhIkZZgjCFne71IIPt4kYriiciWgmV_7kNG70prQCgd5h0BcvItSDT9sWs7nQXw0yXh1813MxAt0CPEAQmS1IucVlgM0-R1PokjgaKEgMWUKsCT-caSyyTMqusj9Cloj6rsRzMNrcZnwj3Dml7c0JDFEx2fv0S3NIzTkd1P5mLPIuvUaVfS3_ZWnlH-JGbWt3nrp45hoaNgnQ9WDENNn0PNG9pELTSnm_VGkfE5RtQ4pY-uP1sgx38iD-kGRAB6AmtIEd-z7LWaavAtEZGnNgp9tnKF0whTM0V0hocUEMc040fO2slRndt0iPU0ZreIIiffZaAt-VQfxcQ9PfYM94II-ukB5KDqunt23xGBXXXjpZBx1D3H9Wa3vXW7xURkCiP6ayz19bEtsS0PjTChwUw_9bL2JDTam4hqyfgJZb0GJMhWEH0BSx6-k6QotSOJUzYNXhZtMhD9UaJ5aibMo2pX0ZUOcTgeoOSqK_58boNJm6mVCLpA27H2I1Ey8qXl-8n6ZQeERcfyZL-AernrxpO5jyPcs0bBv_QeBOxGZT-Fvf9Rrh14BXaFRjZkCatc82qL-j2UZ_hZxKqSVihMojh-uyNG0s0UEGM58oSuNs-25AImV67bHX09ze7yqjFB2ZPs-kxtJWPVKKl84a5z5dHoPCJ-UVS3jz3rm9ebNIYK9hpEMevF9ROoHCr9IlER0lYxIgb2OxMnv_Rrdv4Yac9bH5W90iTTHIFIFGAM6VnC7KMlIgkvaHTREGvQfr7_cZRZm1LgkIhduepC8eXuL3qCifA0j5Ly4-KsHdFHjTjb8v4EpXwPbUOF8THstk_4CUtUP7OxGxpoQpQSr-6K38OoZH32vlq-Rc9sbrZRN6s05YlJqi1SNVRdyQ82A8i3_GaSyyvnmMi3vLyaDpel8jspifZKPs92i4CgwkCPxA3aX9aVDmoY9x-vqNHV7oQWv4CWWbxnBdQpsDNXhqJV8SQRPbJvVOkBX2wRRYkri0v73xg8o8vLrmmJIm08W-7NnT8mEPmNIQNH5eIdM5TIm4G0Fl1-Xly-XiilcV6oiWpo9rCA-cdzVovctP_NQkUmmALNiorNRK1PZW318NhBmiqi_F3VbmcfRPcHtxoAcz0nB9bJBI-NHozF6GPhL7bAA6h1iW8b5OPERgxgy1iTcPfmbPVMRj47C9w7B-zkBBIbz1FOhUxn6hLf2uQrdmvCLSLPDI4APMvnonIwXF_2DO8PKSAelx2tsv55pFAXOqwucjK3sfG7TaBByqCmAFj9yJj2cWnWPn5a9gLpzpYzB5HZgdbqL6-QzD_ijp_kmww-7ieFxEY7FFy11LkMCuqqKSSwkZuieEnjO7PCC3qigSfDQqAI4HI4WzeUx40RVoZe4tK99TyH4__p2QJY3Hxul6MBbiaRJ83vFpAQWCQCDPUjVsNVVcvNKY5KLabAqwsdxSsyLButLQgSuuTBD8pSzsxA_YC-NTRdw9RTbvQw8azD0IYE7JltHjR7IDRyn4wjf0pO5qPzF1oeExXpYao77vDinU-Gw7JHtFzagW1rmFd9ZF1QZu0mM_Zt8uw5ySpiHzug6yO2cg9m6NVr5D3uY_IiHVPDGPkR-CeDKeD2g0PnagpTXkXMXVirzUyHmDf3a-V3nnZWeKD3j8_ylz9Ma3bEmLM0ldTsnPnka4o-qrhjQWiKEBuYKjgstwFdM-KsXELya8oPqUvE8G_V5l8_vbqOczGYHtq83j7z5kgTyY2Tc7UEuJGK7TfnloYywTMwFQE3yzcfj2GjDDVZHvk067jOX11UJlPhbb-OOR2-t_tLmYDKSM7ZznCFA7ZI2PLAkWcrv25Txe6BmXi6xAD2baoVJPOQB_OSvxjRNhpXI_WTa1bCdsp7SNT8vTv9JcY7OPA8wzLb6Ik3P24yP8PSf9iAqoQ7UYMFXGLYqNQfsJ6OOMU7p12H_RwbGhhfg5eTvUDXh6IOwkj26s87m-QhW45jYoGvv3AjGRESswELIhCXWz3XPED1GpzRzZLYFg-ULssCU60Wn5NJvoSDZ3eB3axcWapQuLDTbZYVMtewumRvgXGKiggbY-EN3LPVImTKaBDjZiiBft91OqXFxN8xTXcduP6UI1sTmbtBKj_vrwZm817CCgucidOGXh7v4kFUpTQ3Z3-rhZ90tBWSg4EHFXmV2NCpvy-4L6v4u9HUSyu2_hbRP3DAAVu7U_qhKvP181k6H7HZUiLJArB_Ipe_gXylGoshrNymCYfGaDF1pJ7kxRUmfwu2YLKH1yTDCAuC6oaCsodhOAmjtRN9xRBxruX-LzAP1m7seogo6AqzN-O5m_LJ0dcf2AF28-8DRJKT8NAcoZJJ61NR-IWAbWn68jfetRBK_O1owyNNvPU9Ok4QrhzvCtlR-LjtuOg7Es2JaKCpH9xL-Xd-yRk_qPN0MOGfv5AZY9ejwVUN-c3QftqDQ9cPvK4McI_SO2v9NgxXHPEhx981Xyzv7BS-MmJHBVU6SeB-StofQDHWlEIu9V83lpUDW2kfaWgPk-ZadKDWChDXXMQTrXQ8onNWrMWrY4A_pJ5u_G5aVTxN-WJlJtpXWoGTJCmfNcymT6KtDEqnK5y5WmpR_Cr-QaPDjP2p9EivO9kZEm4mrRumaaGVs039U2ldMvHSTrEutxQcZeTII0n48EbXWHYTNpkHY9zMHqULiUMjGRRQpgtG4KPV0e0u0O9BGF-9gu-kGD_vtwdMpHTE6hO_HxTMPXy0jLfzgwbiLMzWp_CdK7kWdRXQUWQJvpuJQVnLXcbtAo5ik8DXSRdZI3BT8-HU6m5dhcLDwhoU7jLxuUFjpgrk69AXS0m1QCLtfoGebv0ip_QdExHIGAzrcqC0yy-RWbSz5ziyOMnHowYmeUxsSgv39TMF8J9mT0D8Rd5yjnY6wppHPqwpwVbxuv0CAgegcVLRPtx9Em1k9PUNZW_JOod6iJxvcm8apxfhKJwTcI5b2Z7Hkh57LhyyfQ1MlC2QRWuS-4s3gCMQqtdp5Ptp2PDKQYWy37NFPnikJHYHLR95sRVcuEW2N1UMx7i4qNxo6PFfQqnG5zyoEGTndunxBXFv5btWqkmLeN6Dyn1UhXoyfUWoTwZHsrn4wLZi-LffAPkgYwU4sKrUtZGILO91XHJ3DfSmEmUXIWmPqQ4JQ_MzvE21rvthy6L98_NhCWpnbp_u2usBPPPeVhDk73-A1S71ZS4xuWi7IU0PbkLES9FREgFN4x4ptPTuaTZf8kHR_1qnHO4RSj-MI5HPjWrheG7y5DWh14FHmDd5UbjCWy3MoAbtNRPXKGDWFxyxiRjf8Pwb81o280Mo3uVgMcTLO6aPfN7Tb6UrRXPsVqwBVTVt1DO2heFN2PJU4Zoke5fJn487gNayMFzv-Jw-MlhHURBiYYoF5G-K87MR0sVww&cid=CAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ds=l&xdt=1&iif=1&cor=6990165532659251000&adk=3944675603&idt=216&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
280722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 16:17:22 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTgxNDU2NDAyNTE4NAogIHNlcnZlcl9pcDogMTM5Nzk3NDg5CiAgcHJvY2Vzc19pZDogMjUwMDMwMDU5OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 12D0 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTgxNDU2NDAyNTE4NAogIHNlcnZlcl9pcDogMTM5Nzk3NDg5CiAgcHJvY2Vzc19pZDogMjUwMDMwMDU5OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAzMDEwNDc2MzI0OTcwODk5NzgwCmRlYnVnX2tleTogMTU0MTAyMDg1NTUzMTk3MjY3MTIKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTA1IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIyNTk3NDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxMjMyMAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x67c171d8ba4de45f0000000000000000","13":"0xb668e6866b4772090000000000000000","14":"0xd33526cf05b9123c0000000000000000","15":"0xff96e38e0e3df10a0000000000000000"},"debug_key":"15410208555319726712","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"3010476324970899780"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal900025.redintelligence.net/ Frame F355
Redirect Chain
  • https://hal900025.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee47f34bbf&subid=&uid=b5312c7b474c348c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900025.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee47f34bbf&subid=&uid=b5312c7b474c348c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee47f34bbf&subid=&uid=b5312c7b474c348c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIKRWIqFvZb_aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0GaPMgbKIFyxZeRdsD4HhFHIqIzM5eNbzt-CLGWIrxFU2_na5kxmxS2K7N7WWl2p9UNk-E2-OIA8tzQGFvSac7RmYRUfWpu6aHmyBtzogWcJ8eHExjky0ktS7DNve-oBANMuH6dumKDsCX-Vm0zcA-NuoNXNrjrEgyVZROzDlN7Zm72ReyJQiuqVM0eEgUlJyc3HNofy1JqGCMXzC4HjDIdInwh9ua8ozZytUCbp18ZwkfXe5OE1kOVYJ4p_JkdG601KfhFxmREfYbxJpBx0QhWhkrqxZ-lCMIamZVpsFk8d6ca3GUiGuYDeUzit6P-DHve9YDKgbv3d4CmwpkQoFCYq56EeRaKrtbxT1tRGG_774jLpoJLsmlsea1BIzGWZ-obmsvHXpXhJ46XYz0XABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuYrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_27NqC_q52rkZgZkvdjsAbpq1VWvQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-B0_VUE1WDnGaaIbdT6VtYKWtlgfDMrfLsi6RSElaID95CsYKnE1FW7zaVZDruFn2EnrbRoxpP_ZwmX4fe_V2UPgzFRGnWut90kMjeesC9aiqqp413Y44RCI3G2X37ko89CCWpg9QR164qUJiUbTEpj6I7NkoqgiCfdqqCgVIeFKlMInqo%26cry%3D1%26dbm_d%3DAKAmf-D5pqqucCx5s2vSNUNkvMT0sPkHTeFZBx1fLZyQXoRKlJ68F_g3fkP0EpvclCgDdgL8zb_rcuWygwQaLWUyXH22ZW9LcUkVrw9LO-PdY0I7o60CDrcrue9jOns19Tz9MZrU7BvWIjfXMgJMVnhdtHsGhm59g3MHfyInaD6PpVFt-wk2yaZDpYAL9kAdPuA-5_tMPlPP_HiF-WuifKvhzaEGXPp6ImLpCPgNUiQG1xyFuHqLO5gBfD3R4ZhiiHiz8xPmNx5xw24qExcdwWykOsFaX0yUl0dul532ydyAJnaEKJXPtsPeAFLDLKsiDjingG2urz4l5uXfLMTCvgz0aQVkZq0epIxAcL2vZmf1Pu-MQSdN7Q5UFUz6rOd8nRfIN1BQ-EActyVd2Mcvy9nlAJlbUaSQ7osyVSthxrTAyDZwV_C7nuE6OkYv2eT2uH46sVI8Pm7zinjLhPWucNTXFh7EbZhBS5QuVzgAv1azMRQs5yqdVHLbnByhlZPNAaC0eZuHV6u9ilNbaSeZyqxB7Uhi0Eti4HxZMJL0WRCWBBKvPxRIwZt3MybP27IkbVaEDuCQbpkm%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=4245406539549&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
533f013e1e4664e3871f4381d8753b8e1b9290dc52bb58afdbe437be3c489616

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
82044700193646804444994012529025
Connection
close
Content-Length
1355
Expires
Tue, 05 Dec 2023 22:16:04 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 22:16:04 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee47f34bbf&subid=&uid=b5312c7b474c348c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIKRWIqFvZb_aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0GaPMgbKIFyxZeRdsD4HhFHIqIzM5eNbzt-CLGWIrxFU2_na5kxmxS2K7N7WWl2p9UNk-E2-OIA8tzQGFvSac7RmYRUfWpu6aHmyBtzogWcJ8eHExjky0ktS7DNve-oBANMuH6dumKDsCX-Vm0zcA-NuoNXNrjrEgyVZROzDlN7Zm72ReyJQiuqVM0eEgUlJyc3HNofy1JqGCMXzC4HjDIdInwh9ua8ozZytUCbp18ZwkfXe5OE1kOVYJ4p_JkdG601KfhFxmREfYbxJpBx0QhWhkrqxZ-lCMIamZVpsFk8d6ca3GUiGuYDeUzit6P-DHve9YDKgbv3d4CmwpkQoFCYq56EeRaKrtbxT1tRGG_774jLpoJLsmlsea1BIzGWZ-obmsvHXpXhJ46XYz0XABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuYrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_27NqC_q52rkZgZkvdjsAbpq1VWvQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-B0_VUE1WDnGaaIbdT6VtYKWtlgfDMrfLsi6RSElaID95CsYKnE1FW7zaVZDruFn2EnrbRoxpP_ZwmX4fe_V2UPgzFRGnWut90kMjeesC9aiqqp413Y44RCI3G2X37ko89CCWpg9QR164qUJiUbTEpj6I7NkoqgiCfdqqCgVIeFKlMInqo%26cry%3D1%26dbm_d%3DAKAmf-D5pqqucCx5s2vSNUNkvMT0sPkHTeFZBx1fLZyQXoRKlJ68F_g3fkP0EpvclCgDdgL8zb_rcuWygwQaLWUyXH22ZW9LcUkVrw9LO-PdY0I7o60CDrcrue9jOns19Tz9MZrU7BvWIjfXMgJMVnhdtHsGhm59g3MHfyInaD6PpVFt-wk2yaZDpYAL9kAdPuA-5_tMPlPP_HiF-WuifKvhzaEGXPp6ImLpCPgNUiQG1xyFuHqLO5gBfD3R4ZhiiHiz8xPmNx5xw24qExcdwWykOsFaX0yUl0dul532ydyAJnaEKJXPtsPeAFLDLKsiDjingG2urz4l5uXfLMTCvgz0aQVkZq0epIxAcL2vZmf1Pu-MQSdN7Q5UFUz6rOd8nRfIN1BQ-EActyVd2Mcvy9nlAJlbUaSQ7osyVSthxrTAyDZwV_C7nuE6OkYv2eT2uH46sVI8Pm7zinjLhPWucNTXFh7EbZhBS5QuVzgAv1azMRQs5yqdVHLbnByhlZPNAaC0eZuHV6u9ilNbaSeZyqxB7Uhi0Eti4HxZMJL0WRCWBBKvPxRIwZt3MybP27IkbVaEDuCQbpkm%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=4245406539549&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 05 Dec 2023 22:16:04 +0100
wmoiqux43uzw
hal9000.redintelligence.net/zone/ Frame 12D0 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1701814562470336&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf9EVIqFvZcDaHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0G9cBeQ3PUcOOwLgiLQOsEU7WlDBc8BaVVhq9_BfVvKf4Qp6qaT5meeAPZn0FH8XRWLMKmDYZuYmQ1H3CRHAUBS29-VFErRLcXf0T07LrHsEbEnoClIfWE6N5jVI0ieBvIQKKAgHRiuHNuksY08yxpVGCArBSboH3UZDfP9pR0Gc_aXQD9UGbd9GVvynG9cWHD1gaLo80OzpqP1nqCfX864h4b4t5WjcJZoDpE_VTJYPr0tFqqAHwup3ft7rA8UNNpgsvddtdlWrHwEGDEtj7NR7HNqwy4i9R6rO01lX7i20GzeJllZI2RPCc9GeuYY-x440xzYJ8jpL6HIENBCHxCKIsAXCzC_2Zotaf_V5u81-S7XaySCUpyceZNi183KgSTtnP12O1r_8hn6Y8bzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuorco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_2PFdYhaqCOVn15pD5XJu4l_2PRqw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BXAExbOkjIlU1Xz78r91RyscEICs_kGW433WGX-LX5xQXQAfaTPaDCYXepBRiB9zb4IWPkk86zdpeaJq46VO6lkvdTVOlZW911VgN2ja6dlMCLlMKnkG2xm3ISeltWXnUJQtSaP8AHhBagCgON-ddWN6vzE2B1h-6HVoo0BNScyw4TSPo%26cry%3D1%26dbm_d%3DAKAmf-CcgBdf1ctU7gLXmHzgJjWlEHXSW2k7ci0Fg6vo4puIF22SwdFK8eRABgfgK5zG0zedXvezAo9VjrtvgQA4R2zGiwqQugEKGL5-jb6828wMBnaEbfAooP5jEJ7pvfrEU_d_yesdOsC25XbvnFVCQOuqUp8NngySexmuuG_eN24VxoRjTE2On5SuqWnB3hINAb7VUYHRi7yrWmFTIikUezbhxOuPO0b4CM4fr_MKrq7Jl6lCU-zBoODoSnQ4h_UPjOOBsScSkA7TjyMnewK5jonkgxbfDp4f603d3gqtIXRhV0AQtSLDv3tPoBEwGsVKNtdHxYu3FEto_lzFvcutHmRGrEDfAyuNHeZx74mqZliovTzs-ZorpTtLYBlt0zhcGxzGnRQOtQDJjXwhf67BFl9L_TF0_8opXAT5TB1lEbAranAv9RoOOUJZkfoV36rPAXEKDsk4mz998NOsQIYPojHBGTaJScl-rmTTceE8I7qTc1A12LjaMdAO3SBYSgccWh75-NitbfHEeAyI9-Vq5wQ7HRdtYpyrvJ38zoX7abcfPLfLU784aqj0nUP9izE3HWuXwqhA%26adurl%3D
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
340a62dbad1c86b92c139c6c40545b5ca64286f7238a0f831c327e4ac76668fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4283
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D484 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122979
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 12:06:25 GMT
expires
Tue, 03 Dec 2024 12:06:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3113 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BB-fTIqFvZbzaHOHL9u8Pt5Ch4AcAAAAAOAHgBAI&bg=!_f6l_rHNAAY3kmNgF5I7ADQBe5WfONf1_L1yPvW5nj-NmvDi3W7oJUG_3gPEr_ETq7_jtNfUNYD_ZElfPpee3RMV6p0XAgAAAE1SAAAAAmgBBwoAJs7aAYJzQ_igH3d1IB1xtx4t8fVTQKvnwD3M2qXKxOJfU96MNoHGmQMMcM57SXJ4elJkpWV3m_KqFcgKtgOdYp8Se7dM1AsajZPi6TJmlcSdcvpWE0s7YJuNZklZMawQs4oxNg-06YXyk1hpxxXO5PY9mtZ0oP7m6wa0R_Jcm0H94A47XLZIHtfs9WK7pxx2fnNiT6ySG7i7Rg9N3I6K6qqmkW2QZ9HV_EcgXpMpOk8TagKH4k3HQLHBWFmXHWkBzBIp6dxL0aw7oq_wrnX692D6UuGk36lWmg60YIn908m_MdpsZcEsKlYPuDSisw_m3N9wRdD053dnEYux1zoxRNKOWZn_2e10ywVTiZdy2WWvOigFem6IIzhduW8NzoLrQUSbKOF9ZcmQKfKkOQYSW6b8XF_FyCDBZDEH-wWhQZ1N_ShLAXz6f6dPBTDXS2nHge1W_KjVp30-AMXc57P_8KWe0Ikf_5XM_R7gVHdyy4EGGYAaFYQwArfEt_okOneXenpJ8qcVN4n1sKHy23MI-EEUr8RajrRuZoYm-PqDL_Tw-x0Df0ECsTuCdEDUh8MuE46D8sTEsTUF1Ity-nt7QJNB3x-l3czo_muQZb3KZvuxVq_mUxS0U25Imr6tK_187PIZaH-wiOyqImiDOc55r9g_v6VthIX26VVGEuTH4TapBkB5cmRVwHAdDGDNA9ZLxrHloH9VMR1ZxdYXiWmdH16QT_PzFJo91s7KydkCoOXjeM0jrUCWIgLBu7U13EadbiIXOpUH7iu1Xt6_lXAF5VLo1pBXSZycXN9dNg7xqrd1H5tTUMNN4sy8jxTzQCX_Mi-B94-m9M5c1QR6mhcCrXQWQMl_PX6HOWps0JzPCKeYw_N2ZlITfNiMhkRic2GIOdn47abvvFmbAE8iklwnwjqeG9BNraKKp0l1BUu1Q1lU5768QIoo3WVehH7Wa8PwlxvnwaGVblxbmIm4lx18DgtS1YIPb8Qj5d0MKdipwjncHHebtTwrdjz94jAa9GDfJWnzsEQzorj17s-g-j1ItIRyCp4AI0w9sGewBGrOKlJm3TeGi0ZaKByJ22oSxtkUyTQl9l2h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C7B5 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F162717810%2C22835780031%2Fviads%2Fvideo-gen&description_url=http%3A%2F%2Fcatolicoorante.com.br&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2053954250494915&&_timestamp=1701814564031&vpa=auto&vpmute=1&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=2141402762&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&nel=0&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=1701814564160&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw&scor=2056728655139672&ged=ve4_td3_tt1_pd3_la3000_er0.0.156.300_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B1EF 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122979
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 12:06:25 GMT
expires
Tue, 03 Dec 2024 12:06:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame D484 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:11:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
25459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 15:11:45 GMT
request.php
hal900010.redintelligence.net/ Frame 12D0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=da5907146e&subid=&uid=7ff5408ad15714ab&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf9EVIqFvZcDaHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0G9cBeQ3PUcOOwLgiLQOsEU7WlDBc8BaVVhq9_BfVvKf4Qp6qaT5meeAPZn0FH8XRWLMKmDYZuYmQ1H3CRHAUBS29-VFErRLcXf0T07LrHsEbEnoClIfWE6N5jVI0ieBvIQKKAgHRiuHNuksY08yxpVGCArBSboH3UZDfP9pR0Gc_aXQD9UGbd9GVvynG9cWHD1gaLo80OzpqP1nqCfX864h4b4t5WjcJZoDpE_VTJYPr0tFqqAHwup3ft7rA8UNNpgsvddtdlWrHwEGDEtj7NR7HNqwy4i9R6rO01lX7i20GzeJllZI2RPCc9GeuYY-x440xzYJ8jpL6HIENBCHxCKIsAXCzC_2Zotaf_V5u81-S7XaySCUpyceZNi183KgSTtnP12O1r_8hn6Y8bzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuorco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_2PFdYhaqCOVn15pD5XJu4l_2PRqw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BXAExbOkjIlU1Xz78r91RyscEICs_kGW433WGX-LX5xQXQAfaTPaDCYXepBRiB9zb4IWPkk86zdpeaJq46VO6lkvdTVOlZW911VgN2ja6dlMCLlMKnkG2xm3ISeltWXnUJQtSaP8AHhBagCgON-ddWN6vzE2B1h-6HVoo0BNScyw4TSPo%26cry%3D1%26dbm_d%3DAKAmf-CcgBdf1ctU7gLXmHzgJjWlEHXSW2k7ci0Fg6vo4puIF22SwdFK8eRABgfgK5zG0zedXvezAo9VjrtvgQA4R2zGiwqQugEKGL5-jb6828wMBnaEbfAooP5jEJ7pvfrEU_d_yesdOsC25XbvnFVCQOuqUp8NngySexmuuG_eN24VxoRjTE2On5SuqWnB3hINAb7VUYHRi7yrWmFTIikUezbhxOuPO0b4CM4fr_MKrq7Jl6lCU-zBoODoSnQ4h_UPjOOBsScSkA7TjyMnewK5jonkgxbfDp4f603d3gqtIXRhV0AQtSLDv3tPoBEwGsVKNtdHxYu3FEto_lzFvcutHmRGrEDfAyuNHeZx74mqZliovTzs-ZorpTtLYBlt0zhcGxzGnRQOtQDJjXwhf67BFl9L_TF0_8opXAT5TB1lEbAranAv9RoOOUJZkfoV36rPAXEKDsk4mz998NOsQIYPojHBGTaJScl-rmTTceE8I7qTc1A12LjaMdAO3SBYSgccWh75-NitbfHEeAyI9-Vq5wQ7HRdtYpyrvJ38zoX7abcfPLfLU784aqj0nUP9izE3HWuXwqhA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=2102712599251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1701814562470336&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf9EVIqFvZcDaHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0G9cBeQ3PUcOOwLgiLQOsEU7WlDBc8BaVVhq9_BfVvKf4Qp6qaT5meeAPZn0FH8XRWLMKmDYZuYmQ1H3CRHAUBS29-VFErRLcXf0T07LrHsEbEnoClIfWE6N5jVI0ieBvIQKKAgHRiuHNuksY08yxpVGCArBSboH3UZDfP9pR0Gc_aXQD9UGbd9GVvynG9cWHD1gaLo80OzpqP1nqCfX864h4b4t5WjcJZoDpE_VTJYPr0tFqqAHwup3ft7rA8UNNpgsvddtdlWrHwEGDEtj7NR7HNqwy4i9R6rO01lX7i20GzeJllZI2RPCc9GeuYY-x440xzYJ8jpL6HIENBCHxCKIsAXCzC_2Zotaf_V5u81-S7XaySCUpyceZNi183KgSTtnP12O1r_8hn6Y8bzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuorco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_2PFdYhaqCOVn15pD5XJu4l_2PRqw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BXAExbOkjIlU1Xz78r91RyscEICs_kGW433WGX-LX5xQXQAfaTPaDCYXepBRiB9zb4IWPkk86zdpeaJq46VO6lkvdTVOlZW911VgN2ja6dlMCLlMKnkG2xm3ISeltWXnUJQtSaP8AHhBagCgON-ddWN6vzE2B1h-6HVoo0BNScyw4TSPo%26cry%3D1%26dbm_d%3DAKAmf-CcgBdf1ctU7gLXmHzgJjWlEHXSW2k7ci0Fg6vo4puIF22SwdFK8eRABgfgK5zG0zedXvezAo9VjrtvgQA4R2zGiwqQugEKGL5-jb6828wMBnaEbfAooP5jEJ7pvfrEU_d_yesdOsC25XbvnFVCQOuqUp8NngySexmuuG_eN24VxoRjTE2On5SuqWnB3hINAb7VUYHRi7yrWmFTIikUezbhxOuPO0b4CM4fr_MKrq7Jl6lCU-zBoODoSnQ4h_UPjOOBsScSkA7TjyMnewK5jonkgxbfDp4f603d3gqtIXRhV0AQtSLDv3tPoBEwGsVKNtdHxYu3FEto_lzFvcutHmRGrEDfAyuNHeZx74mqZliovTzs-ZorpTtLYBlt0zhcGxzGnRQOtQDJjXwhf67BFl9L_TF0_8opXAT5TB1lEbAranAv9RoOOUJZkfoV36rPAXEKDsk4mz998NOsQIYPojHBGTaJScl-rmTTceE8I7qTc1A12LjaMdAO3SBYSgccWh75-NitbfHEeAyI9-Vq5wQ7HRdtYpyrvJ38zoX7abcfPLfLU784aqj0nUP9izE3HWuXwqhA%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
d2d1aa1a49547256055a390968012f7434244d179afa7199441d3863169830d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
68011200211274704444994012529010
Connection
close
Content-Length
1354
Expires
Tue, 05 Dec 2023 22:16:04 +0100
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame B1EF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:11:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
25459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 15:11:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4264 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcMDRI6FvZe3yONOB-gaDpLrABQAAAAA4AeAEAg&bg=!RkWlRQrNAAY3kmNgF5I7ADQBe5WfONTzFErT8pn53Xwbl1d_NEUT4BfZObFpdLfNA3AUoZbIwX67FYbcFW-O3dnnf-UAAgAAAFlSAAAAAWgBB5kDFBYjDrQ9nBGp2JCuFsX3SgnCrRaX0F6ANNvkDS88VfHE4vTwGcW_k_F_Fud44xnFDlGgal7RaRY6XvFlxuqKY4oRlVX8bMbX8uepnAlTfdfHXy-HNMsR99raY6sZymG3n4SM75yhV457c8QJ0krtIc0whOguLbewrqGLaZ1c11Pa3gKQ1ye6vfmTdWyFArMR4My5H6qN-pVOfWjaAqWiUWjLQ_uvMAAqU6GyF6g7hiTRgQ3RBxc-TR_o6nrWBZw-e6RVW4TXgZDi8dowIwIKVKHnl_Hu4hpXFvDZmrF9mPf98fWbqkc2EzR7Sta90VchSMXVEOla2dsgJ-YDPmneQJgLEVb7AvaOEWKa1dzzHaXQQrPAOiFky8KdWHOZVKwYM4j4kfdr7-PMLNL_0y-leQDdNQ_8L2e7EsXJAuUQ5b06c_f1auR-FZ-H_sCMI44DAmX7oOYut8iOFx2CQb6wjSqW4YRyyCuvW3-UxhlG7Bo5daQgUtUkAdkoYmr9RATsAU6wBeI_y6PB_gx2uoKVWsbO2HsyxICYLBv7J-FEC6yMBs-9mKcYPSEAIoSBKCHk-sr1hmcyolJjkA7EOmKHMDX8AKntTkQezr2EXQ1fBarRbIs1Ye8lkQdyVCD20Gn946av4Z5suxNfSdf6xQmLNg6ESw2zsKPvdyGCl4W-qxwvOVDKyPtfPQqeQm4vnq1UIosrnjlw3wnlpMhtTB_fNC8mVqo4zw0WgSrx4zbJmVucn4wKDasNayc-62IIgaNgQ7Yg0R-k3h5onqZF1krNImG3M3RZo6s9cyK0pSSzjnquZxoTorTsb34b_jvZvjfQ81qUkT7o1BJeUFkLKQOKnNifkpEzxopDO3CEKcG-8NSUJ2IiojiAKgb17XpDfkv42K9ugCJS_ZTApQ0EzmJAyfUX3o8mtwe9V_Hw3ALcdgStJwo3cqXYEI8CVeMgL5B0ktJskykWNDvOMiQ_sqrkGcecMnVc1KT9qAs9dbtKnctil3jM6g1-zHeTHmfvhS6-EyCLvZWZBjxy3nXKQ0YLlSHn9gyw
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame A768 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=92615400245745004444994012529008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=429142cf21&subid=&uid=2c978bb2eb74a230&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG-JiIqFvZb7aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0CiNgOJc2ZIP_jvMwDEdrVrgFkOxRkueoRd2Z7y3BZXfcVfHM5oqlT7cfebVMGzVbFZcZ5Ut3H4RVJj7_sfcr6BNdEU-PQP1KdV6wwmrWLAlHbTosB25yHb7y5nlgzw0zEEeIwVCW0WjEA8mp03SX-_d5QNFjeuJGv7t0xzpOmaQwfIAbnO2l70OVGev2KYIQUDZ7q3ZgaSYTdlqdtr52c_6mXVpUKvnuWiU-1GGfYDC1YzfsxDDwm0eEqD9DRvuKsLzv2I7OW0EwJbn_JLpdf0MlbJ0kWTWj5KM1jl5hoa9gqe63k1Ph87eLij4Ic7NfwWw7-f3D89Dsk05LRJfBOaiR45lRuddxzq1CG2T8LNHOjSvaSWjFOFchFj3PcizZzgPXRjWhDHjH5pqFrLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuIrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_1qt3uT9FCVo8_yJ56ZBDoK0hdR8g%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BSNzIeh9Xa3O10MLHXEKjp42Ut-yCL-_L6IPoT9hMxSKEbonlfcmoMQ9uVaRKB1rTexLhzcqz0G-2Kd0qSudLVrui5SA4hlDPZVvwM0iS9XUwSBFzktVDhwpgIX612Wlu1jxqLEE1VIXr-Qe6gqjr96u3F9nxGjfKGfADfpUbBS7JoAhs%26cry%3D1%26dbm_d%3DAKAmf-A_EXTZ3sHUCt8YS2dZDaafohTW4w-WtnmTrEYCtwtKkNhXevQs820EBto0sqc0VsCLWUMRR7oeSp1hK5HhYj7_dUsKtlQa5kvgc6onrHZbBl3FROIWXgnnWqcQx1KH0Fq1xplYch68JSW6En5L9QZuhl8Wxwq9zJrLigwYqOXuWEdWqiHn6NyqpNaNiE9BbpZYBjwiQKWi4vNFrPo-0EmWXP8SkoiS-n-pYu1HI9YSij0G608cDFl6m3fJpA3s74zlHKXi4QgwInuaAAQsDWdOCCvYLQ3yd4Baz_dM4XHXpg1E4Csu8SGphFPT-OFbdX-ONZ5hjPFLaocaLhALgv9r9BTpuHmcTCLpR8vGdkTMc3L8BUoQ72a5OuWOp5RdgWIJQW1f0SmjiCd3RbDZy8GqInyCLy7mebzMk8Nh0fHn5x9TN7qYa8bWCZfgEyw400DAv0uUxPYhVMowhMtbil-LjBdGEW17S9Y4m0DkiLI-US_ZQ3QUgxo-zXZGzTDyd-xQUMvyqYIUUM1KVdbgsm8LIoTBbXv8C_iJCZnySaKxiHBOjIM-iXBjFEF3fyXnz4Bimktq%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=3147218723056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Tue, 05 Dec 2023 22:16:04 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
/
adv.office-partner.de/ Frame E18A 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=429142cf21&subid=&uid=2c978bb2eb74a230&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG-JiIqFvZb7aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0CiNgOJc2ZIP_jvMwDEdrVrgFkOxRkueoRd2Z7y3BZXfcVfHM5oqlT7cfebVMGzVbFZcZ5Ut3H4RVJj7_sfcr6BNdEU-PQP1KdV6wwmrWLAlHbTosB25yHb7y5nlgzw0zEEeIwVCW0WjEA8mp03SX-_d5QNFjeuJGv7t0xzpOmaQwfIAbnO2l70OVGev2KYIQUDZ7q3ZgaSYTdlqdtr52c_6mXVpUKvnuWiU-1GGfYDC1YzfsxDDwm0eEqD9DRvuKsLzv2I7OW0EwJbn_JLpdf0MlbJ0kWTWj5KM1jl5hoa9gqe63k1Ph87eLij4Ic7NfwWw7-f3D89Dsk05LRJfBOaiR45lRuddxzq1CG2T8LNHOjSvaSWjFOFchFj3PcizZzgPXRjWhDHjH5pqFrLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuIrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_1qt3uT9FCVo8_yJ56ZBDoK0hdR8g%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BSNzIeh9Xa3O10MLHXEKjp42Ut-yCL-_L6IPoT9hMxSKEbonlfcmoMQ9uVaRKB1rTexLhzcqz0G-2Kd0qSudLVrui5SA4hlDPZVvwM0iS9XUwSBFzktVDhwpgIX612Wlu1jxqLEE1VIXr-Qe6gqjr96u3F9nxGjfKGfADfpUbBS7JoAhs%26cry%3D1%26dbm_d%3DAKAmf-A_EXTZ3sHUCt8YS2dZDaafohTW4w-WtnmTrEYCtwtKkNhXevQs820EBto0sqc0VsCLWUMRR7oeSp1hK5HhYj7_dUsKtlQa5kvgc6onrHZbBl3FROIWXgnnWqcQx1KH0Fq1xplYch68JSW6En5L9QZuhl8Wxwq9zJrLigwYqOXuWEdWqiHn6NyqpNaNiE9BbpZYBjwiQKWi4vNFrPo-0EmWXP8SkoiS-n-pYu1HI9YSij0G608cDFl6m3fJpA3s74zlHKXi4QgwInuaAAQsDWdOCCvYLQ3yd4Baz_dM4XHXpg1E4Csu8SGphFPT-OFbdX-ONZ5hjPFLaocaLhALgv9r9BTpuHmcTCLpR8vGdkTMc3L8BUoQ72a5OuWOp5RdgWIJQW1f0SmjiCd3RbDZy8GqInyCLy7mebzMk8Nh0fHn5x9TN7qYa8bWCZfgEyw400DAv0uUxPYhVMowhMtbil-LjBdGEW17S9Y4m0DkiLI-US_ZQ3QUgxo-zXZGzTDyd-xQUMvyqYIUUM1KVdbgsm8LIoTBbXv8C_iJCZnySaKxiHBOjIM-iXBjFEF3fyXnz4Bimktq%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=3147218723056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 05 Dec 2023 22:16:04 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 12 Dec 2023 22:16:04 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 3BB1 		0
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=92615400245745004444994012529008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=429142cf21&subid=&uid=2c978bb2eb74a230&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG-JiIqFvZb7aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0CiNgOJc2ZIP_jvMwDEdrVrgFkOxRkueoRd2Z7y3BZXfcVfHM5oqlT7cfebVMGzVbFZcZ5Ut3H4RVJj7_sfcr6BNdEU-PQP1KdV6wwmrWLAlHbTosB25yHb7y5nlgzw0zEEeIwVCW0WjEA8mp03SX-_d5QNFjeuJGv7t0xzpOmaQwfIAbnO2l70OVGev2KYIQUDZ7q3ZgaSYTdlqdtr52c_6mXVpUKvnuWiU-1GGfYDC1YzfsxDDwm0eEqD9DRvuKsLzv2I7OW0EwJbn_JLpdf0MlbJ0kWTWj5KM1jl5hoa9gqe63k1Ph87eLij4Ic7NfwWw7-f3D89Dsk05LRJfBOaiR45lRuddxzq1CG2T8LNHOjSvaSWjFOFchFj3PcizZzgPXRjWhDHjH5pqFrLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuIrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_1qt3uT9FCVo8_yJ56ZBDoK0hdR8g%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BSNzIeh9Xa3O10MLHXEKjp42Ut-yCL-_L6IPoT9hMxSKEbonlfcmoMQ9uVaRKB1rTexLhzcqz0G-2Kd0qSudLVrui5SA4hlDPZVvwM0iS9XUwSBFzktVDhwpgIX612Wlu1jxqLEE1VIXr-Qe6gqjr96u3F9nxGjfKGfADfpUbBS7JoAhs%26cry%3D1%26dbm_d%3DAKAmf-A_EXTZ3sHUCt8YS2dZDaafohTW4w-WtnmTrEYCtwtKkNhXevQs820EBto0sqc0VsCLWUMRR7oeSp1hK5HhYj7_dUsKtlQa5kvgc6onrHZbBl3FROIWXgnnWqcQx1KH0Fq1xplYch68JSW6En5L9QZuhl8Wxwq9zJrLigwYqOXuWEdWqiHn6NyqpNaNiE9BbpZYBjwiQKWi4vNFrPo-0EmWXP8SkoiS-n-pYu1HI9YSij0G608cDFl6m3fJpA3s74zlHKXi4QgwInuaAAQsDWdOCCvYLQ3yd4Baz_dM4XHXpg1E4Csu8SGphFPT-OFbdX-ONZ5hjPFLaocaLhALgv9r9BTpuHmcTCLpR8vGdkTMc3L8BUoQ72a5OuWOp5RdgWIJQW1f0SmjiCd3RbDZy8GqInyCLy7mebzMk8Nh0fHn5x9TN7qYa8bWCZfgEyw400DAv0uUxPYhVMowhMtbil-LjBdGEW17S9Y4m0DkiLI-US_ZQ3QUgxo-zXZGzTDyd-xQUMvyqYIUUM1KVdbgsm8LIoTBbXv8C_iJCZnySaKxiHBOjIM-iXBjFEF3fyXnz4Bimktq%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=3147218723056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 3BB1 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=92615400245745004444994012529008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=429142cf21&subid=&uid=2c978bb2eb74a230&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG-JiIqFvZb7aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0CiNgOJc2ZIP_jvMwDEdrVrgFkOxRkueoRd2Z7y3BZXfcVfHM5oqlT7cfebVMGzVbFZcZ5Ut3H4RVJj7_sfcr6BNdEU-PQP1KdV6wwmrWLAlHbTosB25yHb7y5nlgzw0zEEeIwVCW0WjEA8mp03SX-_d5QNFjeuJGv7t0xzpOmaQwfIAbnO2l70OVGev2KYIQUDZ7q3ZgaSYTdlqdtr52c_6mXVpUKvnuWiU-1GGfYDC1YzfsxDDwm0eEqD9DRvuKsLzv2I7OW0EwJbn_JLpdf0MlbJ0kWTWj5KM1jl5hoa9gqe63k1Ph87eLij4Ic7NfwWw7-f3D89Dsk05LRJfBOaiR45lRuddxzq1CG2T8LNHOjSvaSWjFOFchFj3PcizZzgPXRjWhDHjH5pqFrLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuIrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_1qt3uT9FCVo8_yJ56ZBDoK0hdR8g%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BSNzIeh9Xa3O10MLHXEKjp42Ut-yCL-_L6IPoT9hMxSKEbonlfcmoMQ9uVaRKB1rTexLhzcqz0G-2Kd0qSudLVrui5SA4hlDPZVvwM0iS9XUwSBFzktVDhwpgIX612Wlu1jxqLEE1VIXr-Qe6gqjr96u3F9nxGjfKGfADfpUbBS7JoAhs%26cry%3D1%26dbm_d%3DAKAmf-A_EXTZ3sHUCt8YS2dZDaafohTW4w-WtnmTrEYCtwtKkNhXevQs820EBto0sqc0VsCLWUMRR7oeSp1hK5HhYj7_dUsKtlQa5kvgc6onrHZbBl3FROIWXgnnWqcQx1KH0Fq1xplYch68JSW6En5L9QZuhl8Wxwq9zJrLigwYqOXuWEdWqiHn6NyqpNaNiE9BbpZYBjwiQKWi4vNFrPo-0EmWXP8SkoiS-n-pYu1HI9YSij0G608cDFl6m3fJpA3s74zlHKXi4QgwInuaAAQsDWdOCCvYLQ3yd4Baz_dM4XHXpg1E4Csu8SGphFPT-OFbdX-ONZ5hjPFLaocaLhALgv9r9BTpuHmcTCLpR8vGdkTMc3L8BUoQ72a5OuWOp5RdgWIJQW1f0SmjiCd3RbDZy8GqInyCLy7mebzMk8Nh0fHn5x9TN7qYa8bWCZfgEyw400DAv0uUxPYhVMowhMtbil-LjBdGEW17S9Y4m0DkiLI-US_ZQ3QUgxo-zXZGzTDyd-xQUMvyqYIUUM1KVdbgsm8LIoTBbXv8C_iJCZnySaKxiHBOjIM-iXBjFEF3fyXnz4Bimktq%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=3147218723056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 3BB1 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=92615400245745004444994012529008&pv=1
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=429142cf21&subid=&uid=2c978bb2eb74a230&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG-JiIqFvZb7aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0CiNgOJc2ZIP_jvMwDEdrVrgFkOxRkueoRd2Z7y3BZXfcVfHM5oqlT7cfebVMGzVbFZcZ5Ut3H4RVJj7_sfcr6BNdEU-PQP1KdV6wwmrWLAlHbTosB25yHb7y5nlgzw0zEEeIwVCW0WjEA8mp03SX-_d5QNFjeuJGv7t0xzpOmaQwfIAbnO2l70OVGev2KYIQUDZ7q3ZgaSYTdlqdtr52c_6mXVpUKvnuWiU-1GGfYDC1YzfsxDDwm0eEqD9DRvuKsLzv2I7OW0EwJbn_JLpdf0MlbJ0kWTWj5KM1jl5hoa9gqe63k1Ph87eLij4Ic7NfwWw7-f3D89Dsk05LRJfBOaiR45lRuddxzq1CG2T8LNHOjSvaSWjFOFchFj3PcizZzgPXRjWhDHjH5pqFrLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuIrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_1qt3uT9FCVo8_yJ56ZBDoK0hdR8g%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BSNzIeh9Xa3O10MLHXEKjp42Ut-yCL-_L6IPoT9hMxSKEbonlfcmoMQ9uVaRKB1rTexLhzcqz0G-2Kd0qSudLVrui5SA4hlDPZVvwM0iS9XUwSBFzktVDhwpgIX612Wlu1jxqLEE1VIXr-Qe6gqjr96u3F9nxGjfKGfADfpUbBS7JoAhs%26cry%3D1%26dbm_d%3DAKAmf-A_EXTZ3sHUCt8YS2dZDaafohTW4w-WtnmTrEYCtwtKkNhXevQs820EBto0sqc0VsCLWUMRR7oeSp1hK5HhYj7_dUsKtlQa5kvgc6onrHZbBl3FROIWXgnnWqcQx1KH0Fq1xplYch68JSW6En5L9QZuhl8Wxwq9zJrLigwYqOXuWEdWqiHn6NyqpNaNiE9BbpZYBjwiQKWi4vNFrPo-0EmWXP8SkoiS-n-pYu1HI9YSij0G608cDFl6m3fJpA3s74zlHKXi4QgwInuaAAQsDWdOCCvYLQ3yd4Baz_dM4XHXpg1E4Csu8SGphFPT-OFbdX-ONZ5hjPFLaocaLhALgv9r9BTpuHmcTCLpR8vGdkTMc3L8BUoQ72a5OuWOp5RdgWIJQW1f0SmjiCd3RbDZy8GqInyCLy7mebzMk8Nh0fHn5x9TN7qYa8bWCZfgEyw400DAv0uUxPYhVMowhMtbil-LjBdGEW17S9Y4m0DkiLI-US_ZQ3QUgxo-zXZGzTDyd-xQUMvyqYIUUM1KVdbgsm8LIoTBbXv8C_iJCZnySaKxiHBOjIM-iXBjFEF3fyXnz4Bimktq%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=3147218723056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 22:16:04 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D484 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B3CO7JKFvZbgS8pqO7A_OlavQAwAAAAA4AeAEAg&bg=!1dal1pnNAAY3kmNgF5I7ADQBe5WfOCtoW1IMrsbGpAXIZmIHWIvd4WEQYxedLSPnFDVx6kLwPZTWjojl_YSxbA7fA8sVAgAAAENSAAAAAWgBB5kDEY6VDyhb2lEMfQhTO892aTA3yCe2kwY5bQygC5Y7gUFinYpEb2q0eHLKPwr_M1Tp4Rt5DPXC40oHusdH52otWDRS_CxsgvHQbdRaOvmsj5ty2n2NN0HF2efoSEFq5U6_QAnN5G345OuJsvW1wKcG3Bmwtcnjpa9drLt-Ra5bKYlnXJoDHVL55_FsWlPtbNPtJL8hqebmrBjQdsXE-bG3vP6hxHjVjidg9UZ65VuEO1q4ldZscSFP2ZWdjxG6RX0htK_n2Zrg-C4dnM0YUU5oeS-e8fN__AVfamhJGmV0REAXqIbTQyiYLoD_RslCVwyF0Pxk7Ic0bNsdJx1T8gfR2gK0C-NnDpMWSrGKfLwZrTgcFonK_ykJqxe-URzdfbSJfTSqujhfXnk5K6z0kFxZn04ua4aq5uMSvXGgH8kMM8shSwfMAjkoYw-hDEYXnfOy6y6gpnmxd4p4qK4VnBdcFS38fpDEpFMwNHPfHkgBITWe63gNWhmruEblG5udvM9cUHZsd0G1gn4lm1lW07KY7i56TEP-25z9xn4p-_M6sST5g0H9sPMXlAV4QOHLcMid_EO9ZCnyqa38cMI441NMXrI_A5IPB5IANfh8m4HQKkJSzLsdTPTkMGxu0zDYsravmh4gYGVZoT4XXjdnwwKGg5PhUeatWK_2981Nkiwm24qAae18R-lwRMGeqcEAs5NClXL5QsMfFV2FIcpNSrdBXSvVj_eCFM4Qj20jybyGsktY-MRM8sCtPSvMGCleGsda7k8XmMBn6mjIXWPxxDSlWww1WKTtuPioz47TLH10DDA9JX8YMKVLlh2UQdJA2PBRjl0pGLq87eMfuUqQO3q30PLLLm1y_Mv7_9TyBgf1-fBHkACidYr9UCVi8cTK4XAfR_n9chBz0d2VvgGOZ46KBZMucjS6OYF2otTBcMi46pvhxdoMNVQxyrtUS8apmGqzsK8DTIRympAe5o-QbQlIJfuG625xAmcDuLqLz83rfz7AuF_ivTsyxbNMS7ApTZgkj9OIqFl2mvpY-jCcYRBQCUAA
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B1EF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BECRQJKFvZeDEAfHH1PIPt56eqAkAAAAAOAHgBAI&bg=!v7ylvPPNAAY3kmNgF5I7ADQBe5WfOLBHyU5hBmu39-t43auvanupaBIliTJ6utTIwnf-vSyUyX2NmUG3uUaI9rvvC1gtAgAAADxSAAAAAmgBB5kDGHuSfXcbf5NfZZ4jJYAsC6OW4D7vA371AlAOV9nJiDHvZ-HPgxUfVCURCuG7-BpbWXID7OzoKFdB-mnPYhG09p7x30260LK0Ib8SjHYygWtTwvj8gTl15hzVc0TxW8wvYeDdYF_1w8na7BSqZg0aX3dKH5B1T26f5YuXc3QNVWtUGn1zFSJMIl3Ous7z8nCR_SynSxcDVlNCBDYr_F_bkvJKLnr0E1rBE20sYYcJf2yTeCdnSRBxJgnHcsIJiLxo8mcwIwir-JUdpjZDk62KkVxXNlSErnjRE9TNmfnOFt1Mo8C6sX3DRgdXvI3uA1Q1ltbs-mraBkoPeCIlF2B4pX9KHkUvBffLC0_vQFF_BLjZ3_m8ZqJoLLemNy-krUJTZ_JC5ExYnOK_WxTOQ2Ack5eztBu0coktpJf3zgtgPlYx3xdOrebPBPTuoke4zx9o5oV2hWzBxsoJohoJfi5n2pfA4rjq5FVDQVs-yXxIqdQrEHtoCgNcv2zRQrPuj_kDsxNoGP1yMl6s5nQxAmayHgtkolIPKW7oh9HhP_MPu7EbxyWxtjW0xh6jdPJNTnN10XItBzQKOzdr07B3gLHwIvcGL6WaIqhIts_5hWobpCMbrsh8DanKpha76ZI8Q7jwgXRIop-f7sb07zA8TGieWpMG5dOkAKQ_On4bkBEah5p5Ns_vaW4SDmvnCk_uGsSI0YRd0SPJ2nKkGmfJaDdV5ue1DjOHor1Jzs6ZKKEtWauPyVolMQyaogjqFI1S4ufAMWH387HY1ICtqKGuL3Tf9S060VFpNf4YrJehjsYjby-SC68dwMnMtEGWL168TcG3K__5owK0MLURrzwobFiDh_r3D3ZjGuct3DoXzbVt9gn29d0iqUSvqWrCMDSG_-9iNrKI3p4x4NCnq9OGq7P1o5MnG-oLKHtivBUr03PpgYQNogGnfQnr7gZtrIa443eUkOXxwfKXVkKhFFQIO2IbpPCf38M1PEFwVAYbpNvYUgyuBGYTcpDvtTr9sv0D1-AycjlBweX9S8TcEvjCuqrVoaPwm3cUcTzHfg
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame E642 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=82044700193646804444994012529025&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee47f34bbf&subid=&uid=b5312c7b474c348c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIKRWIqFvZb_aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0GaPMgbKIFyxZeRdsD4HhFHIqIzM5eNbzt-CLGWIrxFU2_na5kxmxS2K7N7WWl2p9UNk-E2-OIA8tzQGFvSac7RmYRUfWpu6aHmyBtzogWcJ8eHExjky0ktS7DNve-oBANMuH6dumKDsCX-Vm0zcA-NuoNXNrjrEgyVZROzDlN7Zm72ReyJQiuqVM0eEgUlJyc3HNofy1JqGCMXzC4HjDIdInwh9ua8ozZytUCbp18ZwkfXe5OE1kOVYJ4p_JkdG601KfhFxmREfYbxJpBx0QhWhkrqxZ-lCMIamZVpsFk8d6ca3GUiGuYDeUzit6P-DHve9YDKgbv3d4CmwpkQoFCYq56EeRaKrtbxT1tRGG_774jLpoJLsmlsea1BIzGWZ-obmsvHXpXhJ46XYz0XABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuYrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_27NqC_q52rkZgZkvdjsAbpq1VWvQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-B0_VUE1WDnGaaIbdT6VtYKWtlgfDMrfLsi6RSElaID95CsYKnE1FW7zaVZDruFn2EnrbRoxpP_ZwmX4fe_V2UPgzFRGnWut90kMjeesC9aiqqp413Y44RCI3G2X37ko89CCWpg9QR164qUJiUbTEpj6I7NkoqgiCfdqqCgVIeFKlMInqo%26cry%3D1%26dbm_d%3DAKAmf-D5pqqucCx5s2vSNUNkvMT0sPkHTeFZBx1fLZyQXoRKlJ68F_g3fkP0EpvclCgDdgL8zb_rcuWygwQaLWUyXH22ZW9LcUkVrw9LO-PdY0I7o60CDrcrue9jOns19Tz9MZrU7BvWIjfXMgJMVnhdtHsGhm59g3MHfyInaD6PpVFt-wk2yaZDpYAL9kAdPuA-5_tMPlPP_HiF-WuifKvhzaEGXPp6ImLpCPgNUiQG1xyFuHqLO5gBfD3R4ZhiiHiz8xPmNx5xw24qExcdwWykOsFaX0yUl0dul532ydyAJnaEKJXPtsPeAFLDLKsiDjingG2urz4l5uXfLMTCvgz0aQVkZq0epIxAcL2vZmf1Pu-MQSdN7Q5UFUz6rOd8nRfIN1BQ-EActyVd2Mcvy9nlAJlbUaSQ7osyVSthxrTAyDZwV_C7nuE6OkYv2eT2uH46sVI8Pm7zinjLhPWucNTXFh7EbZhBS5QuVzgAv1azMRQs5yqdVHLbnByhlZPNAaC0eZuHV6u9ilNbaSeZyqxB7Uhi0Eti4HxZMJL0WRCWBBKvPxRIwZt3MybP27IkbVaEDuCQbpkm%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=4245406539549&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Tue, 05 Dec 2023 22:16:04 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
/
adv.office-partner.de/ Frame DDAB 		930 B
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee47f34bbf&subid=&uid=b5312c7b474c348c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIKRWIqFvZb_aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0GaPMgbKIFyxZeRdsD4HhFHIqIzM5eNbzt-CLGWIrxFU2_na5kxmxS2K7N7WWl2p9UNk-E2-OIA8tzQGFvSac7RmYRUfWpu6aHmyBtzogWcJ8eHExjky0ktS7DNve-oBANMuH6dumKDsCX-Vm0zcA-NuoNXNrjrEgyVZROzDlN7Zm72ReyJQiuqVM0eEgUlJyc3HNofy1JqGCMXzC4HjDIdInwh9ua8ozZytUCbp18ZwkfXe5OE1kOVYJ4p_JkdG601KfhFxmREfYbxJpBx0QhWhkrqxZ-lCMIamZVpsFk8d6ca3GUiGuYDeUzit6P-DHve9YDKgbv3d4CmwpkQoFCYq56EeRaKrtbxT1tRGG_774jLpoJLsmlsea1BIzGWZ-obmsvHXpXhJ46XYz0XABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuYrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_27NqC_q52rkZgZkvdjsAbpq1VWvQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-B0_VUE1WDnGaaIbdT6VtYKWtlgfDMrfLsi6RSElaID95CsYKnE1FW7zaVZDruFn2EnrbRoxpP_ZwmX4fe_V2UPgzFRGnWut90kMjeesC9aiqqp413Y44RCI3G2X37ko89CCWpg9QR164qUJiUbTEpj6I7NkoqgiCfdqqCgVIeFKlMInqo%26cry%3D1%26dbm_d%3DAKAmf-D5pqqucCx5s2vSNUNkvMT0sPkHTeFZBx1fLZyQXoRKlJ68F_g3fkP0EpvclCgDdgL8zb_rcuWygwQaLWUyXH22ZW9LcUkVrw9LO-PdY0I7o60CDrcrue9jOns19Tz9MZrU7BvWIjfXMgJMVnhdtHsGhm59g3MHfyInaD6PpVFt-wk2yaZDpYAL9kAdPuA-5_tMPlPP_HiF-WuifKvhzaEGXPp6ImLpCPgNUiQG1xyFuHqLO5gBfD3R4ZhiiHiz8xPmNx5xw24qExcdwWykOsFaX0yUl0dul532ydyAJnaEKJXPtsPeAFLDLKsiDjingG2urz4l5uXfLMTCvgz0aQVkZq0epIxAcL2vZmf1Pu-MQSdN7Q5UFUz6rOd8nRfIN1BQ-EActyVd2Mcvy9nlAJlbUaSQ7osyVSthxrTAyDZwV_C7nuE6OkYv2eT2uH46sVI8Pm7zinjLhPWucNTXFh7EbZhBS5QuVzgAv1azMRQs5yqdVHLbnByhlZPNAaC0eZuHV6u9ilNbaSeZyqxB7Uhi0Eti4HxZMJL0WRCWBBKvPxRIwZt3MybP27IkbVaEDuCQbpkm%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=4245406539549&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 05 Dec 2023 22:16:04 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 12 Dec 2023 22:16:04 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame F355 		0
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=82044700193646804444994012529025&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee47f34bbf&subid=&uid=b5312c7b474c348c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIKRWIqFvZb_aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0GaPMgbKIFyxZeRdsD4HhFHIqIzM5eNbzt-CLGWIrxFU2_na5kxmxS2K7N7WWl2p9UNk-E2-OIA8tzQGFvSac7RmYRUfWpu6aHmyBtzogWcJ8eHExjky0ktS7DNve-oBANMuH6dumKDsCX-Vm0zcA-NuoNXNrjrEgyVZROzDlN7Zm72ReyJQiuqVM0eEgUlJyc3HNofy1JqGCMXzC4HjDIdInwh9ua8ozZytUCbp18ZwkfXe5OE1kOVYJ4p_JkdG601KfhFxmREfYbxJpBx0QhWhkrqxZ-lCMIamZVpsFk8d6ca3GUiGuYDeUzit6P-DHve9YDKgbv3d4CmwpkQoFCYq56EeRaKrtbxT1tRGG_774jLpoJLsmlsea1BIzGWZ-obmsvHXpXhJ46XYz0XABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuYrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_27NqC_q52rkZgZkvdjsAbpq1VWvQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-B0_VUE1WDnGaaIbdT6VtYKWtlgfDMrfLsi6RSElaID95CsYKnE1FW7zaVZDruFn2EnrbRoxpP_ZwmX4fe_V2UPgzFRGnWut90kMjeesC9aiqqp413Y44RCI3G2X37ko89CCWpg9QR164qUJiUbTEpj6I7NkoqgiCfdqqCgVIeFKlMInqo%26cry%3D1%26dbm_d%3DAKAmf-D5pqqucCx5s2vSNUNkvMT0sPkHTeFZBx1fLZyQXoRKlJ68F_g3fkP0EpvclCgDdgL8zb_rcuWygwQaLWUyXH22ZW9LcUkVrw9LO-PdY0I7o60CDrcrue9jOns19Tz9MZrU7BvWIjfXMgJMVnhdtHsGhm59g3MHfyInaD6PpVFt-wk2yaZDpYAL9kAdPuA-5_tMPlPP_HiF-WuifKvhzaEGXPp6ImLpCPgNUiQG1xyFuHqLO5gBfD3R4ZhiiHiz8xPmNx5xw24qExcdwWykOsFaX0yUl0dul532ydyAJnaEKJXPtsPeAFLDLKsiDjingG2urz4l5uXfLMTCvgz0aQVkZq0epIxAcL2vZmf1Pu-MQSdN7Q5UFUz6rOd8nRfIN1BQ-EActyVd2Mcvy9nlAJlbUaSQ7osyVSthxrTAyDZwV_C7nuE6OkYv2eT2uH46sVI8Pm7zinjLhPWucNTXFh7EbZhBS5QuVzgAv1azMRQs5yqdVHLbnByhlZPNAaC0eZuHV6u9ilNbaSeZyqxB7Uhi0Eti4HxZMJL0WRCWBBKvPxRIwZt3MybP27IkbVaEDuCQbpkm%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=4245406539549&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame F355 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=82044700193646804444994012529025&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee47f34bbf&subid=&uid=b5312c7b474c348c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIKRWIqFvZb_aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0GaPMgbKIFyxZeRdsD4HhFHIqIzM5eNbzt-CLGWIrxFU2_na5kxmxS2K7N7WWl2p9UNk-E2-OIA8tzQGFvSac7RmYRUfWpu6aHmyBtzogWcJ8eHExjky0ktS7DNve-oBANMuH6dumKDsCX-Vm0zcA-NuoNXNrjrEgyVZROzDlN7Zm72ReyJQiuqVM0eEgUlJyc3HNofy1JqGCMXzC4HjDIdInwh9ua8ozZytUCbp18ZwkfXe5OE1kOVYJ4p_JkdG601KfhFxmREfYbxJpBx0QhWhkrqxZ-lCMIamZVpsFk8d6ca3GUiGuYDeUzit6P-DHve9YDKgbv3d4CmwpkQoFCYq56EeRaKrtbxT1tRGG_774jLpoJLsmlsea1BIzGWZ-obmsvHXpXhJ46XYz0XABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuYrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_27NqC_q52rkZgZkvdjsAbpq1VWvQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-B0_VUE1WDnGaaIbdT6VtYKWtlgfDMrfLsi6RSElaID95CsYKnE1FW7zaVZDruFn2EnrbRoxpP_ZwmX4fe_V2UPgzFRGnWut90kMjeesC9aiqqp413Y44RCI3G2X37ko89CCWpg9QR164qUJiUbTEpj6I7NkoqgiCfdqqCgVIeFKlMInqo%26cry%3D1%26dbm_d%3DAKAmf-D5pqqucCx5s2vSNUNkvMT0sPkHTeFZBx1fLZyQXoRKlJ68F_g3fkP0EpvclCgDdgL8zb_rcuWygwQaLWUyXH22ZW9LcUkVrw9LO-PdY0I7o60CDrcrue9jOns19Tz9MZrU7BvWIjfXMgJMVnhdtHsGhm59g3MHfyInaD6PpVFt-wk2yaZDpYAL9kAdPuA-5_tMPlPP_HiF-WuifKvhzaEGXPp6ImLpCPgNUiQG1xyFuHqLO5gBfD3R4ZhiiHiz8xPmNx5xw24qExcdwWykOsFaX0yUl0dul532ydyAJnaEKJXPtsPeAFLDLKsiDjingG2urz4l5uXfLMTCvgz0aQVkZq0epIxAcL2vZmf1Pu-MQSdN7Q5UFUz6rOd8nRfIN1BQ-EActyVd2Mcvy9nlAJlbUaSQ7osyVSthxrTAyDZwV_C7nuE6OkYv2eT2uH46sVI8Pm7zinjLhPWucNTXFh7EbZhBS5QuVzgAv1azMRQs5yqdVHLbnByhlZPNAaC0eZuHV6u9ilNbaSeZyqxB7Uhi0Eti4HxZMJL0WRCWBBKvPxRIwZt3MybP27IkbVaEDuCQbpkm%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=4245406539549&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de
cshow.php
www.awin1.com/ Frame F355 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=82044700193646804444994012529025&pv=1
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee47f34bbf&subid=&uid=b5312c7b474c348c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIKRWIqFvZb_aHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0GaPMgbKIFyxZeRdsD4HhFHIqIzM5eNbzt-CLGWIrxFU2_na5kxmxS2K7N7WWl2p9UNk-E2-OIA8tzQGFvSac7RmYRUfWpu6aHmyBtzogWcJ8eHExjky0ktS7DNve-oBANMuH6dumKDsCX-Vm0zcA-NuoNXNrjrEgyVZROzDlN7Zm72ReyJQiuqVM0eEgUlJyc3HNofy1JqGCMXzC4HjDIdInwh9ua8ozZytUCbp18ZwkfXe5OE1kOVYJ4p_JkdG601KfhFxmREfYbxJpBx0QhWhkrqxZ-lCMIamZVpsFk8d6ca3GUiGuYDeUzit6P-DHve9YDKgbv3d4CmwpkQoFCYq56EeRaKrtbxT1tRGG_774jLpoJLsmlsea1BIzGWZ-obmsvHXpXhJ46XYz0XABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuYrco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_27NqC_q52rkZgZkvdjsAbpq1VWvQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-B0_VUE1WDnGaaIbdT6VtYKWtlgfDMrfLsi6RSElaID95CsYKnE1FW7zaVZDruFn2EnrbRoxpP_ZwmX4fe_V2UPgzFRGnWut90kMjeesC9aiqqp413Y44RCI3G2X37ko89CCWpg9QR164qUJiUbTEpj6I7NkoqgiCfdqqCgVIeFKlMInqo%26cry%3D1%26dbm_d%3DAKAmf-D5pqqucCx5s2vSNUNkvMT0sPkHTeFZBx1fLZyQXoRKlJ68F_g3fkP0EpvclCgDdgL8zb_rcuWygwQaLWUyXH22ZW9LcUkVrw9LO-PdY0I7o60CDrcrue9jOns19Tz9MZrU7BvWIjfXMgJMVnhdtHsGhm59g3MHfyInaD6PpVFt-wk2yaZDpYAL9kAdPuA-5_tMPlPP_HiF-WuifKvhzaEGXPp6ImLpCPgNUiQG1xyFuHqLO5gBfD3R4ZhiiHiz8xPmNx5xw24qExcdwWykOsFaX0yUl0dul532ydyAJnaEKJXPtsPeAFLDLKsiDjingG2urz4l5uXfLMTCvgz0aQVkZq0epIxAcL2vZmf1Pu-MQSdN7Q5UFUz6rOd8nRfIN1BQ-EActyVd2Mcvy9nlAJlbUaSQ7osyVSthxrTAyDZwV_C7nuE6OkYv2eT2uH46sVI8Pm7zinjLhPWucNTXFh7EbZhBS5QuVzgAv1azMRQs5yqdVHLbnByhlZPNAaC0eZuHV6u9ilNbaSeZyqxB7Uhi0Eti4HxZMJL0WRCWBBKvPxRIwZt3MybP27IkbVaEDuCQbpkm%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=4245406539549&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 22:16:04 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame 3BB1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=92615400245745004444994012529008&nw=1
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.224.52 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-178-224-52.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
b804eb531a796892c58281db7f65cbad5f08b0282aeab251299ed059b6e130e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
last-modified
Tue, 05 Dec 2023 22:16:04 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 05 Dec 2023 22:17:04 GMT
activityi;dc_pre=CID71qSp-YIDFRrMOwId67QAWw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8857910644932.537
5994599.fls.doubleclick.net/ Frame B616
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8857910644932.537?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CID71qSp-YIDFRrMOwId67QAWw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8857910644932.537?
391 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CID71qSp-YIDFRrMOwId67QAWw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8857910644932.537?
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
3e913baf4253cf630ba90f1e1b4536ac0cef63be67ea620bb650eeab1cb7d783
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:04 GMT
expires
Tue, 05 Dec 2023 22:16:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CID71qSp-YIDFRrMOwId67QAWw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8857910644932.537?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90008.redintelligence.net/ Frame 068B 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request_content.php?s=92615400245745004444994012529008&a=75cf4a59
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ffaa72f10333f6bd37f8c2502986ee6b1d691219ce3d055243fd54e4da7bc96f

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2098
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Dec 2023 22:16:04 GMT
Expires
Tue, 05 Dec 2023 22:16:04 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame 3BB1 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41645575f70812a3c6f24e3a8ba2ecf4fcb1318bad79960b1f57aa735a288589

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame DDAB 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f38a2b88411c654b2ceca44317e38678370b4bcf84d6af7ff02a124595047fd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64111
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Dec 2023 22:16:04 GMT
gtm.js
www.googletagmanager.com/ Frame E18A 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f38a2b88411c654b2ceca44317e38678370b4bcf84d6af7ff02a124595047fd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64111
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Dec 2023 22:16:04 GMT
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame F6BB 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=68011200211274704444994012529010&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=da5907146e&subid=&uid=7ff5408ad15714ab&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf9EVIqFvZcDaHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0G9cBeQ3PUcOOwLgiLQOsEU7WlDBc8BaVVhq9_BfVvKf4Qp6qaT5meeAPZn0FH8XRWLMKmDYZuYmQ1H3CRHAUBS29-VFErRLcXf0T07LrHsEbEnoClIfWE6N5jVI0ieBvIQKKAgHRiuHNuksY08yxpVGCArBSboH3UZDfP9pR0Gc_aXQD9UGbd9GVvynG9cWHD1gaLo80OzpqP1nqCfX864h4b4t5WjcJZoDpE_VTJYPr0tFqqAHwup3ft7rA8UNNpgsvddtdlWrHwEGDEtj7NR7HNqwy4i9R6rO01lX7i20GzeJllZI2RPCc9GeuYY-x440xzYJ8jpL6HIENBCHxCKIsAXCzC_2Zotaf_V5u81-S7XaySCUpyceZNi183KgSTtnP12O1r_8hn6Y8bzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuorco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_2PFdYhaqCOVn15pD5XJu4l_2PRqw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BXAExbOkjIlU1Xz78r91RyscEICs_kGW433WGX-LX5xQXQAfaTPaDCYXepBRiB9zb4IWPkk86zdpeaJq46VO6lkvdTVOlZW911VgN2ja6dlMCLlMKnkG2xm3ISeltWXnUJQtSaP8AHhBagCgON-ddWN6vzE2B1h-6HVoo0BNScyw4TSPo%26cry%3D1%26dbm_d%3DAKAmf-CcgBdf1ctU7gLXmHzgJjWlEHXSW2k7ci0Fg6vo4puIF22SwdFK8eRABgfgK5zG0zedXvezAo9VjrtvgQA4R2zGiwqQugEKGL5-jb6828wMBnaEbfAooP5jEJ7pvfrEU_d_yesdOsC25XbvnFVCQOuqUp8NngySexmuuG_eN24VxoRjTE2On5SuqWnB3hINAb7VUYHRi7yrWmFTIikUezbhxOuPO0b4CM4fr_MKrq7Jl6lCU-zBoODoSnQ4h_UPjOOBsScSkA7TjyMnewK5jonkgxbfDp4f603d3gqtIXRhV0AQtSLDv3tPoBEwGsVKNtdHxYu3FEto_lzFvcutHmRGrEDfAyuNHeZx74mqZliovTzs-ZorpTtLYBlt0zhcGxzGnRQOtQDJjXwhf67BFl9L_TF0_8opXAT5TB1lEbAranAv9RoOOUJZkfoV36rPAXEKDsk4mz998NOsQIYPojHBGTaJScl-rmTTceE8I7qTc1A12LjaMdAO3SBYSgccWh75-NitbfHEeAyI9-Vq5wQ7HRdtYpyrvJ38zoX7abcfPLfLU784aqj0nUP9izE3HWuXwqhA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=2102712599251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Tue, 05 Dec 2023 22:16:04 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
/
adv.office-partner.de/ Frame 97DB 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=da5907146e&subid=&uid=7ff5408ad15714ab&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf9EVIqFvZcDaHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0G9cBeQ3PUcOOwLgiLQOsEU7WlDBc8BaVVhq9_BfVvKf4Qp6qaT5meeAPZn0FH8XRWLMKmDYZuYmQ1H3CRHAUBS29-VFErRLcXf0T07LrHsEbEnoClIfWE6N5jVI0ieBvIQKKAgHRiuHNuksY08yxpVGCArBSboH3UZDfP9pR0Gc_aXQD9UGbd9GVvynG9cWHD1gaLo80OzpqP1nqCfX864h4b4t5WjcJZoDpE_VTJYPr0tFqqAHwup3ft7rA8UNNpgsvddtdlWrHwEGDEtj7NR7HNqwy4i9R6rO01lX7i20GzeJllZI2RPCc9GeuYY-x440xzYJ8jpL6HIENBCHxCKIsAXCzC_2Zotaf_V5u81-S7XaySCUpyceZNi183KgSTtnP12O1r_8hn6Y8bzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuorco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_2PFdYhaqCOVn15pD5XJu4l_2PRqw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BXAExbOkjIlU1Xz78r91RyscEICs_kGW433WGX-LX5xQXQAfaTPaDCYXepBRiB9zb4IWPkk86zdpeaJq46VO6lkvdTVOlZW911VgN2ja6dlMCLlMKnkG2xm3ISeltWXnUJQtSaP8AHhBagCgON-ddWN6vzE2B1h-6HVoo0BNScyw4TSPo%26cry%3D1%26dbm_d%3DAKAmf-CcgBdf1ctU7gLXmHzgJjWlEHXSW2k7ci0Fg6vo4puIF22SwdFK8eRABgfgK5zG0zedXvezAo9VjrtvgQA4R2zGiwqQugEKGL5-jb6828wMBnaEbfAooP5jEJ7pvfrEU_d_yesdOsC25XbvnFVCQOuqUp8NngySexmuuG_eN24VxoRjTE2On5SuqWnB3hINAb7VUYHRi7yrWmFTIikUezbhxOuPO0b4CM4fr_MKrq7Jl6lCU-zBoODoSnQ4h_UPjOOBsScSkA7TjyMnewK5jonkgxbfDp4f603d3gqtIXRhV0AQtSLDv3tPoBEwGsVKNtdHxYu3FEto_lzFvcutHmRGrEDfAyuNHeZx74mqZliovTzs-ZorpTtLYBlt0zhcGxzGnRQOtQDJjXwhf67BFl9L_TF0_8opXAT5TB1lEbAranAv9RoOOUJZkfoV36rPAXEKDsk4mz998NOsQIYPojHBGTaJScl-rmTTceE8I7qTc1A12LjaMdAO3SBYSgccWh75-NitbfHEeAyI9-Vq5wQ7HRdtYpyrvJ38zoX7abcfPLfLU784aqj0nUP9izE3HWuXwqhA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=2102712599251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 05 Dec 2023 22:16:04 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 12 Dec 2023 22:16:04 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 12D0 		0
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=68011200211274704444994012529010&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=da5907146e&subid=&uid=7ff5408ad15714ab&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf9EVIqFvZcDaHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0G9cBeQ3PUcOOwLgiLQOsEU7WlDBc8BaVVhq9_BfVvKf4Qp6qaT5meeAPZn0FH8XRWLMKmDYZuYmQ1H3CRHAUBS29-VFErRLcXf0T07LrHsEbEnoClIfWE6N5jVI0ieBvIQKKAgHRiuHNuksY08yxpVGCArBSboH3UZDfP9pR0Gc_aXQD9UGbd9GVvynG9cWHD1gaLo80OzpqP1nqCfX864h4b4t5WjcJZoDpE_VTJYPr0tFqqAHwup3ft7rA8UNNpgsvddtdlWrHwEGDEtj7NR7HNqwy4i9R6rO01lX7i20GzeJllZI2RPCc9GeuYY-x440xzYJ8jpL6HIENBCHxCKIsAXCzC_2Zotaf_V5u81-S7XaySCUpyceZNi183KgSTtnP12O1r_8hn6Y8bzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuorco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_2PFdYhaqCOVn15pD5XJu4l_2PRqw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BXAExbOkjIlU1Xz78r91RyscEICs_kGW433WGX-LX5xQXQAfaTPaDCYXepBRiB9zb4IWPkk86zdpeaJq46VO6lkvdTVOlZW911VgN2ja6dlMCLlMKnkG2xm3ISeltWXnUJQtSaP8AHhBagCgON-ddWN6vzE2B1h-6HVoo0BNScyw4TSPo%26cry%3D1%26dbm_d%3DAKAmf-CcgBdf1ctU7gLXmHzgJjWlEHXSW2k7ci0Fg6vo4puIF22SwdFK8eRABgfgK5zG0zedXvezAo9VjrtvgQA4R2zGiwqQugEKGL5-jb6828wMBnaEbfAooP5jEJ7pvfrEU_d_yesdOsC25XbvnFVCQOuqUp8NngySexmuuG_eN24VxoRjTE2On5SuqWnB3hINAb7VUYHRi7yrWmFTIikUezbhxOuPO0b4CM4fr_MKrq7Jl6lCU-zBoODoSnQ4h_UPjOOBsScSkA7TjyMnewK5jonkgxbfDp4f603d3gqtIXRhV0AQtSLDv3tPoBEwGsVKNtdHxYu3FEto_lzFvcutHmRGrEDfAyuNHeZx74mqZliovTzs-ZorpTtLYBlt0zhcGxzGnRQOtQDJjXwhf67BFl9L_TF0_8opXAT5TB1lEbAranAv9RoOOUJZkfoV36rPAXEKDsk4mz998NOsQIYPojHBGTaJScl-rmTTceE8I7qTc1A12LjaMdAO3SBYSgccWh75-NitbfHEeAyI9-Vq5wQ7HRdtYpyrvJ38zoX7abcfPLfLU784aqj0nUP9izE3HWuXwqhA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=2102712599251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 12D0 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=68011200211274704444994012529010&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=da5907146e&subid=&uid=7ff5408ad15714ab&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf9EVIqFvZcDaHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0G9cBeQ3PUcOOwLgiLQOsEU7WlDBc8BaVVhq9_BfVvKf4Qp6qaT5meeAPZn0FH8XRWLMKmDYZuYmQ1H3CRHAUBS29-VFErRLcXf0T07LrHsEbEnoClIfWE6N5jVI0ieBvIQKKAgHRiuHNuksY08yxpVGCArBSboH3UZDfP9pR0Gc_aXQD9UGbd9GVvynG9cWHD1gaLo80OzpqP1nqCfX864h4b4t5WjcJZoDpE_VTJYPr0tFqqAHwup3ft7rA8UNNpgsvddtdlWrHwEGDEtj7NR7HNqwy4i9R6rO01lX7i20GzeJllZI2RPCc9GeuYY-x440xzYJ8jpL6HIENBCHxCKIsAXCzC_2Zotaf_V5u81-S7XaySCUpyceZNi183KgSTtnP12O1r_8hn6Y8bzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuorco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_2PFdYhaqCOVn15pD5XJu4l_2PRqw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BXAExbOkjIlU1Xz78r91RyscEICs_kGW433WGX-LX5xQXQAfaTPaDCYXepBRiB9zb4IWPkk86zdpeaJq46VO6lkvdTVOlZW911VgN2ja6dlMCLlMKnkG2xm3ISeltWXnUJQtSaP8AHhBagCgON-ddWN6vzE2B1h-6HVoo0BNScyw4TSPo%26cry%3D1%26dbm_d%3DAKAmf-CcgBdf1ctU7gLXmHzgJjWlEHXSW2k7ci0Fg6vo4puIF22SwdFK8eRABgfgK5zG0zedXvezAo9VjrtvgQA4R2zGiwqQugEKGL5-jb6828wMBnaEbfAooP5jEJ7pvfrEU_d_yesdOsC25XbvnFVCQOuqUp8NngySexmuuG_eN24VxoRjTE2On5SuqWnB3hINAb7VUYHRi7yrWmFTIikUezbhxOuPO0b4CM4fr_MKrq7Jl6lCU-zBoODoSnQ4h_UPjOOBsScSkA7TjyMnewK5jonkgxbfDp4f603d3gqtIXRhV0AQtSLDv3tPoBEwGsVKNtdHxYu3FEto_lzFvcutHmRGrEDfAyuNHeZx74mqZliovTzs-ZorpTtLYBlt0zhcGxzGnRQOtQDJjXwhf67BFl9L_TF0_8opXAT5TB1lEbAranAv9RoOOUJZkfoV36rPAXEKDsk4mz998NOsQIYPojHBGTaJScl-rmTTceE8I7qTc1A12LjaMdAO3SBYSgccWh75-NitbfHEeAyI9-Vq5wQ7HRdtYpyrvJ38zoX7abcfPLfLU784aqj0nUP9izE3HWuXwqhA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=2102712599251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 12D0 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=68011200211274704444994012529010&pv=1
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=da5907146e&subid=&uid=7ff5408ad15714ab&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf9EVIqFvZcDaHOHL9u8Pt5Ch4Aem5b2gab2TnKfJD_AuEAEgjeS9KWCV4pCCoAfIAQmpAuYyFxa4JbI-qAMByAObBKoErwJP0G9cBeQ3PUcOOwLgiLQOsEU7WlDBc8BaVVhq9_BfVvKf4Qp6qaT5meeAPZn0FH8XRWLMKmDYZuYmQ1H3CRHAUBS29-VFErRLcXf0T07LrHsEbEnoClIfWE6N5jVI0ieBvIQKKAgHRiuHNuksY08yxpVGCArBSboH3UZDfP9pR0Gc_aXQD9UGbd9GVvynG9cWHD1gaLo80OzpqP1nqCfX864h4b4t5WjcJZoDpE_VTJYPr0tFqqAHwup3ft7rA8UNNpgsvddtdlWrHwEGDEtj7NR7HNqwy4i9R6rO01lX7i20GzeJllZI2RPCc9GeuYY-x440xzYJ8jpL6HIENBCHxCKIsAXCzC_2Zotaf_V5u81-S7XaySCUpyceZNi183KgSTtnP12O1r_8hn6Y8bzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYwLfbo6n5ggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIuorco6n5ggMV4aX9Bx03SAh8sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ%26sig%3DAOD64_2PFdYhaqCOVn15pD5XJu4l_2PRqw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BXAExbOkjIlU1Xz78r91RyscEICs_kGW433WGX-LX5xQXQAfaTPaDCYXepBRiB9zb4IWPkk86zdpeaJq46VO6lkvdTVOlZW911VgN2ja6dlMCLlMKnkG2xm3ISeltWXnUJQtSaP8AHhBagCgON-ddWN6vzE2B1h-6HVoo0BNScyw4TSPo%26cry%3D1%26dbm_d%3DAKAmf-CcgBdf1ctU7gLXmHzgJjWlEHXSW2k7ci0Fg6vo4puIF22SwdFK8eRABgfgK5zG0zedXvezAo9VjrtvgQA4R2zGiwqQugEKGL5-jb6828wMBnaEbfAooP5jEJ7pvfrEU_d_yesdOsC25XbvnFVCQOuqUp8NngySexmuuG_eN24VxoRjTE2On5SuqWnB3hINAb7VUYHRi7yrWmFTIikUezbhxOuPO0b4CM4fr_MKrq7Jl6lCU-zBoODoSnQ4h_UPjOOBsScSkA7TjyMnewK5jonkgxbfDp4f603d3gqtIXRhV0AQtSLDv3tPoBEwGsVKNtdHxYu3FEto_lzFvcutHmRGrEDfAyuNHeZx74mqZliovTzs-ZorpTtLYBlt0zhcGxzGnRQOtQDJjXwhf67BFl9L_TF0_8opXAT5TB1lEbAranAv9RoOOUJZkfoV36rPAXEKDsk4mz998NOsQIYPojHBGTaJScl-rmTTceE8I7qTc1A12LjaMdAO3SBYSgccWh75-NitbfHEeAyI9-Vq5wQ7HRdtYpyrvJ38zoX7abcfPLfLU784aqj0nUP9izE3HWuXwqhA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.catolicoorante.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.catolicoorante.com.br&random=2102712599251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 22:16:04 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame F355 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=82044700193646804444994012529025&nw=1
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.224.52 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-178-224-52.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
28270ba158aeb18ed8b241a790fc19bc5da2ff2e1b42fa90c75fab6f22dc0ccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
last-modified
Tue, 05 Dec 2023 22:16:04 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 05 Dec 2023 22:17:04 GMT
activityi;dc_pre=COqE1qSp-YIDFUDMOwIdzlgLEA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8591514510048.945
5994599.fls.doubleclick.net/ Frame DCB3
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8591514510048.945?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COqE1qSp-YIDFUDMOwIdzlgLEA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8591514510048.945?
391 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=COqE1qSp-YIDFUDMOwIdzlgLEA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8591514510048.945?
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
aa06d3db5653d1e306342045f06b058e41ca9668a2a1b388ce786623366b1f1e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:04 GMT
expires
Tue, 05 Dec 2023 22:16:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=COqE1qSp-YIDFUDMOwIdzlgLEA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8591514510048.945?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900025.redintelligence.net/ Frame 0657 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/request_content.php?s=82044700193646804444994012529025&a=8992b0d9
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
174e4500b77f8caeaf26632e5433a6da7008ab90d382b6ffddb89a15f38b0ee4

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2100
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Dec 2023 22:16:04 GMT
Expires
Tue, 05 Dec 2023 22:16:04 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame F355 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4882a02f12ec679eeb0c37707b4350747338245f99691e5d024a9072c9945c39

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 068B 		5 KB
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=92615400245745004444994012529008&a=75cf4a59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 21:16:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 22:16:04 GMT
/
hal9000.redintelligence.net/scale/ Frame 068B 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=92615400245745004444994012529008&a=75cf4a59
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
cd7bf462b6cfc23a7f953c929ab7323ebd138557eb332e986880738ae877bb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16982
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 068B 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=92615400245745004444994012529008&a=75cf4a59
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
f6e70758a795a781a44892608ef5344c8c6341c12dfa8fec6950453bcf3a0b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16515
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 068B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=92615400245745004444994012529008&a=75cf4a59
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
aa4129b5f4748777aa858cc39542e0f4963cc136a620c06873da8e7260285e87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10940
Vary
Accept-Encoding
Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame 97DB 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b151aa89ada97e5a8be0b3a553add1e9c8ce3688f21fb0d5a6465c5cd333e504
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64115
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Dec 2023 22:16:04 GMT
link.html
track.webgains.com/ Frame 12D0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=68011200211274704444994012529010&nw=1
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.224.52 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-178-224-52.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
b8cf1ecbe148cb6469eabe9b78757b1f04b380ddf16a3f148682880fa489fa11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
last-modified
Tue, 05 Dec 2023 22:16:04 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 05 Dec 2023 22:17:04 GMT
activityi;dc_pre=CPbo3KSp-YIDFYzaOwIdurAH-w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2460826182510.5625
5994599.fls.doubleclick.net/ Frame DC8E
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2460826182510.5625?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPbo3KSp-YIDFYzaOwIdurAH-w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2460826182510.5625?
392 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPbo3KSp-YIDFYzaOwIdurAH-w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2460826182510.5625?
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
67510a27d1c2028a4d4972e31e7817d3b7b6f5b3f25406b306676d23cdb7a103
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
220
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:04 GMT
expires
Tue, 05 Dec 2023 22:16:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 22:16:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPbo3KSp-YIDFYzaOwIdurAH-w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2460826182510.5625?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900010.redintelligence.net/ Frame 56AA 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=68011200211274704444994012529010&a=852ae918
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
494bf33bf5befb24f7bca470bb2e21432f64ad530475f16813553073903f8db5

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2106
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Dec 2023 22:16:04 GMT
Expires
Tue, 05 Dec 2023 22:16:04 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame 12D0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15bc67a84c29312fafc7a3cd2d7bc5381595799f8dbce5009e99a0a471a3a06c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 0657 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=82044700193646804444994012529025&a=8992b0d9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 21:58:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 22:16:04 GMT
/
hal9000.redintelligence.net/scale/ Frame 0657 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=82044700193646804444994012529025&a=8992b0d9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
cd7bf462b6cfc23a7f953c929ab7323ebd138557eb332e986880738ae877bb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16982
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 0657 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=82044700193646804444994012529025&a=8992b0d9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
f6e70758a795a781a44892608ef5344c8c6341c12dfa8fec6950453bcf3a0b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16515
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 0657 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=82044700193646804444994012529025&a=8992b0d9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
aa4129b5f4748777aa858cc39542e0f4963cc136a620c06873da8e7260285e87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10940
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal90008.redintelligence.net/ Frame 068B 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=92615400245745004444994012529008&a=6d885b7f&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=92615400245745004444994012529008&a=75cf4a59
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=92615400245745004444994012529008&a=75cf4a59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/ Frame DDAB 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
688c0f1eef7a6e5612ad296723308c93b76bc3b4bcbe764acd0b2ee90cfe7f11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93076
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 22:16:04 GMT
js
www.googletagmanager.com/gtag/ Frame E18A 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
688c0f1eef7a6e5612ad296723308c93b76bc3b4bcbe764acd0b2ee90cfe7f11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93076
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 22:16:04 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 068B 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:17:35 GMT
x-content-type-options
nosniff
age
97109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 19:17:35 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 068B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:37:52 GMT
x-content-type-options
nosniff
age
95892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 19:37:52 GMT
css
fonts.googleapis.com/ Frame 56AA 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=68011200211274704444994012529010&a=852ae918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 21:53:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 22:16:04 GMT
/
hal9000.redintelligence.net/scale/ Frame 56AA 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=68011200211274704444994012529010&a=852ae918
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
cd7bf462b6cfc23a7f953c929ab7323ebd138557eb332e986880738ae877bb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16982
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 56AA 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=68011200211274704444994012529010&a=852ae918
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
f6e70758a795a781a44892608ef5344c8c6341c12dfa8fec6950453bcf3a0b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16515
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 56AA 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=68011200211274704444994012529010&a=852ae918
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
aa4129b5f4748777aa858cc39542e0f4963cc136a620c06873da8e7260285e87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10940
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal900025.redintelligence.net/ Frame 0657 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/viewability?s=82044700193646804444994012529025&a=9971b3f6&vb=m
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=82044700193646804444994012529025&a=8992b0d9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/request_content.php?s=82044700193646804444994012529025&a=8992b0d9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/ Frame 97DB 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
216ec13187fea4bc4afb2d0dca8390d73dd4d7deaaa195134e0c47558d4a2948
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93075
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 22:16:04 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 0657 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900025.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:17:35 GMT
x-content-type-options
nosniff
age
97109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 19:17:35 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 0657 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900025.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:37:52 GMT
x-content-type-options
nosniff
age
95892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 19:37:52 GMT
csi
csi.gstatic.com/ Frame C7B5 		0
0
viewability
hal900010.redintelligence.net/ Frame 56AA 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=68011200211274704444994012529010&a=f968ef08&vb=m
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=68011200211274704444994012529010&a=852ae918
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=68011200211274704444994012529010&a=852ae918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:04 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
player
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=104541&tid=30383&v=20&cb=1701814564480&t_dsp_request=453&t_player_start=2371&t_page_load=4580
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
csi
csi.gstatic.com/ Frame C7B5 		0
0
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 56AA 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:17:35 GMT
x-content-type-options
nosniff
age
97109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 19:17:35 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 56AA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:37:52 GMT
x-content-type-options
nosniff
age
95892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 19:37:52 GMT
dc_pre=COqE1qSp-YIDFUDMOwIdzlgLEA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8591514510048.945
adservice.google.com/ddm/fls/z/ Frame DCB3 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COqE1qSp-YIDFUDMOwIdzlgLEA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8591514510048.945
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COqE1qSp-YIDFUDMOwIdzlgLEA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8591514510048.945?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dsp
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=104541&tids=30670&v=20&cb=1701814564501&t_player_start=2392&t_page_load=4602
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
bridge3.607.0_en.html
imasdk.googleapis.com/js/core/ Frame 1D79 		751 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
102053
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246373
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 17:55:11 GMT
expires
Tue, 03 Dec 2024 17:55:11 GMT
last-modified
Mon, 04 Dec 2023 15:54:30 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame ED3E 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 21:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 05 Dec 2023 22:35:04 GMT
dc_pre=CID71qSp-YIDFRrMOwId67QAWw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8857910644932.537
adservice.google.com/ddm/fls/z/ Frame B616 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CID71qSp-YIDFRrMOwId67QAWw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8857910644932.537
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CID71qSp-YIDFRrMOwId67QAWw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8857910644932.537?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 12D0 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=68011200211274704444994012529010&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.176.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-176-108.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 02:36:08 GMT
content-encoding
gzip
via
1.1 cd068397b3367ed727e4988c0cabf85a.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-C1
age
70797
etag
W/"1180a1bfee0aad979766ecd6180b923e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
8zFAbWFP7NmA2qxK7EAjCXXteN0QULCW9mFmTNo1PGkgl8d-zszIFA==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 12D0 		85 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1701814864&Signature=gkJS34A9JiCUivqUN1GNyDioaG4SCaaYiALTouEcUgPohHSoTHy6aOvQGY76~q4PQGBB-Pa4ufVXMUlXdoOtQn5IV17p4n9EghQN7ym2F0Gv7PLyp5OVEsogX~LRdazL7aO6br4NzFnFSAc6GoiadZdPz~vsU~1KE1HIExVLrMtDBhV8L5d4u0FczPi5fN5SRqSsHW7uv5Ai4azcpJzzDCL54YftOOsFMc1rG~aoHsKPmCjQEn9OMEEXIie3xPQc291YxQtKj95oGeuv32CYBgHyVgEXFUWoNUcCgiXIjjEo44eQJiO69xJwcb1jdPjpeUmqO6X5hn~AOORexo6rSQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-76.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:08:23 GMT
x-amz-version-id
null
via
1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
43662
etag
"70af33d70b6810475aae19743c8c435b"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
h7hG62HXSo_k6uJKcdzy1Pcn--dZSPZCNiZ-6tlr_zJj13eb31_YGw==
pvClk.min.js
analytics.webgains.io/ Frame F355 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=82044700193646804444994012529025&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.176.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-176-108.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 02:36:08 GMT
content-encoding
gzip
via
1.1 cd068397b3367ed727e4988c0cabf85a.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-C1
age
70797
etag
W/"1180a1bfee0aad979766ecd6180b923e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
892PHDiAXKcgwz2cSt5RWJDrRzKfqG4nymsxuJAel5eqy_MFUDytVQ==
1x1.png
cdn.track.production.webgains.team/7121/ Frame F355 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1701814864&Signature=HcFi3Gkp-Kjx-SEJMxg4t99uRLoGJNqB7Y46aZUOgtg8sqr-PMZx5UMYfOk9xd9wGrKx77tC4cVU7zNLN6RKsiys-TJGmz1kYtZ-Fe5JGVSIrjxoy4Yn8XPl0PcwHjPCgTCT07~~CR3~D8hTzwug18Qd83oAIQRFAKDTHclNJapsIzfHSfCwNWnIx3IECT~n~tht9X4wuYQIg-q09oZ3shIHjALiL8lsK2vZJBxvV9M693xlFSFqiTGb2xZ8ryXuljEhuONv~gKeifQ~4R7Tn8TDKSDeDXM2CzriaUiELsEKFaffAItPddie2SsuoVWzDW9fiigv-eMUMqyufmLqOw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
URL: https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-76.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 03:25:52 GMT
x-amz-version-id
null
via
1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
67813
etag
"4e57de0506fbdb487ffcd53b450caee1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
L4ic7yvRu6p2R0yE-sUVXimWql9FDmkWz7CTucxWAsKE4Do1bxxNgw==
dc_pre=CPbo3KSp-YIDFYzaOwIdurAH-w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2460826182510.5625
adservice.google.com/ddm/fls/z/ Frame DC8E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPbo3KSp-YIDFYzaOwIdurAH-w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2460826182510.5625
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPbo3KSp-YIDFYzaOwIdurAH-w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2460826182510.5625?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 3BB1 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=92615400245745004444994012529008&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.176.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-176-108.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 02:36:08 GMT
content-encoding
gzip
via
1.1 cd068397b3367ed727e4988c0cabf85a.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-C1
age
70797
etag
W/"1180a1bfee0aad979766ecd6180b923e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
aTAgiME3yNyMFaQmjki_mTwCVlQEOqh-z3gvaNxx8cq9CKyrveHjwA==
1x1.png
cdn.track.production.webgains.team/7121/ Frame 3BB1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1701814864&Signature=HcFi3Gkp-Kjx-SEJMxg4t99uRLoGJNqB7Y46aZUOgtg8sqr-PMZx5UMYfOk9xd9wGrKx77tC4cVU7zNLN6RKsiys-TJGmz1kYtZ-Fe5JGVSIrjxoy4Yn8XPl0PcwHjPCgTCT07~~CR3~D8hTzwug18Qd83oAIQRFAKDTHclNJapsIzfHSfCwNWnIx3IECT~n~tht9X4wuYQIg-q09oZ3shIHjALiL8lsK2vZJBxvV9M693xlFSFqiTGb2xZ8ryXuljEhuONv~gKeifQ~4R7Tn8TDKSDeDXM2CzriaUiELsEKFaffAItPddie2SsuoVWzDW9fiigv-eMUMqyufmLqOw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=92615400245745004444994012529008&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-76.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 03:25:52 GMT
x-amz-version-id
null
via
1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
67813
etag
"4e57de0506fbdb487ffcd53b450caee1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
Y8ef5CTjiEYlka7neogyKKpoXvaSpefkNzorIJoUsId2hz-8fdpHNg==
ads
pubads.g.doubleclick.net/gampad/ Frame 1D79 		3 KB
934 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C22500435788%2FAdExchangeVideo2%2Fviads.catolicoorante.com.br&description_url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=3823145535091782&&_timestamp=1701814564505&vpa=auto&vpmute=1&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=2597641499&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&nel=0&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=1701814564681&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw&scor=3160155284876581&ged=ve4_td4_tt2_pd4_la4000_er0.0.156.300_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12c21d8cc1514e436200bcad37e648970911f49509baf5ea17582eb87ceb164a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
907
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.catolicoorante.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
ads
pubads.g.doubleclick.net/gampad/ Frame 1D79 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F21760922134%2FAdExchangeVideo2%2Fviads.catolicoorante.com.br&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.catolicoorante.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=45000&vrid=1248875&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&adk=2597641499&correlator=3823145535091782&ctv=0&dt=1701814564742&ged=ve4_td4_tt2_pd4_la4000_er0.0.243.432_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.607.0&osd=2&ptt=20&scor=3160155284876581&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&hl=en&frm=0&sdki=445&sdkv=h.3.607.0&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22500435788&kfa=0&tfcd=0&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&top=https%3A%2F%2Fwww.catolicoorante.com.br%2F&loc=https%3A%2F%2Fwww.catolicoorante.com.br%2F&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1DCD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8ahNcMBRCyxFALoY5nzqYDXm9tBoZgYgVBEQvnwNGzFBL2hlqlTHSHaqwJlxCx9_dMRTxxLPwYuE9AeHGXsvlEG-v8hMRznCGaIqrR9WJYMuAx4Nx8Y_trUVEJdqZumDLEhyIniuo49Zb&sai=AMfl-YSBujCx7NoINoQBFjTMkOf1WAtAo8H2KHEqAU9sxPdjy2ZIwLC32lVzhyZlKrd1Cdkf7uU7KC6_GVlqulpHuzBiqVAT9eZWsH4ybud1ZWrZ29mwVF6kbDroTpWGvbFdBW3lFq4A2tvv6HOnJ26rrlN4AdFJ3Gq02nxf&sig=Cg0ArKJSzKbZmFmoxcXiEAE&cid=CAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2280894051&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701814563466&rpt=389&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 1D79 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpswga3k&c=1103434022420&slotId=551717011210&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:806::2003 Plant City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1D79 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F21760922134%2FAdExchangeVideo2%2Fviads.catolicoorante.com.br&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.catolicoorante.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&lip=true&min_ad_duration=0&max_ad_duration=45000&vrid=1248875&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&adk=2597641499&correlator=3823145535091782&ctv=0&dt=1701814564989&ged=ve4_td4_tt2_pd4_la4000_er0.0.243.432_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.607.0&osd=2&ptt=20&scor=3160155284876581&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&hl=en&frm=0&sdki=445&sdkv=h.3.607.0&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22500435788&kfa=0&tfcd=0&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&top=https%3A%2F%2Fwww.catolicoorante.com.br%2F&loc=https%3A%2F%2Fwww.catolicoorante.com.br%2F&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
player
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=104541&tid=30670&v=20&cb=1701814565151&t_dsp_request=650&t_player_start=3042&t_page_load=5252
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
csi
csi.gstatic.com/ Frame 1D79 		0
0
dsp
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=104541&tids=9339&v=20&cb=1701814565156&t_player_start=3047&t_page_load=5256
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
bridge3.607.0_en.html
imasdk.googleapis.com/js/core/ Frame 0055 		751 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
102054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246373
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 17:55:11 GMT
expires
Tue, 03 Dec 2024 17:55:11 GMT
last-modified
Mon, 04 Dec 2023 15:54:30 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0843 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 21:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 05 Dec 2023 22:35:04 GMT
viewability
hal900025.redintelligence.net/ Frame 0657 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/viewability?s=82044700193646804444994012529025&a=9971b3f6&vb=v
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=82044700193646804444994012529025&a=8992b0d9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/request_content.php?s=82044700193646804444994012529025&a=8992b0d9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:05 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4356 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
49072
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 05 Dec 2023 22:16:05 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
341, 300822
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220105-FRA
X-Timer
S1701814566.516445,VS0,VE0
beacon
ap.lijit.com/ Frame F053 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401985
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 05 Dec 2023 22:16:05 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ams1
csync
sync.adtelligent.com/ Frame 67FA
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D...
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=139CBC8C5D00E1C6&sp=707647&pb=534151&c=750708&a=754412&domain=https://www.catolicoorante.com.br/&gdpr=...
43 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=139CBC8C5D00E1C6&sp=707647&pb=534151&c=750708&a=754412&domain=https://www.catolicoorante.com.br/&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 05 Dec 2023 22:16:05 GMT
Etag
30125d47f89de344
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Tue, 05 Dec 2023 22:16:05 GMT
expires
Tue, 05 Dec 2023 22:16:05 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=139CBC8C5D00E1C6&sp=707647&pb=534151&c=750708&a=754412&domain=https://www.catolicoorante.com.br/&gdpr=0&gdpr_source=&gdpr_consent=
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
cookie
cm.adform.net/ Frame 1F23 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D139CBC8C5D00E1C6%26sp%3D707647%26pb%3D534151%26c%3D709112%26a%3D743293%26domain%3Dhttps%3A%2F%2Fwww.catolicoorante.com.br%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Tue, 05 Dec 2023 22:16:05 GMT
server
nginx
pd
u.openx.net/w/1.0/ Frame 655B 		0
71 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 05 Dec 2023 22:16:05 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 47AF 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 05 Dec 2023 22:16:05 GMT
usync.html
eus.rubiconproject.com/ Frame 1BDC 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Dec 2023 22:16:05 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 98BE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1017
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
830fa6ca7dd12c26-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Dec 2023 22:16:05 GMT
expires
Wed, 06 Dec 2023 02:16:05 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame F355 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4UdqGYe54lMfeIRtMHXcak5wOh4En5U0adzBQkd0DJ1XmYTGkku0sr2_amqHN_jU67LI6kzR8gvanoyULlWvropgEWpynPARDGLDGnQarucL4F_kDJZvmIma4yCZ5dQI&sai=AMfl-YS0lZQ48PdiIjFxs2uyuvMknZhMTxPSuLjRoKulEoPi6yNIjdTxNjAJALY4s0f__R-S3tEqBazj-iNPR6VPhGOUIoWqHv2zPN1v13NKLF9-pj0xS6I9p3sLC3I5ZyLhk73Eb2PDocsgEyB9on6somOfHlDlfxd3ycT9&sig=Cg0ArKJSzOoaPg7D4SYqEAE&cid=CAQSTwDICaaNpkE8VVc0v8G_0QxbWWI-pouQ8LyZX0Yew2a_bH9tqrBrEHuh8gUpNFJQQv53r4hvDkHZHEpjmD4HvMVZrdjfXVhZCfaSv_3gnJYYAQ&id=lidar2&mcvt=1120&p=430,1064,710,1400&mtos=1120,1120,1120,1120,1120&tos=1120,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2496449170&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701814563499&rpt=866&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame F355 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 05 Dec 2023 22:16:05 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 12D0 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 05 Dec 2023 22:16:05 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 3BB1 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 05 Dec 2023 22:16:05 GMT
server
nginx
usync.js
eus.rubiconproject.com/ Frame 1BDC 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
96fe9ca0bdf99e0ac4dbccecdf21a0908da690de37f89f6fa0c790d3167aa47c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Dec 2023 12:00:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49470
Connection
keep-alive
Content-Length
13236
Expires
Wed, 06 Dec 2023 12:00:35 GMT
async_usersync
ib.adnxs.com/ Frame 4356 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:05 GMT
an-x-request-uuid
c0041427-ae8b-413e-9e14-8f210045007b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.133; 138.199.38.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 739D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.catolicoorante.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eebdf1f072361b2f920598bb429d9fa13dcfb063f0267dbebf35df35dd5d7908

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
830fa6cb1bec9034-FRA
content-encoding
br
content-type
text/html
date
Tue, 05 Dec 2023 22:16:05 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PktoQUpOGAZRbVmlzVM4bmcPS2kK6PP3sjh%2F9q2wl8nkfZf%2BNg0KgOlTP1sKv%2FvbP0bG9pNzgUgqyhROzc30M8VYIMaaDyFj8fvmTThBefyNyUeC7r8CTiQTC1H9niAmM645Q6DjEOm4Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ads
pubads.g.doubleclick.net/gampad/ Frame 0055 		0
0
khaos.json
token.rubiconproject.com/ Frame 1BDC 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 739D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZW-hI9rtvCrs9QKlZ6LNogAADG0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGanCDUcxh9pgQy2kF7Ww5w&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGanCDUcxh9pgQy2kF7Ww5w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.catolicoorante.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WeTxxFtljsshjJW7IsmGfYV5w37A%2Fj0wP1aJsSdyIfBf3vlMdRpr1SBP28wKQ3xHlWuoQxg9nDlL2VstJxvZx3IQmXGxUxEZcVM9uW8bpNDwiawhJNWi1rojdcEvbseQRfM3kD5q%2B8z3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830fa6cb6d573a9a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGanCDUcxh9pgQy2kF7Ww5w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28292
i6.liadm.com/s/ Frame 739D
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZW.hI9rtvCrs9QKlZ6LNogAA%263181&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZW.hI9rtvCrs9QKlZ6LNogAA%263181&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=952aca83cf3d448a872a67514a679cb2
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wQJYBUEPsXpPqQfaWZIL-kYw-6lY5J5fCPMfRA
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wQJYBUEPsXpPqQfaWZIL-kYw-6lY5J5fCPMfRA
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wQJYBUEPsXpPqQfaWZIL-kYw-6lY5J5fCPMfRA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.catolicoorante.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:4485:60d2:df0:ecb9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:06 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wQJYBUEPsXpPqQfaWZIL-kYw-6lY5J5fCPMfRA
Date
Tue, 05 Dec 2023 22:16:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
4
casale
match.adsrvr.org/track/cmf/ Frame 739D 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.catolicoorante.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 739D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZW-hI9rtvCrs9QKlZ6LNogAADG0AAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZW-hI9rtvCrs9QKlZ6LNogAADG0AAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZW-hI9rtvCrs9QKlZ6LNogAADG0AAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.catolicoorante.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 22:16:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F1GWM03XCVJ9RTJ1SZYY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 22:16:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XB63GXP7VF0R2XDJH0S1
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZW-hI9rtvCrs9QKlZ6LNogAADG0AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 739D 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.catolicoorante.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:05 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-10
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
sync
x.bidswitch.net/ Frame 739D 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.catolicoorante.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.41.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-41-2.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
ZW-hI9rtvCrs9QKlZ6LNogAADG0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 739D 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZW-hI9rtvCrs9QKlZ6LNogAADG0AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.catolicoorante.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:c84a:f3f:c1a8:24dc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
user-registering
ads.stickyadstv.com/ Frame 739D 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZW-hI9rtvCrs9QKlZ6LNogAADG0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.catolicoorante.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 22:16:05 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1701814565733008-540
htw-pixel.gif
cdn.indexww.com/ht/ Frame 739D 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZW.hI9rtvCrs9QKlZ6LNogAA%263181
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.catolicoorante.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
72978
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
830fa6cb5e962c26-FRA
content-length
43
expires
Wed, 06 Dec 2023 22:16:05 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 0055 		0
0
player
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=104541&tid=9339&v=20&cb=1701814565682&t_dsp_request=527&t_player_start=3573&t_page_load=5783
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
dsp
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=104541&tids=33724&v=20&cb=1701814565687&t_player_start=3578&t_page_load=5788
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
bridge3.607.0_en.html
imasdk.googleapis.com/js/core/ Frame 52FA 		751 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.catolicoorante.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
102054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246373
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 17:55:11 GMT
expires
Tue, 03 Dec 2024 17:55:11 GMT
last-modified
Mon, 04 Dec 2023 15:54:30 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E3F5 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 21:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 05 Dec 2023 22:35:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F355 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4310724938745&version=m202309260101&ct=77&x=1&cor=1839541915241770000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 12D0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3380018451903&version=m202309260101&ct=77&x=1&cor=6990165532659251000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BB1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2374060200092&version=m202309260101&ct=77&x=1&cor=7631771484594619000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 52FA 		3 KB
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21842480936%2C22785811991%2Fca-video-pub-6846559377126874-tag%2Fviads%2Fcatolicoorante.com.br&description_url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=561605315952398&_timestamp=1701814565690&vpa=auto&vpmute=1&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=3178834926&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&nel=0&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=1701814565797&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw&scor=3538539875836232&ged=ve4_td5_tt3_pd5_la5000_er0.0.156.300_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ae9b15e6a5ecd20c30a74e888431b154c6d805c34ddb819c36fd21c1c54ef3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
915
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 52FA 		52 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F21842480936%2Fca-video-pub-6846559377126874-tag%2Fviads%2Fcatolicoorante.com.br&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.catolicoorante.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=45000&vrid=1357204&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&adk=3178834926&correlator=561605315952398&ctv=0&dt=1701814565852&ged=ve4_td5_tt3_pd5_la5000_er0.0.243.432_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.607.0&osd=2&ptt=20&scor=3538539875836232&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&hl=en&frm=0&sdki=445&sdkv=h.3.607.0&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22785811991&kfa=0&tfcd=0&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&top=https%3A%2F%2Fwww.catolicoorante.com.br%2F&loc=https%3A%2F%2Fwww.catolicoorante.com.br%2F&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccedc0c47fe7aca129612a8d49ee5075421cb62b7bc51f90d42c935d27371ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6670
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 52FA 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpswgayw&c=1103434022420&slotId=551717011210&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:806::2003 Plant City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/vast/ Frame 52FA 		24 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/enduser/vast/?t=1&iid=0b3298cf-b46b-4744-a14d-64dd54e5ae51&crid=qy8tf5gm&wp=ZW-hJQANhqMKe7bPAAbrjpMF8O8ZfrxbzqAVIw&aid=1&wpc=USD&sfe=17a72125&puid=CAESEOXtlIMYsKYYhyp3XXAU3Ak&tdid=&pid=bjvqtx2&ag=um4l7c6&adv=z4d7gvf&sig=1DDecve360DB9B-d_DKE5HmhHILTwAVbRwthOzaHQhwM.&bp=0.650102770412956&cf=5813616&fq=0&td_s=www.catolicoorante.com.br&rcats=&mste=&mfld=2&mssi=&mfsi=&uhow=71&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=en&svpid=pub-6846559377126874&did=&rcxt=Other&lat=50.110000&lon=8.680000&tmpc=3.57000000000005&daid=&vp=0&osi=&osv=&bx=70&bffi=41&vpb=PreRoll&dc=96&vcc=EC0YeDICCAJAAUgBUAOgAbADqAHzAcgBAdABA-gBAoACA4oCDAgCCAMIBQgGCAcICJoCAKACAqgCAsACAg..&sv=google&pidi=3382&advi=430767&cmpi=3502888&agi=15888325&cridi=32243427&svi=1&tid=1&cmp=t83ycn6&vrtd=14,15&srca=1&rurl=https%3a%2f%2fwww.catolicoorante.com.br%2f&tsig=DjjZdfbwBBTeVUZQBIMFiJNqiGdWjcFkHZpfIZ4cISE.&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW4wAzgCSABQAYABAIgBApABAbABALoBBAgEGALAAcKfA8kBNDMzMzMDR0DQAcKfA9gCtBDgAqwC6AIt8AIA-AIBgAMBiAMCkAMAmAMA&dur=CjsKImNoYXJnZS1hbGxJbnRlZ3JhbFZpZGVvQnJhbmRTYWZldHkiFQjm__________8BEghpbnRlZ3JhbAo7CiJjaGFyZ2UtYWxsSW50ZWdyYWxWaWRlb1BhZ2VRdWFsaXR5IhUI5f__________ARIIaW50ZWdyYWwKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucw..&durs=YhkTUj&crrelr=&fpa=615&pcm=3&grdc=CAEYASABKAE62AYxMDQ3LDI1ODYsMTMxMyw0NzksMTY1MSw4MTcsOTMyLDE3MTYsMTM0LDI3ODAsMTgzMSwxNTE0LDEyNDgsMTA5Nyw3MjMsMTIxMiwxMjQxLDI1NzEsNDE0LDE5NjAsNjIsMTg0LDQ4NiwyNTA2LDQ0MiwzNjMsMTIwNSwxMTI2LDI3NzksMTkwMiwxNjIsMzEzLDU3MSwxNDQ5LDE1NCwxMjExLDEzNjIsNTI4LDI0NDEsNDkyLDk4MSwyMjkwLDE3NjUsNDQ5LDI0MSwxMjYsMTI3NiwyMjksMTE3MSwxNTA5LDE0MjMsMjk0LDI0MTUsMTIzNiwzNTgsMjAxMiwyMTI3LDE0MTUsMTc1MywxNDUxLDIzNTcsMTM2NSwzNSw5OTEsMjM2LDEyNTAsMTA2Myw0OTUsMTQ5LDExMjcsMTY1MiwzMzYsMTA0OCwyMjEsOTc2LDU5NSwyMjk5LDE3OCwyMTcwLDQ4LDc4MiwxMiw1ODgsMjcwOSw5MzMsMTYzMSwzMTQsMTg5Niw1NzQsMzUwLDUzNywyMTkyLDYwOSw3MCw0OTQsMTE3MCwxODg5LDI0NjQsNDE1LDI3MSwyNTY4LDI3NCwxODkyLDE1LDU0MCwxMDI5LDE2NjksMjA3MiwyMiwyNTc1LDE4OCw4MCwyMDc5LDE4NzAsNDgyLDE4MzQsMTU0NywyMDksNDMyLDI3NzYsMTc5MSwxMTAwLDI5NzcsMzE3LDIwNzgsMzM4LDgyNywyNTMxLDE1MDMsMjM3MywxNzMzLDI1OSwxMjAxLDc3Niw0MzgsMzIzLDEzMDEsMzU5LDEzNDQsOTMsMTA4LDI0MzcsMjEyMSwxNTE3LDI2MjQsMTAyOCwxNjUsMTIyLDg2LDU3NSwzMTYsNywzOTgsMjY0OSw4OSwxODU4LDM0OCwxNjEsMTUyMCwyMzExLDM0MCwxMDk1LDE5NTgsMjcwNiwxOTIyLDI2NjMsMTczNSwyNzc4LDIwNTksMTU3MCwxODcyLDE1NzcsMjI1MywyNTI2LDI2NzcsMTY3LDIzMTAsMjIwMiwxNTk4LDk4NywzMTEsMTk2LDIzODIsMTUzLDIzNDYsMjc3NywxMDUxLDg2NCwxODc4LDQ0MCwxNjg0QAFIAg..&vc=2&said=3WwHniybQIZFzObtPNlipg%3D%3D&auct=1&cxlvs=0&im=1&mc=9b01b63b-533c-47ff-86ff-fe18e8790382&abr=3d19fcde-c3e0-4898-904f-ef59a0650c1e&tail=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
ee287542771d2c48256a925dcc3a7b52c9d2b3b1c65314cb00caabe970f38f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Tue, 05 Dec 2023 22:16:06 GMT
access-control-allow-credentials
true
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-type
text/xml
csi
csi.gstatic.com/ Frame 52FA 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpswgb6o&c=1103434022420&slotId=551717011210&ghmsh_eids=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x77
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:806::2003 Plant City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B30120998.369578998;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text%2Fxml;dc_sdk_apis=2%2C7%2C8;dc_omid_p=Google1%2Fh.3.607.0;gdpr=;gdpr_consent=;dc_mpos=-1;ltd=;...
ad.doubleclick.net/ddm/pfadx/N238002.3485567APEXGUARANTEEDVID/ Frame 52FA 		28 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/pfadx/N238002.3485567APEXGUARANTEEDVID/B30120998.369578998;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text%2Fxml;dc_sdk_apis=2%2C7%2C8;dc_omid_p=Google1%2Fh.3.607.0;gdpr=;gdpr_consent=;dc_mpos=-1;ltd=;vpa=auto;vpmute=1;dc_osd=2;dc_frm=0;vis=1;dc_sdr=1;dc_sdkv=h.3.607.0;dc_sdki=445;dc_eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291;nel=0;unviewed_position_start=1;is_amp=0;hl=en;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;u_so=l;ctv=0;ptt=20;dc_adk=3178834926;sid=4ADE1723-4D05-4E45-8620-82B12E17DF58;a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk;eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291;url=https%3A%2F%2Fwww.catolicoorante.com.br%2F;dt=1701814566098;dc_rfl=0,https%3A%2F%2Fwww.catolicoorante.com.br%2F$0;ord=281796
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
9214cc30b814c26a5f7d13764a3c0dedd5d79ebfe5bedaa9a2371262983e92fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15245
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 52FA 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lpswgb81&c=1103434022420&slotId=551717011210&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:806::2003 Plant City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
choices.trustarc.com/ Frame 52FA 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-22.zrh55.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:20:11 GMT
via
1.1 a9717fb92179a05f5da85fabc586e750.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
248155
x-cache
Hit from cloudfront
content-length
739
pragma
public
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
3dYHO8fu2_oW_rxT3_m3EO8sQav8C0012vFpZVjTJfkZSgDkq2f1Tw==
expires
Tue, 02 Jan 2024 01:20:11 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 52FA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cgu2AJaFvZaONNs_t7gOO15vIAaSjibdc58KD3O0FwI23ARABIABgleKQgqAHggEdY2EtdmlkZW8tcHViLTY4NDY1NTkzNzcxMjY4NzTIAQXgAgCoAwGYBACqBOwCT9APk8byyXEeJXm6QyrJHCR3aIpPKtBPu2eaSQd_ZlDa83YTIFkPhyAcWUznYkkN4e45guW5m-JF71isqRf48GGTmn22dDaPX8i8l8n0IKMMUDWFYLgE0nUHm9ZRFbJUyPmpYTgpAPjSJ_5aytbxFOKvTDPTcJYMNwkES7IEV2EXlQb77cdApWTNxAh2S9eV63ZksYQGSdUeeSSxbkhv_B9apNuzUoSUKTD5lyMsy1fjaTqeQ-D70oF8f95d1jLfAkPOGrIQ5_l1GCJ-Pxdyz4nrfpXojoQAqipeyCCXuiEVMYNV1NossREoCSLuIDxD6KiFsEedbz2ohyS033SKZ0AVlCPGNJGsSU9c_YBZsg-hoTdo8m6szGRWyZghEsd-u_JJOYf8zeGKvU-tZr0zrMERc1RDaEDpzukwNd-zVUQbsDuSAVuzNaa5jetlRo8X9xppK5JIVMFp-sO3G881JBsMiETtajk-wvTHleAEAYAGy4SomtPeoOKvAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj2krClqfmCA_oLAggBgAwB4g0TCILAsKWp-YIDFc-2ewodjusGGdAVAYAXAQ&sigh=HSR5-2RiKAg&label=show_ad&sdkv=h.3.607.0&vci=CkQIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKhQtNTc4MTM1MjAzMTk5Nzc4NzU3M0DAAQpaCAISEmluc2lnaHQuYWRzcnZyLm9yZxoOVGhlIFRyYWRlIERlc2sgAyokMGIzMjk4Y2YtYjQ2Yi00NzQ0LWExNGQtNjRkZDU0ZTVhZTUxMghxeTh0ZjVnbUAtClcIARISYWQuZG91YmxlY2xpY2submV0GgNEQ00gAioJNTYwNDU4Njc5MgkxOTUzOTczNjJAMVIgCPEeEA8lAACgQSgBOgd1bmtub3duQgd1bmtub3duUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 52FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CA_nHJaFvZaONNs_t7gOO15vIAaSjibdc58KD3O0FwI23ARABIABgleKQgqAHggEdY2EtdmlkZW8tcHViLTY4NDY1NTkzNzcxMjY4NzTIAQXgAgCoAwGYBACqBOkCT9APk8byyXEeJXm6QyrJHCR3aIpPKtBPu2eaSQd_ZlDa83YTIFkPhyAcWUznYkkN4e45guW5m-JF71isqRf48GGTmn22dDaPX8i8l8n0IKMMUDWFYLgE0nUHm9ZRFbJUyPmpYTgpAPjSJ_5aytbxFOKvTDPTcJYMNwkES7IEV2EXlQb77cdApWTNxAh2S9eV63ZksYQGSdUeeSSxbkhv_B9apNuzUoSUKTD5lyMsy1fjaTqeQ-D70oF8f95d1jLfAkPOGrIQ5_l1GCJ-Pxdyz4nrfpXojoQAqipeyCCXuiEVMYNV1NossREoCSLuIDxD6KiFsEedbz2ohyS033SKZ0AVlCPGNJGsSU9c_YBZsg-hoTdo8m6szGRWyZghEsd-u_JJOYf8zeGKvU-tZr0zrMERc1RDaEDpzukwNd-zVUQbsDvQA3ohqnFChQ2eEnTbhOWNMYZC_MtH4gJaz7zKyqkSpFxwmNo2JOAEAYAGy4SomtPeoOKvAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj2krClqfmCA4AKA_oLAggBgAwB4g0TCILAsKWp-YIDFc-2ewodjusGGdAVAYAXAbIXHAoaEhRwdWItNjg0NjU1OTM3NzEyNjg3NBisk3M&sigh=oLIEEYqYRy4&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&cid=CAQSPADICaaN_T4YWxg_DiIVeMvT-O-7_r9IoESn5P1CbKuG5rCTE2QNFGimxMpYU366_4ZENqQiOMGNU9ArVhgB&vt=10&sdkv=h.3.607.0&vci=CkQIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKhQtNTc4MTM1MjAzMTk5Nzc4NzU3M0DAAQpaCAISEmluc2lnaHQuYWRzcnZyLm9yZxoOVGhlIFRyYWRlIERlc2sgAyokMGIzMjk4Y2YtYjQ2Yi00NzQ0LWExNGQtNjRkZDU0ZTVhZTUxMghxeTh0ZjVnbUAtClcIARISYWQuZG91YmxlY2xpY2submV0GgNEQ00gAioJNTYwNDU4Njc5MgkxOTUzOTczNjJAMVIgCPEeEA8lAACgQSgBOgd1bmtub3duQgd1bmtub3duUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lpswg8a9&c=1103434022420&slotId=551717011210&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:806::2003 Plant City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r5---sn-4g5lznes.c.2mdn.net/videoplayback/id/c4de64fe53c9cbd5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621061/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/c4de64fe53c9cbd5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621061/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r5---sn-4g5lznes.c.2mdn.net/videoplayback/id/c4de64fe53c9cbd5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621061/sparams/acao,ctier,expire,id,ip,ipbits,itag...
10 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5lznes.c.2mdn.net/videoplayback/id/c4de64fe53c9cbd5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621061/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/10EF4613D56D63C4B3CCB35D95CBF0E34ECEED68.6913E60851AB6F9AFD1845ACDE5E0954CD9A210A/key/cms1/cms_redirect/yes/mh/XP/mip/2a02:6ea0:c71b:0:1012:2834:6614:5e0e/mm/42/mn/sn-4g5lznes/ms/onc/mt/1701814022/mv/u/mvi/5/pl/40/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:10::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 22:16:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 12 Jul 2023 14:43:29 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-10391929/10391930
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
10391930
Expires
Tue, 05 Dec 2023 22:16:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r5---sn-4g5lznes.c.2mdn.net/videoplayback/id/c4de64fe53c9cbd5/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621061/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/10EF4613D56D63C4B3CCB35D95CBF0E34ECEED68.6913E60851AB6F9AFD1845ACDE5E0954CD9A210A/key/cms1/cms_redirect/yes/mh/XP/mip/2a02:6ea0:c71b:0:1012:2834:6614:5e0e/mm/42/mn/sn-4g5lznes/ms/onc/mt/1701814022/mv/u/mvi/5/pl/40/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 52FA 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F21842480936%2Fca-video-pub-6846559377126874-tag%2Fviads%2Fcatolicoorante.com.br&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.catolicoorante.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&lip=true&min_ad_duration=0&max_ad_duration=45000&vrid=1357204&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&adk=3178834926&correlator=561605315952398&ctv=0&dt=1701814566188&ged=ve4_td5_tt3_pd5_la5000_er0.0.243.432_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.607.0&osd=2&ptt=20&scor=3538539875836232&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&hl=en&frm=0&sdki=445&sdkv=h.3.607.0&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22785811991&kfa=0&tfcd=0&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&top=https%3A%2F%2Fwww.catolicoorante.com.br%2F&loc=https%3A%2F%2Fwww.catolicoorante.com.br%2F&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw&fbidx=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 52FA 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lpswgb9h&c=1103434022420&slotId=551717011210&qqid=COOzsaWp-YIDFc-2ewodjusGGQ&gqid=JaFvZaC_NPX0x_APj5eBsA8&fb=ima_html5-lima&sdkv=h.3.607.0&mrd=4&aab=1&itv=1&gpm_i=11&gpm_c=11&gpm_a=11&smb=Infinity&br=3953&mt=video%2Fmp4&vs=1920x1080&ua_e=1&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=37&vsrc=web_video_ads
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:806::2003 Plant City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 52FA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cgu2AJaFvZaONNs_t7gOO15vIAaSjibdc58KD3O0FwI23ARABIABgleKQgqAHggEdY2EtdmlkZW8tcHViLTY4NDY1NTkzNzcxMjY4NzTIAQXgAgCoAwGYBACqBOwCT9APk8byyXEeJXm6QyrJHCR3aIpPKtBPu2eaSQd_ZlDa83YTIFkPhyAcWUznYkkN4e45guW5m-JF71isqRf48GGTmn22dDaPX8i8l8n0IKMMUDWFYLgE0nUHm9ZRFbJUyPmpYTgpAPjSJ_5aytbxFOKvTDPTcJYMNwkES7IEV2EXlQb77cdApWTNxAh2S9eV63ZksYQGSdUeeSSxbkhv_B9apNuzUoSUKTD5lyMsy1fjaTqeQ-D70oF8f95d1jLfAkPOGrIQ5_l1GCJ-Pxdyz4nrfpXojoQAqipeyCCXuiEVMYNV1NossREoCSLuIDxD6KiFsEedbz2ohyS033SKZ0AVlCPGNJGsSU9c_YBZsg-hoTdo8m6szGRWyZghEsd-u_JJOYf8zeGKvU-tZr0zrMERc1RDaEDpzukwNd-zVUQbsDuSAVuzNaa5jetlRo8X9xppK5JIVMFp-sO3G881JBsMiETtajk-wvTHleAEAYAGy4SomtPeoOKvAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj2krClqfmCA_oLAggBgAwB4g0TCILAsKWp-YIDFc-2ewodjusGGdAVAYAXAQ&sigh=HSR5-2RiKAg&label=video_ad_loaded&sdkv=h.3.607.0&vci=CmgIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKhQtNTc4MTM1MjAzMTk5Nzc4NzU3M0DAAVoiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbwpaCAISEmluc2lnaHQuYWRzcnZyLm9yZxoOVGhlIFRyYWRlIERlc2sgAyokMGIzMjk4Y2YtYjQ2Yi00NzQ0LWExNGQtNjRkZDU0ZTVhZTUxMghxeTh0ZjVnbUAtClcIARISYWQuZG91YmxlY2xpY2submV0GgNEQ00gAioJNTYwNDU4Njc5MgkxOTUzOTczNjJAMVIgCPEeEA8lAACgQSgBOgd1bmtub3duQgd1bmtub3duUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 52FA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171797
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Dec 2024 22:32:49 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 52FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CA_nHJaFvZaONNs_t7gOO15vIAaSjibdc58KD3O0FwI23ARABIABgleKQgqAHggEdY2EtdmlkZW8tcHViLTY4NDY1NTkzNzcxMjY4NzTIAQXgAgCoAwGYBACqBOkCT9APk8byyXEeJXm6QyrJHCR3aIpPKtBPu2eaSQd_ZlDa83YTIFkPhyAcWUznYkkN4e45guW5m-JF71isqRf48GGTmn22dDaPX8i8l8n0IKMMUDWFYLgE0nUHm9ZRFbJUyPmpYTgpAPjSJ_5aytbxFOKvTDPTcJYMNwkES7IEV2EXlQb77cdApWTNxAh2S9eV63ZksYQGSdUeeSSxbkhv_B9apNuzUoSUKTD5lyMsy1fjaTqeQ-D70oF8f95d1jLfAkPOGrIQ5_l1GCJ-Pxdyz4nrfpXojoQAqipeyCCXuiEVMYNV1NossREoCSLuIDxD6KiFsEedbz2ohyS033SKZ0AVlCPGNJGsSU9c_YBZsg-hoTdo8m6szGRWyZghEsd-u_JJOYf8zeGKvU-tZr0zrMERc1RDaEDpzukwNd-zVUQbsDvQA3ohqnFChQ2eEnTbhOWNMYZC_MtH4gJaz7zKyqkSpFxwmNo2JOAEAYAGy4SomtPeoOKvAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj2krClqfmCA4AKA_oLAggBgAwB4g0TCILAsKWp-YIDFc-2ewodjusGGdAVAYAXAbIXHAoaEhRwdWItNjg0NjU1OTM3NzEyNjg3NBisk3M&sigh=oLIEEYqYRy4&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&cid=CAQSPADICaaN_T4YWxg_DiIVeMvT-O-7_r9IoESn5P1CbKuG5rCTE2QNFGimxMpYU366_4ZENqQiOMGNU9ArVhgB&sdkv=h.3.607.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
google
de2-bid.adsrvr.org/bid/feedback/ Frame 52FA 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de2-bid.adsrvr.org/bid/feedback/google?t=1&iid=0b3298cf-b46b-4744-a14d-64dd54e5ae51&crid=qy8tf5gm&wp=ZW-hJQANhqMKe7bPAAbrjpMF8O8ZfrxbzqAVIw&aid=1&wpc=USD&sfe=17a72125&puid=CAESEOXtlIMYsKYYhyp3XXAU3Ak&tdid=&pid=bjvqtx2&ag=um4l7c6&adv=z4d7gvf&sig=1DDecve360DB9B-d_DKE5HmhHILTwAVbRwthOzaHQhwM.&bp=0.650102770412956&cf=5813616&fq=0&td_s=www.catolicoorante.com.br&rcats=&mste=&mfld=2&mssi=&mfsi=&uhow=71&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=en&svpid=pub-6846559377126874&did=&rcxt=Other&lat=50.110000&lon=8.680000&tmpc=3.57000000000005&daid=&vp=0&osi=&osv=&bx=70&bffi=41&vpb=PreRoll&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW4wAzgCSABQAYABAIgBApABAbABALoBBAgEGALAAcKfA8kBNDMzMzMDR0DQAcKfA9gCtBDgAqwC6AIt8AIA-AIBgAMBiAMCkAMAmAMA&dur=CjsKImNoYXJnZS1hbGxJbnRlZ3JhbFZpZGVvQnJhbmRTYWZldHkiFQjm__________8BEghpbnRlZ3JhbAo7CiJjaGFyZ2UtYWxsSW50ZWdyYWxWaWRlb1BhZ2VRdWFsaXR5IhUI5f__________ARIIaW50ZWdyYWwKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucw..&durs=YhkTUj&crrelr=&fpa=615&pcm=3&grdc=CAEYASABKAFAAUgC&vc=2&said=3WwHniybQIZFzObtPNlipg%3D%3D&auct=1&cxlvs=0&im=1&mc=9b01b63b-533c-47ff-86ff-fe18e8790382&abr=00000000-0000-0000-0000-000000000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.197.133.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4b61a47cf5978487.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:05 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 52FA 		44 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn516114&cr=creative&ce=TTD&c13=asid,PB2FC349E-3FB8-479E-801C-1D8A735330DA&pc=um4l7c6_www.catolicoorante.com.br&c9=devid,&uoo=0&ci=nlsnci1614&am=4&at=view&rt=banner&st=image&gdpr=&gdpr_consent=&r=514678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
j12GTc7HccdVpXVcJkaEAOSNij3u-b9uGW4C0lOjL0bYdMBHgvatHQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 52FA 		0
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssThj0t_JlNon6wPaY2XJ-h0yBKaolYUS_-hlFYD4dI9RrwsEivtdoPSr9MPZYoc2zPeaqpC8KZNSw3U-mVx9psMchGz75zWT3E6MUTdyEbRIKsIr-JaUb4end_i1aN-Mzne3WpydIGPie2tU3AcGGpEWag80NVfwW8UUFIM-lyyHUYkj9X5MEF2Q&sai=AMfl-YR8-Q6BbyMMC_nRYjbUbn7Zgoc7eXCl3V3LLcX6uZAdkPNOnQrSA3gN9Z1FenhObYdV7MwpbMtzG1UC9isF-VBtVAkNKkxWbk55jA&sig=Cg0ArKJSzNdUwZL3lBPWEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&sdkv=h.3.607.0&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame 52FA
Redirect Chain
  • https://red.vtracy.de/img.tr?tr_adid=k30120998_s8521416_p369578998_c195397362&tr_mid=0&tr_sync=true&tr_uid1=DC&gdpr_consent=&gdpr=&t=3679364308
  • https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50&adid=k30120998_s8521416_p369578998_c195397362&tr_aa=true&tr_ttd=true&tr_run=false&tr...
  • https://red.vtracy.de/tr_cm?v3=vi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50&adid=k30120998_s8521416_p369578998_c195397362&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1701814566579&tamg...
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fred.vtracy.de%2Ftr_aa%3Fv3%3Dvi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50%26adid%3Dk30120998_s8521416_p369578998_c195397362%26userId%3D%25%...
  • https://red.vtracy.de/tr_aa?v3=vi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50&adid=k30120998_s8521416_p369578998_c195397362&userId=7309237904841635984&tr_timestamp=1701814566626&tr_run=false&tr_ttd=true&t...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50&gdpr=&gdpr_consent=&request_uid=ZW-hJvg4O1yMuCqxkNJwbgAAAIk
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50&gdpr=&gdpr_consent=&request_uid=ZW-hJvg4O1yMuCqxkNJwbgAAAIk
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Date
Tue, 05 Dec 2023 22:16:06 GMT
Server
Apache
Vary
negotiate
Content-Type
text/html; charset=UTF-8
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50&gdpr=&gdpr_consent=&request_uid=ZW-hJvg4O1yMuCqxkNJwbgAAAIk
TCN
choice
Connection
keep-alive
Content-Location
tr_aa.tr
Content-Length
0
/
insight.adsrvr.org/enduser/video/ Frame 52FA 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=creativeView&imp=0b3298cf-b46b-4744-a14d-64dd54e5ae51&ag=um4l7c6&crid=qy8tf5gm&cf=5813616&fq=0&t=1&td_s=www.catolicoorante.com.br&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=71&agsa=&wp=ZW-hJQANhqMKe7bPAAbrjpMF8O8ZfrxbzqAVIw&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-6846559377126874&rlangs=en&mlang=en&did=&rcxt=Other&tmpc=3.57000000000005&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW4wAzgCSABQAYABAIgBApABAbABALoBBAgEGALAAcKfA8kBNDMzMzMDR0DQAcKfA9gCtBDgAqwC6AIt8AIA-AIBgAMBiAMCkAMAmAMA&dur=CjsKImNoYXJnZS1hbGxJbnRlZ3JhbFZpZGVvQnJhbmRTYWZldHkiFQjm__________8BEghpbnRlZ3JhbAo7CiJjaGFyZ2UtYWxsSW50ZWdyYWxWaWRlb1BhZ2VRdWFsaXR5IhUI5f__________ARIIaW50ZWdyYWwKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucw..&durs=YhkTUj&crrelr=&npt=&fpa=615&pcm=3&said=3WwHniybQIZFzObtPNlipg%3D%3D&auct=1&cxlvs=0&grdc=CAEYASABKAFAAUgC&sfe=17a72126&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
server
Kestrel
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 52FA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cgu2AJaFvZaONNs_t7gOO15vIAaSjibdc58KD3O0FwI23ARABIABgleKQgqAHggEdY2EtdmlkZW8tcHViLTY4NDY1NTkzNzcxMjY4NzTIAQXgAgCoAwGYBACqBOwCT9APk8byyXEeJXm6QyrJHCR3aIpPKtBPu2eaSQd_ZlDa83YTIFkPhyAcWUznYkkN4e45guW5m-JF71isqRf48GGTmn22dDaPX8i8l8n0IKMMUDWFYLgE0nUHm9ZRFbJUyPmpYTgpAPjSJ_5aytbxFOKvTDPTcJYMNwkES7IEV2EXlQb77cdApWTNxAh2S9eV63ZksYQGSdUeeSSxbkhv_B9apNuzUoSUKTD5lyMsy1fjaTqeQ-D70oF8f95d1jLfAkPOGrIQ5_l1GCJ-Pxdyz4nrfpXojoQAqipeyCCXuiEVMYNV1NossREoCSLuIDxD6KiFsEedbz2ohyS033SKZ0AVlCPGNJGsSU9c_YBZsg-hoTdo8m6szGRWyZghEsd-u_JJOYf8zeGKvU-tZr0zrMERc1RDaEDpzukwNd-zVUQbsDuSAVuzNaa5jetlRo8X9xppK5JIVMFp-sO3G881JBsMiETtajk-wvTHleAEAYAGy4SomtPeoOKvAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj2krClqfmCA_oLAggBgAwB4g0TCILAsKWp-YIDFc-2ewodjusGGdAVAYAXAQ&sigh=HSR5-2RiKAg&label=vast_creativeview&ad_mt=0&sdkv=h.3.607.0&vci=CmgIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKhQtNTc4MTM1MjAzMTk5Nzc4NzU3M0DAAVoiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbwpaCAISEmluc2lnaHQuYWRzcnZyLm9yZxoOVGhlIFRyYWRlIERlc2sgAyokMGIzMjk4Y2YtYjQ2Yi00NzQ0LWExNGQtNjRkZDU0ZTVhZTUxMghxeTh0ZjVnbUAtCloIARISYWQuZG91YmxlY2xpY2submV0GgNEQ00gAioJNTYwNDU4Njc5MgkxOTUzOTczNjJAMVIjCPEeEA8lAACgQSgBOgd1bmtub3duQgd1bmtub3duSMYCUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 52FA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMMHD-7XZTbnqERAY0uoOI9shGBR7BVT1XD8RW7LYqc6EiolIVcsP8MK1JjW806ZR8v61nfbUbeAOspER_GpoePNw3RQk0AJWt-hTo4aqrCStcb9Fz5D2ME9ls&sig=Cg0ArKJSzHtmuJim4XW8EAE&id=lidarv&acvw=sv%3D959%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D0,0,243,432%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26ic%3D33554706%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%3D200104%26femt%3D419%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D469954517%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnk%3D1701814562290%26ptlt%3D1701814566490%26pngs%3D9,14,200104c,15%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1701814566161&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI5Zm_pan5ggMVu_oRCB34LQToEAAYACDyjZZd;dc_eps=AHas8cC9kcO-JqxbcJH9wyfUPrBJru69z_FMOz3wGcPYE2O9guhssXNXYchRNgZwcZF1OFDRhKN8uNA;met=1;acvw=sv%3D959%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%...
ade.googlesyndication.com/ddm/activity/ Frame 52FA 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5Zm_pan5ggMVu_oRCB34LQToEAAYACDyjZZd;dc_eps=AHas8cC9kcO-JqxbcJH9wyfUPrBJru69z_FMOz3wGcPYE2O9guhssXNXYchRNgZwcZF1OFDRhKN8uNA;met=1;acvw=sv%3D959%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D0,0,243,432%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26i0%3D33554707%26ic%3D0%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%3D200104%26femt%3D419%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D469954517%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnk%3D1701814562290%26ptlt%3D1701814566492%26pngs%3D9,14,200104c,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1701814566161;dc_rfl=0,https%253A%252F%252Fwww.catolicoorante.com.br%252F%240;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame 52FA 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=start&imp=0b3298cf-b46b-4744-a14d-64dd54e5ae51&ag=um4l7c6&crid=qy8tf5gm&cf=5813616&fq=0&t=1&td_s=www.catolicoorante.com.br&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=71&agsa=&wp=ZW-hJQANhqMKe7bPAAbrjpMF8O8ZfrxbzqAVIw&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-6846559377126874&rlangs=en&mlang=en&did=&rcxt=Other&tmpc=3.57000000000005&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW4wAzgCSABQAYABAIgBApABAbABALoBBAgEGALAAcKfA8kBNDMzMzMDR0DQAcKfA9gCtBDgAqwC6AIt8AIA-AIBgAMBiAMCkAMAmAMA&dur=CjsKImNoYXJnZS1hbGxJbnRlZ3JhbFZpZGVvQnJhbmRTYWZldHkiFQjm__________8BEghpbnRlZ3JhbAo7CiJjaGFyZ2UtYWxsSW50ZWdyYWxWaWRlb1BhZ2VRdWFsaXR5IhUI5f__________ARIIaW50ZWdyYWwKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucw..&durs=YhkTUj&crrelr=&npt=&fpa=615&pcm=3&said=3WwHniybQIZFzObtPNlipg%3D%3D&auct=1&cxlvs=0&grdc=CAEYASABKAFAAUgC&sfe=17a72126&vp=0&ast=https%3A%2F%2Fgcdn.2mdn.net%2Fvideoplayback%2Fid%2Fc4de64fe53c9cbd5%2Fitag%2F37%2Fsource%2Fweb_video_ads%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F3833621061%2Fsparams%2Fid,itag,source,ctier,acao,ip,ipbits,expire%2Fsignature%2F94FFB1BCBA547C57446288BE32EDAA26CA33E4B7.70D427F4D3B240DF93117ABB1CA750D0F55163C8%2Fkey%2Fck2%2Ffile%2Ffile.mp4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
server
Kestrel
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 52FA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cgu2AJaFvZaONNs_t7gOO15vIAaSjibdc58KD3O0FwI23ARABIABgleKQgqAHggEdY2EtdmlkZW8tcHViLTY4NDY1NTkzNzcxMjY4NzTIAQXgAgCoAwGYBACqBOwCT9APk8byyXEeJXm6QyrJHCR3aIpPKtBPu2eaSQd_ZlDa83YTIFkPhyAcWUznYkkN4e45guW5m-JF71isqRf48GGTmn22dDaPX8i8l8n0IKMMUDWFYLgE0nUHm9ZRFbJUyPmpYTgpAPjSJ_5aytbxFOKvTDPTcJYMNwkES7IEV2EXlQb77cdApWTNxAh2S9eV63ZksYQGSdUeeSSxbkhv_B9apNuzUoSUKTD5lyMsy1fjaTqeQ-D70oF8f95d1jLfAkPOGrIQ5_l1GCJ-Pxdyz4nrfpXojoQAqipeyCCXuiEVMYNV1NossREoCSLuIDxD6KiFsEedbz2ohyS033SKZ0AVlCPGNJGsSU9c_YBZsg-hoTdo8m6szGRWyZghEsd-u_JJOYf8zeGKvU-tZr0zrMERc1RDaEDpzukwNd-zVUQbsDuSAVuzNaa5jetlRo8X9xppK5JIVMFp-sO3G881JBsMiETtajk-wvTHleAEAYAGy4SomtPeoOKvAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj2krClqfmCA_oLAggBgAwB4g0TCILAsKWp-YIDFc-2ewodjusGGdAVAYAXAQ&sigh=HSR5-2RiKAg&label=part2viewed&ad_mt=0&sdkv=h.3.607.0&vci=CmgIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKhQtNTc4MTM1MjAzMTk5Nzc4NzU3M0DAAVoiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbwpaCAISEmluc2lnaHQuYWRzcnZyLm9yZxoOVGhlIFRyYWRlIERlc2sgAyokMGIzMjk4Y2YtYjQ2Yi00NzQ0LWExNGQtNjRkZDU0ZTVhZTUxMghxeTh0ZjVnbUAtCloIARISYWQuZG91YmxlY2xpY2submV0GgNEQ00gAioJNTYwNDU4Njc5MgkxOTUzOTczNjJAMVIjCPEeEA8lAACgQSgBOgd1bmtub3duQgd1bmtub3duSMYCUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI5Zm_pan5ggMVu_oRCB34LQToEAAYACDyjZZd;dc_eps=AHas8cC9kcO-JqxbcJH9wyfUPrBJru69z_FMOz3wGcPYE2O9guhssXNXYchRNgZwcZF1OFDRhKN8uNA;met=1;acvw=sv%3D959%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p...
ade.googlesyndication.com/ddm/activity/ Frame 52FA 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5Zm_pan5ggMVu_oRCB34LQToEAAYACDyjZZd;dc_eps=AHas8cC9kcO-JqxbcJH9wyfUPrBJru69z_FMOz3wGcPYE2O9guhssXNXYchRNgZwcZF1OFDRhKN8uNA;met=1;acvw=sv%3D959%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D0,0,243,432%26tos%3D9,0,0,0,0%26mtos%3D9,9,9,9,9%26amtos%3D0,0,0,0,0%26mcvt%3D9%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D9%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D9%26dfvs%3D9%26dvpt%3D9%26is%3D33554707%26i0%3D33554707%26ic%3D4096%26cs%3D33558802%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%3D200104%26femt%3D419%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D469954517%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnk%3D1701814562290%26ptlt%3D1701814566494%26pngs%3D9,14,200104c,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,9;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1701814566161;ecn1=1;etm1=0;eid1=16;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame 52FA 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=mute&imp=0b3298cf-b46b-4744-a14d-64dd54e5ae51&ag=um4l7c6&crid=qy8tf5gm&cf=5813616&fq=0&t=1&td_s=www.catolicoorante.com.br&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=71&agsa=&wp=ZW-hJQANhqMKe7bPAAbrjpMF8O8ZfrxbzqAVIw&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-6846559377126874&rlangs=en&mlang=en&did=&rcxt=Other&tmpc=3.57000000000005&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW4wAzgCSABQAYABAIgBApABAbABALoBBAgEGALAAcKfA8kBNDMzMzMDR0DQAcKfA9gCtBDgAqwC6AIt8AIA-AIBgAMBiAMCkAMAmAMA&dur=CjsKImNoYXJnZS1hbGxJbnRlZ3JhbFZpZGVvQnJhbmRTYWZldHkiFQjm__________8BEghpbnRlZ3JhbAo7CiJjaGFyZ2UtYWxsSW50ZWdyYWxWaWRlb1BhZ2VRdWFsaXR5IhUI5f__________ARIIaW50ZWdyYWwKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucw..&durs=YhkTUj&crrelr=&npt=&fpa=615&pcm=3&said=3WwHniybQIZFzObtPNlipg%3D%3D&auct=1&cxlvs=0&grdc=CAEYASABKAFAAUgC&sfe=17a72126&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
server
Kestrel
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 52FA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cgu2AJaFvZaONNs_t7gOO15vIAaSjibdc58KD3O0FwI23ARABIABgleKQgqAHggEdY2EtdmlkZW8tcHViLTY4NDY1NTkzNzcxMjY4NzTIAQXgAgCoAwGYBACqBOwCT9APk8byyXEeJXm6QyrJHCR3aIpPKtBPu2eaSQd_ZlDa83YTIFkPhyAcWUznYkkN4e45guW5m-JF71isqRf48GGTmn22dDaPX8i8l8n0IKMMUDWFYLgE0nUHm9ZRFbJUyPmpYTgpAPjSJ_5aytbxFOKvTDPTcJYMNwkES7IEV2EXlQb77cdApWTNxAh2S9eV63ZksYQGSdUeeSSxbkhv_B9apNuzUoSUKTD5lyMsy1fjaTqeQ-D70oF8f95d1jLfAkPOGrIQ5_l1GCJ-Pxdyz4nrfpXojoQAqipeyCCXuiEVMYNV1NossREoCSLuIDxD6KiFsEedbz2ohyS033SKZ0AVlCPGNJGsSU9c_YBZsg-hoTdo8m6szGRWyZghEsd-u_JJOYf8zeGKvU-tZr0zrMERc1RDaEDpzukwNd-zVUQbsDuSAVuzNaa5jetlRo8X9xppK5JIVMFp-sO3G881JBsMiETtajk-wvTHleAEAYAGy4SomtPeoOKvAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj2krClqfmCA_oLAggBgAwB4g0TCILAsKWp-YIDFc-2ewodjusGGdAVAYAXAQ&sigh=HSR5-2RiKAg&label=admute&ad_mt=0&sdkv=h.3.607.0&vci=CmgIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKhQtNTc4MTM1MjAzMTk5Nzc4NzU3M0DAAVoiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbwpaCAISEmluc2lnaHQuYWRzcnZyLm9yZxoOVGhlIFRyYWRlIERlc2sgAyokMGIzMjk4Y2YtYjQ2Yi00NzQ0LWExNGQtNjRkZDU0ZTVhZTUxMghxeTh0ZjVnbUAtCloIARISYWQuZG91YmxlY2xpY2submV0GgNEQ00gAioJNTYwNDU4Njc5MgkxOTUzOTczNjJAMVIjCPEeEA8lAACgQSgBOgd1bmtub3duQgd1bmtub3duSMYCUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
player
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/player?sid=104541&tid=33724&event=rtb&event2=impression&cb=1701814566500&v=20&vis=99&run=1&pos=8&imp=1&t_dsp_request=814&t_player_start=4391&t_page_load=6601
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
hls.light.min.js
cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.8/ 		249 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.8/hls.light.min.js
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1afb0b79686cdb9f92bb2da36ae6b9ab8b9134a4ad0aa749f42d0b46acbc134
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
671762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
64250
last-modified
Tue, 29 Nov 2022 11:30:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6385ed67-fafa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9KzKLx%2FqKiymrJB2UhTW2f0PmqgKczepPS7LdOsexMva1LVolMmPQhHtytf3lHXHvzmEp4qphpK3lpCH4L971w1%2BGMTq6GKfyQEoXfUn8cV6hoAypMcw8afr8tSAgVjJSJrBD0h2%2BQT5YjAEsR0mlGz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
830fa6d0fc691db0-FRA
expires
Sun, 24 Nov 2024 22:16:06 GMT
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		494 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c3c917f4f2fec833b3b61e610a5ef7bc6ea420a3e35a165bca1c1d2cf61e30d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
player
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/player?sid=104541&tid=33724&event=rtb&event2=start&cb=1701814566509&v=20&t_dsp_request=823&t_player_start=4400&t_page_load=6610
Requested by
Host: cdn2.viads.net
URL: https://cdn2.viads.net/1.0.7/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 9005 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55704
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 06:47:42 GMT
expires
Wed, 04 Dec 2024 06:47:42 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9005 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:11:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
25461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 15:11:45 GMT
async_usersync
ib.adnxs.com/ Frame 4356 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
an-x-request-uuid
8661a4ef-397d-4415-a516-f053b9edceff
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.133; 138.199.38.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
19_ENG.m3u8
hhkld.com/vi/ 		566 B
1008 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/vi/19_ENG.m3u8
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.8/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
6c78ecbeb616994fe99378f6f1399a53b5e439090176e6bc4dc7623f3566f5b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
last-modified
Sun, 26 Jun 2022 07:47:47 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000, public, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
566
expires
Thu, 31 Dec 2037 23:55:55 GMT
19_ENG0.ts
hhkld.com/vi/ 		503 KB
504 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/vi/19_ENG0.ts
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.8/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
6787c997fd3be922e3a09fea77ecd244b9f9f381a953cc4bb3ea738045906eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 22:16:06 GMT
last-modified
Sun, 26 Jun 2022 07:47:49 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/mp2t
access-control-allow-origin
https://www.catolicoorante.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000, public, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
515308
expires
Thu, 31 Dec 2037 23:55:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9005 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.607.0&bgai=B2PteJqFvZeXuBrv1x_AP-NuQwA4AAAAAOAHgBAI&bg=!u7iluPfNAAY3kmNgF5I7ADQBe5WfOCV4-oFJbEn65fgRZGf-__pIqCt-lz-ogtNCU59yXnYBhk7tNTx3ovs_svl6MSNlAgAAAFVSAAAAAmgBB5kC6wlPR8Zax7omAs373TIuWVn9RMCCGkAotCyOBTT51Qz8Cz2JA3WjBGOit9wELZB8Bwgx8HZO1lQNFac_cPTYYd65A2FI9xvhSjQJKAenhS0BqJi06vZ4SX-j1Ko0Ipre0sWps3sX9e5c9FLggv2ul5Hs7kXVoz94To2pb35Khch2_-Mcf6CuIEhPRsYMmudwFlCF79W9WDiXKr7hzBryd8XgNrGTUt6PCTA4aUS2eZO_g6jL8V6jyQJvanUCBHeaGf0AGENslNKugyOh9_V85rs7S3wDiK5ig1avW0eWKdoU5bNPubT0Z_3-hF1CZuPcJaN7YwHMbs8WD4016pfaMFfjy5kohSDIPOh4uKgJm3phs8UCtOKVszojY_ujzb55zrvEcGrvrG4zOioOmgjU4aEBqHGt3AGCdIS0XqCwNyN0y7s7w9xkToicHY8PksWKJJjFb42tq3Gv5J4KKoDi0-RHnxEfKTO04iRfVgBnTkwPPv-ykZ8NfOEFSUla9xhqjISq3epNA2mGh5nhkXWejU7K3e_uOYk6M2ShwIXTq6zdyGMz4eNDs2qcyrbdTVjCOF2j0WI6sT5vGQwRRjYcigklp31LBjt9po5CyZma6R9VGJmCeEvpOprcIhmnyfzPGs1UjDuQ2U4_IM7iMMKHMJPqj0QN6ihHp52e_XhrrAwbeSxvMqWz-ZL3mczSt0kk-nydC0B-_5S80r5-YY2pkOG_eiwDSTbzyQkrRZ3jZ3-wLtfBZAFqZwBb6pSddK-zY8fW9XoAq3ZAD_gZUI_JkpGSKfSjDZzdhRyxeePLnAEnb89OIaa7gxb9vDpkwgLEZyvuFaQ-Se2DPH-Bs7HSl81RGCHhuAH1qO2pzku8gaQDpVnampWBFhps4am96eUpbjoqNq31L_-bBl_V3yQgkaczOJCwRC28rKUOCCnLSz31--Cq7Wm2Mxao4sCE3rTa5EA_wZKcAgEo3I9pYhH6m8sjkzhkqXerDUTJCQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TG9EP7WBY1&gtm=45je3bt0v894290888&_p=1701814561604&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1968407445.1701814562&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701814561&sct=1&seg=0&dl=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=Cat%C3%B3lico%20Orante&en=scroll&epn.percent_scrolled=90&_et=3&tfd=6792
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TG9EP7WBY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.catolicoorante.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.catolicoorante.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c6aaf612-9303-4446-8c0b-172864f7af19
https://www.catolicoorante.com.br/ 		84 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.catolicoorante.com.br/c6aaf612-9303-4446-8c0b-172864f7af19
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3e08d50474bccb1997f8f319aaf608fc763e678bbed630209852b0289704cd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
85596
Content-Type
text/javascript
cap
choices-or.trustarc.com/ Frame 52FA 		43 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://choices-or.trustarc.com/cap?pid=tradedesk01&aid=tradedesk01&cid=t83ycn6_um4l7c6_qy8tf5gm&w=640&h=480
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.166.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-166-60.compute-1.amazonaws.com
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:07 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 05 Dec 2023 22:16:06 GMT
csi
csi.gstatic.com/ Frame 52FA 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lpswgbef&c=1103434022420&slotId=551717011210&qqid=COOzsaWp-YIDFc-2ewodjusGGQ&gqid=JaFvZaC_NPX0x_APj5eBsA8&fb=ima_html5-lima&sdkv=h.3.607.0&mrd=4&aab=1&itv=1&gpm_i=11&gpm_c=11&gpm_a=11&smb=Infinity&br=3953&mt=video%2Fmp4&vs=1920x1080&met.4=ff.lpswgbj0&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:806::2003 Plant City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 52FA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMMHD-7XZTbnqERAY0uoOI9shGBR7BVT1XD8RW7LYqc6EiolIVcsP8MK1JjW806ZR8v61nfbUbeAOspER_GpoePNw3RQk0AJWt-hTo4aqrCStcb9Fz5D2ME9ls&sig=Cg0ArKJSzHtmuJim4XW8EAE&id=lidarv&acvw=sv%3D959%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D833,1168,1076,1600%26tos%3D2013,0,0,0,0%26mtos%3D2013,2013,2013,2013,2013%26amtos%3D0,0,0,0,0%26mcvt%3D2013%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2013%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D611%26pst%3D410%26dur%3D20010%26vmtime%3D1792%26dtos%3D2013%26dtoss%3D1%26dvs%3D2004%26dfvs%3D2004%26dvpt%3D2004%26is%3D33554707%26i0%3D33554707%26ic%3D16777217%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%3D200104%26femt%3D419%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D469954517%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnk%3D1701814562290%26ptlt%3D1701814568498%26pngs%3D9,14,200104c,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2013&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1701814566161
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 22:16:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpswg8jz&c=1103434022420&slotId=551717011210&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpswg8v2&c=1103434022420&slotId=551717011210&uet=2&ghmsh_eids=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpswg8x2&c=1103434022420&slotId=551717011210&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpswg98g&c=1103434022420&slotId=551717011210&uet=2&ghmsh_eids=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpswg9f6&c=1103434022420&slotId=551717011210&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpswg9m1&c=1103434022420&slotId=551717011210&uet=2&ghmsh_eids=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpswg9of&c=1103434022420&slotId=551717011210&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpswg9yl&c=1103434022420&slotId=551717011210&uet=2&ghmsh_eids=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpswgad7&c=1103434022420&slotId=551717011210&uet=2&ghmsh_eids=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C61783164%2Fca-video-pub-4090704406626496-tag%2Fviads.catolicoorante.com.br&description_url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=3454518324166108&&_timestamp=1701814565160&vpa=auto&vpmute=1&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=91851430&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&nel=0&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=1701814565628&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw&scor=1277428785872075&ged=ve4_td5_tt3_pd5_la5000_er0.0.156.300_vi0.0.1200.1600_vp100_ts1_eb24171
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C61783164%2Fca-video-pub-4090704406626496-tag%2Fviads.catolicoorante.com.br&description_url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=3454518324166108&&_timestamp=1701814565160&vpa=auto&vpmute=1&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=91851430&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&nel=0&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=1701814565628&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw&scor=1277428785872075&ged=ve4_td5_tt3_pd5_la5000_er0.0.156.300_vi0.0.1200.1600_vp100_ts1_eb24171

Verdicts & Comments Add Verdict or Comment

344 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| documentPictureInPicture function| $ function| jQuery object| jQuery111103588243714775321 string| rightmenu function| FonteMais function| FonteMenos function| Noite function| Dia undefined| fixLinks function| gtag object| dataLayer function| inView object| googletag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue object| xplay_by_sid object| xplay_tags number| xplay_sid string| xplay_target string| xplay_mode string| xplay_baseURL boolean| xplay_loaded undefined| google_measure_js_timing object| google_reactive_ads_global_state object| pbjs function| findCMP function| _defineProperty object| stpdChunk object| stpd function| stpdPassback object| stpdSource object| ADAGIO string| clientContinent object| __stpdTags object| apstag object| aax function| stpdLog object| __uid2SecureSignalProvider object| __uid2 object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| _33across function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _aps boolean| apstagLOADED object| apscustom string| xplay_debug object| xplay_oninit object| adplay_oninit object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| ha object| cnvr_launcher_options object| sas object| apntag object| _ADAGIO function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_218054 object| conversant number| google_unique_id object| closure_lm_115392 object| au object| publink_options object| coreid object| GoogleGcLKhOms object| criteo_pubtag_prebid_132 object| Criteo_prebid_132 object| google_image_requests object| ONFOCUS function| Hls

45 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARDUFgoJCP____8HEN4W
i6.liadm.com/s Name: _li_ss
Value: CgA
.hhkld.com/ Name: uid
Value: jV7KsGVvoSGLm46tVGM0Ag==
.catolicoorante.com.br/ Name: _ga
Value: GA1.1.1968407445.1701814562
.catolicoorante.com.br/ Name: _ga_TG9EP7WBY1
Value: GS1.1.1701814561.1.0.1701814561.0.0.0
www.catolicoorante.com.br/ Name: stpdOrigin
Value: {"origin":"direct"}
www.catolicoorante.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.catolicoorante.com.br/ Name: lotame_domain_check
Value: catolicoorante.com.br
.criteo.com/ Name: uid
Value: f2bf72e7-a33a-4987-844b-c5d7e61139a1
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: i
Value: 25ddd728-ff8e-4828-83d2-66c67333d843|1701814561
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.prebid.a-mo.net/ Name: __amc
Value: 1_1701814561_1701814561
.rubiconproject.com/ Name: khaos
Value: LPSWG836-1G-CQZH
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpyDHixpn+BsyZ1/CU4Rny1jTEn3QdSlZ/mai1Ax0UWKD/X2fy2e8d7ez96E78Jy8v06OJz/9gcylQEN8nEbxwgSBx2P3in8zOF5D3Y0xwtXyKPLRELhl3xIo8tEQuGXfGma+WVcS1g3g==
.catolicoorante.com.br/ Name: cto_bundle
Value: ojlTJl9zakJWejRuczV3dWRyeFJkN3hFc2M0TGdHdjN6Z1RQbnRzNHpHVW1wbktIUWElMkZZdmxqaEplRm00eXIzVDU4N0tBMW1xSWMxZGVvRVBQMXluMlVlRFhCcXExQkNtR3EzOUg4bFA2YkRRcTdJS2hkd0lSdHZBaUxGTndWbVR0ekRGRVB1NDE1UGFmWGZCSEdaJTJCQWRzdjYlMkY2QkhVYWtLZnZMaDExMSUyQm9IRFNaSSUzRA
.catolicoorante.com.br/ Name: __gads
Value: ID=ab9a00eb087079d3:T=1701814562:RT=1701814562:S=ALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g
.catolicoorante.com.br/ Name: __gpi
Value: UID=00000d0b47e790bd:T=1701814562:RT=1701814562:S=ALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw
.doubleclick.net/ Name: IDE
Value: AHWqTUnXWIvGp5_yUhArBg4gIn-0C4PNOSvD_gwK7QR8knOnXRbQFW52vK2NzvKVIns
.adnxs.com/ Name: uuid2
Value: 253114877533919528
.casalemedia.com/ Name: CMID
Value: ZW.hI9rtvCrs9QKlZ6LNogAA
.casalemedia.com/ Name: CMPS
Value: 3181
.casalemedia.com/ Name: CMPRO
Value: 3181
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?%orT(N!@wnfH8K6pQK`!5=E<*L5?%Lx]2y-ukBkM)1HoIb0to*JjaJ/n?12ukMF5%L*bpRz*qF1`*b`AP*4M:H
.doubleclick.net/ Name: APC
Value: AfxxVi48lgCI3LHnA0kl06WJLk5CSlGISejatUbRuLfC5MktkECXYA
.doubleclick.net/ Name: ar_debug
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 5bd4f4a26425cc09
.awin1.com/ Name: AWSESS
Value: 357526:3266505
.awin1.com/ Name: awpv11601
Value: 113440|1701814564|e1578200-93bb-11ee-a3ae-223050cf75aa
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1701814564453,"clickCookie":false}}
.adtelligent.com/ Name: vmuid
Value: 30125d47f89de344
.adtelligent.com/ Name: a754412
Value: 0000EEA
.ads.stickyadstv.com/ Name: UID
Value: 3c27ec4059b654d7d6e5ff343ceaf7
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZW-hI9rtvCrs9QKlZ6LNogAADG0AAAIB
.yahoo.com/ Name: A3
Value: d=AQABBCWhb2UCEBF9oqWJM_YSO4cw6ibKaRgFEgEBAQHycGV5ZQAAAAAA_eMAAA&S=AQAAAgEE34ev3QZaP7yN1PoXt5s
.liadm.com/ Name: lidid
Value: 952aca83-cf3d-448a-872a-67514a679cb2
.amazon-adsystem.com/ Name: ad-id
Value: A6VWOrqGAEz9tqPNF59xlpA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adsrvr.org/ Name: TDID
Value: d25ccf19-80ff-4bdf-a7e5-56719609ca27
.adsrvr.org/ Name: TDCPM
Value: CAEYBTgBQgQiAggB
.vtracy.de/ Name: tr_id
Value: vi-4cc69cdf-bacd-4191-9290-8cbab5ac0a50
.vtracy.de/ Name: tr_dt
Value: 2023-12-05+23%3A16%3A06
.vtracy.de/ Name: tr_gsd_pm_dach
Value: 2023-12-05+23%3A16%3A06
.adfarm1.adition.com/ Name: UserID1
Value: 7309237904841635984
.vtracy.de/ Name: tr_aasd_pm_dach
Value: 2023-12-05+23%3A16%3A06

12 Console Messages

Source Level URL
Text
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 502)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 502)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 502)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 502)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 502)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 502)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 502)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html#goog_616653774
Message:
Access to XMLHttpRequest at 'https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C61783164%2Fca-video-pub-4090704406626496-tag%2Fviads.catolicoorante.com.br&description_url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=3454518324166108&&_timestamp=1701814565160&vpa=auto&vpmute=1&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=91851430&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&nel=0&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=1701814565628&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw&scor=1277428785872075&ged=ve4_td5_tt3_pd5_la5000_er0.0.156.300_vi0.0.1200.1600_vp100_ts1_eb24171' from origin 'https://imasdk.googleapis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C61783164%2Fca-video-pub-4090704406626496-tag%2Fviads.catolicoorante.com.br&description_url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=3454518324166108&&_timestamp=1701814565160&vpa=auto&vpmute=1&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=91851430&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&nel=0&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=1701814565628&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw&scor=1277428785872075&ged=ve4_td5_tt3_pd5_la5000_er0.0.156.300_vi0.0.1200.1600_vp100_ts1_eb24171
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html#goog_616653774
Message:
Access to XMLHttpRequest at 'https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C61783164%2Fca-video-pub-4090704406626496-tag%2Fviads.catolicoorante.com.br&description_url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=3454518324166108&&_timestamp=1701814565160&vpa=auto&vpmute=1&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=91851430&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&nel=0&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=1701814565628&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw&scor=1277428785872075&ged=ve4_td5_tt3_pd5_la5000_er0.0.156.300_vi0.0.1200.1600_vp100_ts1_eb24171' from origin 'https://imasdk.googleapis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C61783164%2Fca-video-pub-4090704406626496-tag%2Fviads.catolicoorante.com.br&description_url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=3454518324166108&&_timestamp=1701814565160&vpa=auto&vpmute=1&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=91851430&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=4ADE1723-4D05-4E45-8620-82B12E17DF58&a3p=EhsKDDMzYWNyb3NzLmNvbRj517XgwzFIAFICCGQSGAoJeWFob28uY29tGNnYteDDMUgAUgIIbxIZCgp1aWRhcGkuY29tGPnXteDDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yzdi14MMxSABSAghqEhwKDWNyd2RjbnRybC5uZXQY-de14MMxSABSAghkEhkKCnB1YmNpZC5vcmcYiti14MMxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPnXteDDMUgAUgIIZBIXCghydGJob3VzZRiw2LXgwzFIAFICCGoSFAoFb3BlbngY-de14MMxSABSAghk&nel=0&eid=31061774%2C44772139%2C44773378%2C44777649%2C44781409%2C44804291&url=https%3A%2F%2Fwww.catolicoorante.com.br%2F&dt=1701814565628&cookie=ID%3Dab9a00eb087079d3%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MZknIUJLsV5WCmJUFQe5uaGE4vR9g&gpic=UID%3D00000d0b47e790bd%3AT%3D1701814562%3ART%3D1701814562%3AS%3DALNI_MbzEF44E4l2q8--HyS-mqDTpQG1tw&scor=1277428785872075&ged=ve4_td5_tt3_pd5_la5000_er0.0.156.300_vi0.0.1200.1600_vp100_ts1_eb24171
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 502)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.ad.gt
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ade.googlesyndication.com
ads.stickyadstv.com
adservice.google.com
adv.office-partner.de
adx.adform.net
amer.hhkld.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cdn2.viads.net
cdnjs.cloudflare.com
choices-or.trustarc.com
choices.trustarc.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
csi.gstatic.com
de2-bid.adsrvr.org
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e3ad3dd571e1a5598d139ff2f800aac0.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
ghb.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hal900025.redintelligence.net
hal90008.redintelligence.net
hbx.media.net
hhkld.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
imasdk.googleapis.com
insight.adsrvr.org
invstatic101.creativecdn.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
node.setupad.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
proc.ad.cpe.dotomi.com
pubads.g.doubleclick.net
pv.medialead.de
r5---sn-4g5lznes.c.2mdn.net
red.vtracy.de
region1.google-analytics.com
rtb.hhkld.com
s.amazon-adsystem.com
s.richaudience.com
s0.2mdn.net
script.4dex.io
secure-gl.imrworldwide.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
setupad-d.openx.net
ssum-sec.casalemedia.com
static.criteo.net
stpd.cloud
sync.adtelligent.com
sync.teads.tv
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
web.hb.ad.cpe.dotomi.com
www.awin1.com
www.catolicoorante.com.br
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
csi.gstatic.com
pubads.g.doubleclick.net
104.18.35.167
104.18.36.155
108.138.1.25
138.201.63.145
138.201.63.150
138.201.84.245
141.94.202.176
142.250.184.194
142.250.184.226
143.204.176.108
147.75.84.158
15.197.133.55
151.101.1.108
157.90.0.13
159.89.25.223
160.153.94.137
162.19.138.116
162.19.138.83
172.217.18.2
172.64.149.180
172.64.151.101
172.67.68.162
178.250.1.9
18.165.183.22
18.245.143.58
185.184.8.90
185.83.71.234
2.18.160.23
2.19.217.101
2.19.217.60
2001:4860:4802:32::36
216.52.2.91
216.58.206.38
23.57.19.78
2600:1f18:ed:550f:4485:60d2:df0:ecb9
2600:9000:2127:ea00:10:dd8:5e40:93a1
2600:9000:223c:a400:1e:a43d:b640:93a1
2600:9000:2250:1000:a:e047:753:a221
2602:803:c003:200::43
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:8a9
2606:4700:4400::6812:22b2
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6812:1f31
2607:4f00:932::2
2607:ae80:4::25
2607:f8b0:4008:806::2003
2a00:1450:4001:10::a
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:13::1460
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:d29:3601:c84a:f3f:c1a8:24dc
2a0b:4d07:101::1
3.10.29.13
3.120.25.220
3.160.196.77
3.69.41.2
3.75.62.37
34.102.146.192
34.120.135.53
34.197.138.42
34.96.70.87
34.98.64.218
35.178.224.52
37.157.2.229
37.252.173.215
44.213.166.60
52.223.40.198
52.46.128.147
54.194.196.88
54.93.152.216
64.95.96.108
65.9.93.173
65.9.95.76
69.173.144.165
76.223.111.18
78.46.23.46
85.114.159.118
91.121.248.44
92.123.148.9
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10e99a7be21041e3dd05c48cb19ce6a10e0c350a41dd696eca04a7730ab170cd
119265cc0709da8217136d9dcbfff4ae7d1e3aec99cbd35bd43ccd8ef6666e87
12c21d8cc1514e436200bcad37e648970911f49509baf5ea17582eb87ceb164a
14efa5752b436fa5494bb8753fa6c11e9d3d3af4e390312a1d5ea724fafb84e5
15bc67a84c29312fafc7a3cd2d7bc5381595799f8dbce5009e99a0a471a3a06c
174e4500b77f8caeaf26632e5433a6da7008ab90d382b6ffddb89a15f38b0ee4
1b91eaa6e27d0f71c9348d19e5f78bf344f52cfa6ebe325cb5dcfd52ddc857e7
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fd78ed0e48b9f1e0584afde0ceb72276040509f2d0a808416cc7defab3cf8cf
216ec13187fea4bc4afb2d0dca8390d73dd4d7deaaa195134e0c47558d4a2948
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
27f971026b5f16bdb394808693b0e749d27798c97e182b595867f1ef2c8054b0
28270ba158aeb18ed8b241a790fc19bc5da2ff2e1b42fa90c75fab6f22dc0ccb
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f2fc9a98b85c7b3afeac545c86d1f24a99fa59cc3000752666adaa2e13f98ea
2fdc9998bb1b65f7bd255818faae25b40e971e10880297da69bc7390ba227ff8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
340a62dbad1c86b92c139c6c40545b5ca64286f7238a0f831c327e4ac76668fa
34c907374e938efced62f13f2a6755f9edcd5634ec946a74d936258ef1335c58
359fe58a4f9e8cdf54cba69229104d117fa5a26545003edd25e892913c3cb4fc
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38940629e963523e8f1bcca94d86d372c333c7f6fa4252973f70b5f148ddaa11
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c3c917f4f2fec833b3b61e610a5ef7bc6ea420a3e35a165bca1c1d2cf61e30d
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3d4b54a543ebd314e0951aa7abf497e02ea95edea5a0d9e416d0d00916650420
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ddfd25eabeae10fb6bff1219d989f335577c2307fd3425acc9125283c0aaa4b
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b
3e913baf4253cf630ba90f1e1b4536ac0cef63be67ea620bb650eeab1cb7d783
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404f2470f42a0e99a20c263b2b597b50921b9c33b49883954a49c16117634524
41645575f70812a3c6f24e3a8ba2ecf4fcb1318bad79960b1f57aa735a288589
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
46735132123e5be41147f648041a3c0d618b3260569dbc94a78f5fb979e19beb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46cf6bd295f28386afc5f433a7623362cff006f29a63c192c0e340dd0d22c45a
47140bff0b022092763677ad76e2c5701f0d421d488c9e20aa60f4d297087a15
4882a02f12ec679eeb0c37707b4350747338245f99691e5d024a9072c9945c39
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494bf33bf5befb24f7bca470bb2e21432f64ad530475f16813553073903f8db5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5eb13eddfd109240999eb7533995518fd97557de5192683c242ce6b33fce11
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4df292e1aab61eae1c2ce33b5849e76c5eb2d46bffd8b4bf061f5677612cea23
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
533f013e1e4664e3871f4381d8753b8e1b9290dc52bb58afdbe437be3c489616
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5784a9b0b3f9a385a59421977d70fce3d94ef63baac2c769929a4f9fc9e51d59
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5df62af3b3e903acdfab5cd9c96edd16f9ad0258da0309046f625844c5324f9c
5e5e811ff27f2393bd60fece92e6dc42a68e67a60b0646d13db5145537c64ebc
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
65926557c27a0db201ecfd4df5e141d49a7bbdcf9728dfe3612cc7117deab590
67510a27d1c2028a4d4972e31e7817d3b7b6f5b3f25406b306676d23cdb7a103
6787c997fd3be922e3a09fea77ecd244b9f9f381a953cc4bb3ea738045906eff
688c0f1eef7a6e5612ad296723308c93b76bc3b4bcbe764acd0b2ee90cfe7f11
6c78ecbeb616994fe99378f6f1399a53b5e439090176e6bc4dc7623f3566f5b9
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7a0e15280ee20fb93c7a0c85ee15c48afd3685b91e5522ba55fcc397b894695a
7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9
7ae9b15e6a5ecd20c30a74e888431b154c6d805c34ddb819c36fd21c1c54ef3c
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7badeb31ae3aaa8eee36ca62c1af0f7cc285eee388708050ce4b2efa9f293f29
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
7da74e053f627c2af42abf9c00581ca66956d74c066d7d29f56aa07123e5b981
80138f1d92fdbcbd98f16d1b8a98f71122b6462f17c9152a6889f797bbfd752e
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8a1eb8e1fe0710673a983ab70704ed6b1c34ccdef2c8b754cd8657b61a0ecdc2
8a5d37bb26bdd71dc2b0790bb17f0105249fe589cda6a63160fc8ef3f30484a0
8b02a04576f08fe90268edb3c12713fd169357a5101d46fc8c7b79368baed7a3
8c1e2fb03402d2c9b2a28624b9fd6d8c17606d1e3f1102ae9a8aed8c359745a0
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e557e2ae5e80affd8253b1ea7b5130b8e2cdab7e61695015e701861a70532ca
9106a8e5ad1e3052ed073f8dcd9685580582085bdea341e8876ff8363354c765
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
9214cc30b814c26a5f7d13764a3c0dedd5d79ebfe5bedaa9a2371262983e92fc
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
96fe9ca0bdf99e0ac4dbccecdf21a0908da690de37f89f6fa0c790d3167aa47c
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1b0b122194485c91aacdd819e8687e299246e28949b99c5c321dbad6aeb3f45
a1c12175de1a0a767410e692e0af3ac427ded63ac1e3f195ab6d36fead747875
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aa06d3db5653d1e306342045f06b058e41ca9668a2a1b388ce786623366b1f1e
aa4129b5f4748777aa858cc39542e0f4963cc136a620c06873da8e7260285e87
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab2bdee249dc6f9a8858d65ec384ef177257e47f2b5d784e9c1caf4d82fa11f2
ae9c5451af9acf0101a5da780b06bf4bc45af1bdb83d6d8502395fe021db3696
aec1e9ca1ea1dde271c337c7e33e110e8709cbaeeb6a68bf6fe046d60383ff33
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0bc4832bff20424c219616d614a0da01ca98a13026edc54b008aa99db057011
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b151aa89ada97e5a8be0b3a553add1e9c8ce3688f21fb0d5a6465c5cd333e504
b646fe6769707fa5b0058c4cbd16400820d523c5a9e49ec882b70988a435d02e
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
b804eb531a796892c58281db7f65cbad5f08b0282aeab251299ed059b6e130e1
b8cf1ecbe148cb6469eabe9b78757b1f04b380ddf16a3f148682880fa489fa11
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfabc5e8b04eec66b4431a7364a4c76cbb299b39ebbdafe7547b9dc37e3acda9
c0ada3396a5c7fc9d2a65064afaee9c17a81414fa354fcf987ad82da584202d1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4e08ed2fcf2572bf0d6085601e132c547331d03b3521c2243cbb3e7ed08c079
c54ec4bfe7dbed5da4ecd8acfebca9aa51e92576fc5bb0881850fe6945ee93a2
c61b656b1d00d0ce0f6c94f57f70f9f81f68db77d7afd672c36b264f1b7c57e7
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c87c5f31e6467e8c29921a1041c879800169e3ee13b6c417a4f900fc38fbf22a
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccedc0c47fe7aca129612a8d49ee5075421cb62b7bc51f90d42c935d27371ac2
cd015e20f539f3367dcd50dd2819bb137f0d907c720862ff715946065d5a87b4
cd7bf462b6cfc23a7f953c929ab7323ebd138557eb332e986880738ae877bb76
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1afb0b79686cdb9f92bb2da36ae6b9ab8b9134a4ad0aa749f42d0b46acbc134
d2d1aa1a49547256055a390968012f7434244d179afa7199441d3863169830d7
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dd0b4d3d4d051f94f33a8bd47fedd54ceed1066e0efb17fc0d3ebca003491310
dfbae21e5eb164e33321ed1ae74d223ea0668e98601d9fff68674d07019da643
e13fe27c71bb18d6bca0331a56765248d042a7cdf824461ac6b05c1bf30f47ee
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e08d50474bccb1997f8f319aaf608fc763e678bbed630209852b0289704cd7
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
eb0b0004d992b2b3cdcb22482c30ebf0099dc1a9a2bea77035a6f54bd0dfe309
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ee287542771d2c48256a925dcc3a7b52c9d2b3b1c65314cb00caabe970f38f98
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eebdf1f072361b2f920598bb429d9fa13dcfb063f0267dbebf35df35dd5d7908
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f0ed5ac7b07ed001f7aa1a50ebf555ee50e64b8cedbeec0381fe2258e49cca79
f1f7192930b6b59081b2ccac86768dad41b51a2ab7731613eacbd9aff9ec4833
f38a2b88411c654b2ceca44317e38678370b4bcf84d6af7ff02a124595047fd4
f4dab19efec14205e419d50d7d094677303225e0d603b79c59395673d5be3993
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f6e70758a795a781a44892608ef5344c8c6341c12dfa8fec6950453bcf3a0b72
f927360910160d905cdfc51574946e52162dfc2a089d6eeb938d1317a94c5d0d
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
ffaa72f10333f6bd37f8c2502986ee6b1d691219ce3d055243fd54e4da7bc96f