drd.com.br Open in urlscan Pro
177.153.49.228 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://drd.com.br/
Effective URL:
https://drd.com.br/
Submission: On January 21 via api (January 21st 2024, 3:47:22 pm UTC) from US — Scanned from DE

Summary HTTP 469 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 76 IPs in 11 countries across 64 domains to perform 469 HTTP transactions. The main IP is 177.153.49.228, located in Brazil and belongs to Locaweb Servicos de Internet SA, BR. The main domain is drd.com.br.
TLS certificate: Issued by R3 on January 13th 2024. Valid for: 3 months.

This is the only time drd.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	177.153.49.228 177.153.49.228	27715 (Locaweb S...) (Locaweb Servicos de Internet SA)
6	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
97	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	190.89.238.88 190.89.238.88	28209 (Under Ser...) (Under Servicos de Internet Ltda)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:de0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:bf59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	170.81.43.202 170.81.43.202	266400 (Ferenz Ne...) (Ferenz Networks)
1	2606:4700::68... 2606:4700::6810:4fba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:599a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	52.222.139.110 52.222.139.110	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1 64	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 9	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:b07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	135.148.100.137 135.148.100.137	16276 (OVH) (OVH)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:160e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
40	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
4	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
12 32	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:3295:f713:9e96:927c	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2 4	2.19.85.30 2.19.85.30	16625 (AKAMAI-AS) (AKAMAI-AS)
5 11	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1 6	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
4	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
1 4	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
1 2	52.18.204.174 52.18.204.174	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	13.41.170.8 13.41.170.8	16509 (AMAZON-02) (AMAZON-02)
1	23.192.250.178 23.192.250.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	54.220.183.228 54.220.183.228	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	5.196.111.69 5.196.111.69	16276 (OVH) (OVH)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:c400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
8	2600:1f18:1ac... 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.94 99.86.4.94	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.57.164.72 52.57.164.72	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	35.214.184.99 35.214.184.99	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.124.237.235 3.124.237.235	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	18.171.41.162 18.171.41.162	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:400e:c07::5e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:24::a	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
469	76

27 177.153.49.228 (Brazil) 1 redirects

ASN27715 (Locaweb Servicos de Internet SA, BR)
PTR: vpshost7047.publiccloud.com.br

drd.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

97 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.89.238.88 (Brazil)

ASN28209 (Under Servicos de Internet Ltda, BR)
PTR: br204.serverdo.in

tags.juicebarads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

code.responsivevoice.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:de0 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.horoscopovirtual.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:bf59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 170.81.43.202 (Xaxim, Brazil)

ASN266400 (Ferenz Networks, BR)
PTR: rw.servidoresbrasil.com

fb.radiosnaweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:599a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-110.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 135.148.100.137 (United States)

ASN16276 (OVH, FR)
PTR: wz3.dnip.com.br

5a2b083e9f360.streamlock.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:160e (United States)

ASN13335 (CLOUDFLARENET, US)

tags.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tt-11382-4.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.246.169.24 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 216.58.206.34 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:3295:f713:9e96:927c (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.243 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.85.30 (Düsseldorf, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-85-30.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.64.151.101 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.153 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.70.9 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.63.52.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

hal900020.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.204.174 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-204-174.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.41.170.8 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-170-8.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.250.178 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-250-178.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.183.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-183-228.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.196.111.69 (Lille, France)

ASN16276 (OVH, FR)
PTR: ip69.ip-5-196-111.eu

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:c400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.164.72 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-164-72.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.6 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.184.99 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 99.184.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.237.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-237-235.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.171.41.162 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-171-41-162.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400e:c07::5e (The Dalles, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:24::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr5---sn-4g5edndr.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
97	wp.com i0.wp.com — Cisco Umbrella Rank: 3696	3 MB
83	googlesyndication.com d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 356	477 KB
69	doubleclick.net 15 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 309589 pubads.g.doubleclick.net — Cisco Umbrella Rank: 415	412 KB
40	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	626 KB
27	drd.com.br 1 redirects drd.com.br	2 MB
20	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 adservice.google.com — Cisco Umbrella Rank: 98	70 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	221 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1004 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com — Cisco Umbrella Rank: 719	105 KB
11	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	7 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 253 secure.adnxs.com — Cisco Umbrella Rank: 490	8 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	727 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485	379 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38309 hal900020.redintelligence.net — Cisco Umbrella Rank: 221315	55 KB
8	streamlock.net 5a2b083e9f360.streamlock.net	123 KB
7	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 77191 d.tailtarget.com — Cisco Umbrella Rank: 85710 b.t.tailtarget.com — Cisco Umbrella Rank: 67257 tt-11382-4.seg.t.tailtarget.com — Cisco Umbrella Rank: 325408 t.tailtarget.com — Cisco Umbrella Rank: 22918	23 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	42 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 410	104 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	56 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1376	904 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	260 KB
4	radiosnaweb.com fb.radiosnaweb.com	4 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28599 api.webgains.io — Cisco Umbrella Rank: 69568	19 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 41332	1013 B
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 707	976 B
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 583	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6518	579 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 671	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 875	2 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	207 B
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	89 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 412	960 B
2	360yield.com match.360yield.com — Cisco Umbrella Rank: 1918	397 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1946	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	322 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	94 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 681 script.hotjar.com — Cisco Umbrella Rank: 996	59 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4534 forms.hscollectedforms.net — Cisco Umbrella Rank: 4621	26 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2407 js-na1.hs-scripts.com — Cisco Umbrella Rank: 6564	2 KB
1	googlevideo.com rr5---sn-4g5edndr.googlevideo.com — Cisco Umbrella Rank: 65984	1 MB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	146 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 381	616 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 805	166 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 897	411 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5893	554 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 53518	611 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	187 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384	3 KB
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	464 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16092	702 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55633	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 148117	923 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	715 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 738	98 B
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2301	1 KB
1	denakop.com tags.denakop.com — Cisco Umbrella Rank: 207778	101 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4278	1016 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2148	21 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2120	21 KB
1	horoscopovirtual.com.br widget.horoscopovirtual.com.br	1 KB
1	responsivevoice.org code.responsivevoice.org — Cisco Umbrella Rank: 42529	23 KB
1	juicebarads.com tags.juicebarads.com	22 KB
469	64

	Domain	Requested by
97	i0.wp.com	drd.com.br
51	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com drd.com.br d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com www.gstatic.com pagead2.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com www.googletagservices.com
40	s0.2mdn.net	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com drd.com.br imasdk.googleapis.com s0.2mdn.net
32	cm.g.doubleclick.net	12 redirects d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com googleads.g.doubleclick.net
27	drd.com.br	1 redirects drd.com.br
24	tpc.googlesyndication.com	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com drd.com.br googleads.g.doubleclick.net imasdk.googleapis.com
13	googleads.g.doubleclick.net	1 redirects d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com pagead2.googlesyndication.com
11	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
9	fundingchoicesmessages.google.com	tags.juicebarads.com
9	securepubads.g.doubleclick.net	tags.juicebarads.com securepubads.g.doubleclick.net
9	www.google.com	2 redirects drd.com.br d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com tpc.googlesyndication.com
9	www.googletagmanager.com	drd.com.br tags.juicebarads.com www.googletagmanager.com adv.office-partner.de
8	dt.adsafeprotected.com	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
8	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
8	5a2b083e9f360.streamlock.net	cdn.jsdelivr.net
7	www.gstatic.com	drd.com.br d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
6	ad.doubleclick.net	1 redirects d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com drd.com.br 8019191.fls.doubleclick.net
6	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	fonts.googleapis.com	drd.com.br d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com hal900020.redintelligence.net
5	cdn.ampproject.org	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
4	cdnjs.cloudflare.com	s0.2mdn.net
4	hal900020.redintelligence.net	1 redirects d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com hal900020.redintelligence.net
4	hal9000.redintelligence.net	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com hal900020.redintelligence.net
4	sync.teads.tv	2 redirects d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
4	www.googletagservices.com	drd.com.br d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fb.radiosnaweb.com	drd.com.br fb.radiosnaweb.com cdn.jsdelivr.net
3	csi.gstatic.com	imasdk.googleapis.com
3	pubads.g.doubleclick.net	imasdk.googleapis.com
3	pv.medialead.de	hal900020.redintelligence.net
3	onetag-sys.com	2 redirects d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
3	c1.adform.net	3 redirects
3	imasdk.googleapis.com	tags.juicebarads.com imasdk.googleapis.com
3	www.google.de	drd.com.br
2	ade.googlesyndication.com
2	api.webgains.io	analytics.webgains.io
2	ap.lijit.com	2 redirects
2	pm.w55c.net	2 redirects
2	dclk-match.dotomi.com	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
2	8019191.fls.doubleclick.net	1 redirects d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
2	static.adsafeprotected.com	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	drd.com.br
2	ssbsync.smartadserver.com	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	match.360yield.com	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects drd.com.br
2	e.dlx.addthis.com	2 redirects
2	b.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	drd.com.br d.tailtarget.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.jsdelivr.net	fb.radiosnaweb.com
2	connect.facebook.net	drd.com.br connect.facebook.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
1	rr5---sn-4g5edndr.googlevideo.com
1	adservice.google.com	8019191.fls.doubleclick.net
1	x.bidswitch.net	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
1	secure.adnxs.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
1	csync.loopme.me	1 redirects
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	pixel-sync.sitescout.com	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
1	cdn.track.production.webgains.team	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	cms.quantserve.com	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
1	www.awin1.com	hal900020.redintelligence.net
1	track.webgains.com	drd.com.br
1	adv.office-partner.de	hal900020.redintelligence.net
1	dis.criteo.com	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	id.rlcdn.com	d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
1	t.tailtarget.com
1	tt-11382-4.seg.t.tailtarget.com	d.tailtarget.com
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	tags.denakop.com	tags.juicebarads.com
1	tags.t.tailtarget.com	drd.com.br
1	www.facebook.com	drd.com.br
1	forms.hsforms.com	drd.com.br
1	script.hotjar.com	static.hotjar.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-scripts.com	drd.com.br
1	widget.horoscopovirtual.com.br	drd.com.br
1	code.responsivevoice.org	drd.com.br
1	tags.juicebarads.com	drd.com.br
469	93

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
www.youtube.com
classificados.drd.com.br
www.facebook.com

Subject Issuer	Validity	Valid
drd.com.br R3	`2024-01-13` - `2024-04-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
www.tags.juicebarads.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-10` - `2024-08-11`	a year	crt.sh
responsivevoice.org E1	`2023-12-16` - `2024-03-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
fb.radiosnaweb.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-30` - `2024-01-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
5a2b083e9f360.streamlock.net Sectigo RSA Domain Validation Secure Server CA	`2023-12-08` - `2024-12-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
denakop.com Cloudflare Inc ECC CA-3	`2024-01-17` - `2024-12-31`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh

This page contains 33 frames:

Primary Page: https://drd.com.br/
Frame ID: 748590F146BA5E84EF109ED2BFBF064E
Requests: 202 HTTP requests in this frame

Frame: https://fb.radiosnaweb.com/hls/player.php?dnipf=5a2b083e9f360.streamlock.net&canal=imparsomhd&canal2=imparsomhd&wowza=0&lar=320&alt=42&tipo=3&autostart=true&mute=50&nome=imparsomhd
Frame ID: 0D131A4E44B6F93B34536427B97FEBDB
Requests: 5 HTTP requests in this frame

Frame: https://fb.radiosnaweb.com/hls/player.php?dnipf=5a2b083e9f360.streamlock.net&canal=ibiturunafm&canal2=ibiturunafm&wowza=0&lar=320&alt=42&tipo=3&autostart=true&mute=50&nome=ibiturunafm
Frame ID: 635A8718CC43EF07659421F7FFE4B4B8
Requests: 10 HTTP requests in this frame

Frame: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E0D41F36632E5B461B2849EFB9362857
Requests: 1 HTTP requests in this frame

Frame: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F62893FE60F43F67CE8DD91AB2F00E68
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0DACB3D6C5984D05C937F8457AE62E28
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AB72C8417CAFC4285D957F6909519394
Requests: 2 HTTP requests in this frame

Frame: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0DBE43351117BF2AD15E1C7DECE50D26
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: 308A60218F7B3D11E109F0224D549CE5
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FF5078CD11E54EC6BED9C7A2C0FA8AA5
Requests: 9 HTTP requests in this frame

Frame: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A5AA25A4F886749B21620695A330A00A
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: D08B07D95D0EEF53529C87E947351E88
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUCJywOBVck4Nq2n2jt_Ea0hRcctao-ppl1iizdLhI3ISnreFNWHrPzc58S5dH5uvHHH6IHOcLQv3NjPr28nnywqXBFZWDpYyt6dCDiBS79d5iHKFS_ci2OvtvjhEqK7VYyMX_N_gCG_5RKXFuKE4QCvyX_sUVReh7iHlBx0H5CzbtDd38
Frame ID: AA1B0DFBCA4242705677A825EE12AF19
Requests: 5 HTTP requests in this frame

Frame: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B2C160FC7D7EC1F84DCB84DBA0AE4218
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 00CDE85864EFC775DC04D24F5F624F6B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKS61YACMAE&v=APEucNXiAWnQtZBl8kiVXZ2rm-ck-_ynWp5LA66zhnKhTFaY1LY-XYoiXlB0E2trKkjearVD8gdxdTBuRVGyxsI85v9SbO19owZobsR4EUlvhc0ZljptYbRlP2N92rJPT86UONKGhUyJ-gPlszJFcBJEXa7nqS2d7s84WeEsgH0mODpw0sTAS9k
Frame ID: 9E7B130737DB29ECB1BD2ACFFEA2EE88
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02E67243E11DD43FA691D19958668790
Requests: 9 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 061B8CD42F14BEBE722B2B9A8AF251B4
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=12715100096253504444550012576020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 6F151C27B4FC44E005F18766A9AD90C7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Frame ID: B6064E11D0311B570128D12DA1D928B4
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0654C1B99EDD996C38E28EEA42270EEB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7CECEC6D520D514E4325F214F5AE9D87
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
Frame ID: F40221BA0163D32CD6FD6838F5FD3D33
Requests: 15 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7AA3DB02F6B228B9F13CCB0B681B5180
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKPO_oTq7oMDFZzt9QIdNe8JmQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8767509871324.919
Frame ID: F74FFFB32641999872C70D22C7D878B9
Requests: 3 HTTP requests in this frame

Frame: https://hal900020.redintelligence.net/request_content.php?s=12715100096253504444550012576020&a=f812538b
Frame ID: 828B6E2A3544A1D0B883283491AF8A1E
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 231545E8D169B8EE0BB038FFE81BCE3A
Requests: 9 HTTP requests in this frame

Frame: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CD440549251F48A5A683CE2A0059826E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUtccUN3rtuGRgD_-sZL2eGaU3LoFZhryL0U1b6s2NIc6Qo0o0Q5IdjFUNdYd-dMzVmhK3xLaez5MTo_9fSj5X2a1c_Go3njFXJ_cYQoUdoJ31mqbfDMinugJoWXP2yuobcpRWB6rXoYWv_avNQUi4ptv5RLVdNOj-6L5Pp7pD6enBQbWs
Frame ID: 0AC9CDEE2870B30E82D1E45D276188FA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C4C7ACCEF24834F164084A5C6872A15E
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Frame ID: ABB2B78A001237895502D8A238B9C728
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6917AF97731065D31D6924A13BA2C358
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: FB10462E6851EAAC8DCDA68D2DF00AFB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DRD - Diário do Rio Doce

Page URL History Show full URLs

http://drd.com.br/ HTTP 301
https://drd.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

469
Requests

93 %
HTTPS

48 %
IPv6

64
Domains

93
Subdomains

76
IPs

11
Countries

10678 kB
Transfer

18442 kB
Size

74
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/diarioriodoce
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/diarioriodoce
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@diarioriodoce1461
Title: Youtube

Search URL Search Domain Scan URL

URL: https://classificados.drd.com.br/
Title: CLASSIFICADOS

Search URL Search Domain Scan URL

URL: https://www.facebook.com/diarioriodoce
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCiBDTNFCVhIT6oqQ0qPtjhw
Title: Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://drd.com.br/ HTTP 301
https://drd.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/585138387/?random=898097351&cv=11&fst=1705852031701&bg=ffffff&guid=ON&async=1&gtm=45He41h0v830314507&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdrd.com.br%2F&label=5YDxCI6xpN8BENOBgpcC&hn=www.googleadservices.com&frm=0&tiba=DRD%20-%20Di%C3%A1rio%20do%20Rio%20Doce&value=0&auid=1278253825.1705852032&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=fzytZZmiL4mVxdwP9omtgAU&sscte=1&crd=CIO9sQI&eitems=ChAIgJ6zrQYQzvjBi52U5d9VEh0AcZnPSYM8opiq6GX-aVDo29vv4OmFIPqa_lqGhw&pscrd=Ek5DaEFJZ0o2enJRWVE3clhpbk9Ubnlad0NFaVlBM2Q0SFpBOC1tNk94UkdzTHZqSGFjV1VCYjl5Y2xRSEp6SDRZYmIwRm9hV3U2WlJiSlEaWkNoRUlnSjZ6clFZUW5jZVJ0Y25ZbnBmQ0FSSXVBQWhMRU5zTE5DLXpzLXdWQjlQRHYyd1otT2NVMHQtTTQ2VU1XREhfRUtiUFJkYktQWHNLSVQ4d0ppM1JQZyITCNndkoPq7oMDFYlKkQUd9kQLUA HTTP 302
https://www.google.com/pagead/1p-conversion/585138387/?random=898097351&cv=11&fst=1705852031701&bg=ffffff&guid=ON&async=1&gtm=45He41h0v830314507&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdrd.com.br%2F&label=5YDxCI6xpN8BENOBgpcC&hn=www.googleadservices.com&frm=0&tiba=DRD%20-%20Di%C3%A1rio%20do%20Rio%20Doce&value=0&auid=1278253825.1705852032&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=Ek5DaEFJZ0o2enJRWVE3clhpbk9Ubnlad0NFaVlBM2Q0SFpBOC1tNk94UkdzTHZqSGFjV1VCYjl5Y2xRSEp6SDRZYmIwRm9hV3U2WlJiSlEaWkNoRUlnSjZ6clFZUW5jZVJ0Y25ZbnBmQ0FSSXVBQWhMRU5zTE5DLXpzLXdWQjlQRHYyd1otT2NVMHQtTTQ2VU1XREhfRUtiUFJkYktQWHNLSVQ4d0ppM1JQZyITCNndkoPq7oMDFYlKkQUd9kQLUA&is_vtc=1&ocp_id=fzytZZmiL4mVxdwP9omtgAU&cid=CAQSGwAvHhf_GqzPTMwL95jDfwTgDxhIQpium7sWsA&eitems=ChAIgJ6zrQYQzvjBi52U5d9VEh0AcZnPSSwBynXbKXy7O56DjL2soIpilHaMhBF8Vw&random=2483595016 HTTP 302
https://www.google.de/pagead/1p-conversion/585138387/?random=898097351&cv=11&fst=1705852031701&bg=ffffff&guid=ON&async=1&gtm=45He41h0v830314507&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdrd.com.br%2F&label=5YDxCI6xpN8BENOBgpcC&hn=www.googleadservices.com&frm=0&tiba=DRD%20-%20Di%C3%A1rio%20do%20Rio%20Doce&value=0&auid=1278253825.1705852032&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=Ek5DaEFJZ0o2enJRWVE3clhpbk9Ubnlad0NFaVlBM2Q0SFpBOC1tNk94UkdzTHZqSGFjV1VCYjl5Y2xRSEp6SDRZYmIwRm9hV3U2WlJiSlEaWkNoRUlnSjZ6clFZUW5jZVJ0Y25ZbnBmQ0FSSXVBQWhMRU5zTE5DLXpzLXdWQjlQRHYyd1otT2NVMHQtTTQ2VU1XREhfRUtiUFJkYktQWHNLSVQ4d0ppM1JQZyITCNndkoPq7oMDFYlKkQUd9kQLUA&is_vtc=1&ocp_id=fzytZZmiL4mVxdwP9omtgAU&cid=CAQSGwAvHhf_GqzPTMwL95jDfwTgDxhIQpium7sWsA&eitems=ChAIgJ6zrQYQzvjBi52U5d9VEh0AcZnPSSwBynXbKXy7O56DjL2soIpilHaMhBF8Vw&random=2483595016&ipr=y

Request Chain 216

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 262

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmRjPuP19qv3BPWOggtZPXpIk5cW9o3V2jfpWxOcG-A2bH1PgF10CyIWZWJWj1YWPCfWkRBZOXzmxV3rleQJm1gwnSEddst5VVnm&google_gid=CAESEChNMHtv1m7MfWh16b2wzP8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmRjPuP19qv3BPWOggtZPXpIk5cW9o3V2jfpWxOcG-A2bH1PgF10CyIWZWJWj1YWPCfWkRBZOXzmxV3rleQJm1gwnSEddst5VVnm&google_gid=CAESEChNMHtv1m7MfWh16b2wzP8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMjExNTQ3MTQwMDAxMzAxMzA0MzI0Ng%3D%3D&google_push=AXcoOmRjPuP19qv3BPWOggtZPXpIk5cW9o3V2jfpWxOcG-A2bH1PgF10CyIWZWJWj1YWPCfWkRBZOXzmxV3rleQJm1gwnSEddst5VVnm

Request Chain 263

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIr5uiASBRXEuTQF5-7zDUg&google_cver=1&google_push=AXcoOmSTpxlP5tU74A6woZGoZjenK_Ham8PvMU1XPUbjNLNZZ_PkhlNnhumKmMqIhmPMkzfvAcssLh-1-FH6yd9xzkiR8DqZis0ugSmu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSTpxlP5tU74A6woZGoZjenK_Ham8PvMU1XPUbjNLNZZ_PkhlNnhumKmMqIhmPMkzfvAcssLh-1-FH6yd9xzkiR8DqZis0ugSmu&google_hm=eS1JWjlmbU1sRTJwSDN2TGRFNnBncDVsXy5OSE1CX2Nmbn5B

Request Chain 264

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDj9W_0Lc2E--YmsClTGjF4&google_cver=1&google_push=AXcoOmQosjTrcAF8k6Cv8tz910u05YOqBmJYDLrHVT1aVrqggb5kadi-ceDcW8Nst-nbhfjAVQALkjeuguQtUIEtTQwNpyU5KROxr6A HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDj9W_0Lc2E--YmsClTGjF4&google_cver=1&google_push=AXcoOmQosjTrcAF8k6Cv8tz910u05YOqBmJYDLrHVT1aVrqggb5kadi-ceDcW8Nst-nbhfjAVQALkjeuguQtUIEtTQwNpyU5KROxr6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM1MDQ3MjAxMDkxOTMwOTIz&google_push=AXcoOmQosjTrcAF8k6Cv8tz910u05YOqBmJYDLrHVT1aVrqggb5kadi-ceDcW8Nst-nbhfjAVQALkjeuguQtUIEtTQwNpyU5KROxr6A

Request Chain 266

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGkW6T9qxlmBHROW7JeTWzE&google_cver=1&google_push=AXcoOmQNp9OBOQPfbCzbYIFUlM9t-j6Hn3bGpMWkW8zBIhV5cbgv7MaSPbB55SPL5nNHy1N3RbHDmZkZpKvv0FQ-BHoAmVl5xO0iKHAJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQNp9OBOQPfbCzbYIFUlM9t-j6Hn3bGpMWkW8zBIhV5cbgv7MaSPbB55SPL5nNHy1N3RbHDmZkZpKvv0FQ-BHoAmVl5xO0iKHAJ

Request Chain 267

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBRnz3WlwlqNU-fpHrkcSMc&google_cver=1&google_push=AXcoOmRl_5CqP90AlCmqcILlMSO9SODLz09DbwPymEZdP8lm0THIzbl-UkTFuV9KNAJQ1sVZVIH5PQjrVD9avnf0HL1NAKtrdpGfW13WdA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRl_5CqP90AlCmqcILlMSO9SODLz09DbwPymEZdP8lm0THIzbl-UkTFuV9KNAJQ1sVZVIH5PQjrVD9avnf0HL1NAKtrdpGfW13WdA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjofm3ogp7VDsQwJAJxX8s&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjofm3ogp7VDsQwJAJxX8s&google_cver=1&C=1

Request Chain 279

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za08ggqMs65YwVkv8aYhPwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjofm3ogp7VDsQwJAJxX8s&google_cver=1

Request Chain 280

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDbwkcgKdm_sZmjudz8lCNA&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDbwkcgKdm_sZmjudz8lCNA%26google_cver%3D1

Request Chain 281

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D

Request Chain 298

https://hal900020.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=081a6c0807&subid=&uid=f65d6693e9223d71&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=720x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCTfLgjytZaH3CfSi7_UPhuOKmA2m5b2gaYWVnKfJD_AuEAEg1s63TmCVgoCAoAfIAQmpAp2Ka-hlSLI-qAMByAObBKoElAJP0HjTBxFwxQj8TaFisDC1HJXRzCj55YSdbemOE13fvrLqBCME6_nFFEG4Qn6d5L0Q0SchY9dyJSs_ynhw08pdgmfJ4dtew_XGLCvYbcz7xchI1TqVHY5d4MjtETabdc6t-Q5mXrot6A28YN2lnM4JwcUu4IaL2cg-dW8RBYHgdeYiFfbEuZoQQbEVAfOuirPXzL7PUGy8-nqBny2PsjfEKTPfZ3xpv4ApySGYDnhXCtBEvnfUG0wlAQCMLuZXi1DXe5A0GgA6SfDrHlSRQN-m3pW876pFxGqHWfFkbCcnjV37Yz78sHU7cm9ja4Y0Q3eraz7NUQv_FNYmO5E1Y-E5Q9HaHnViGW1ODSZh3sAIKORwpGnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYtbr4g-rugwOACgOYCwHICwGADAGqDQJEReINEwiP6_iD6u6DAxV00bsIHYaxAtOwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_f-6IouSAr0LLfNO-gpzDCRi08Rw_D2rWmjR4aPvIBNfE_j7iG1BYHPcWYCQI7ZgcLBWJlwuzGAE%26sig%3DAOD64_0yAXl-Ur5BTqbqrhYyIp-p0LyMUA%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-Bh5Uxki37hsPIV4FArsozG8OzY_Yg5KrPSe6GFl75b8H2V37wD0SCmmhCxV8QgxtE8UQPXNViP1CiryFwc1THK1Ps_d-yNfxiYMWmWDs6BPB2iJq5prGySDahG9uFT5sr7afvt0KQf8IWFT5wN-Bip3qlKn-7AsX5OBchYD4S8MjpqcH4%26cry%3D1%26dbm_d%3DAKAmf-CIEWyqD1pydJU2andmLe3Do7oyP1PMFtvcxCnjxf5JxG_m8mqTp6-dVDrAtubKvSv5eQy6W0jQ7AAFjQS2XywrlCdakezSk7RGbh37nQxubifTELxKHuPlwnL4S5UDxqVO6X7wmUD5MYnW6WVXE7qX-zM235d8Gh3hQ31lrRvmubluqRf3WA1tycKKMbii02OmyoxFP03cbWuCUmNz2KUg7-_tPVtkOGvc6df5nOpA2ioJi_L06Q2yj9Ft07SLRn0Nqc7v6Gbuaa0FrtAXuaSug3j0eWOjAIHncfd55If1zCWdmUlO_pwSM2kJhCwTT-vJYhM86Ect0dWCPw5swNs_ZWpsI3XS6ZQr6GTc4btdzW43BUQHbtJd3u8OrqX5g3F6Y1QDTNcnbEjC06Lk05JhEi4b-jCNDirOsX2w44NIXZeptqKfPi5fAhd-ugFmiGA6pL1BVLWD2t4JEuOXrSU_IK6Zt9EDpWwwK1JOKLUO18JDlHce7Juj7tXgvuBpjhi3n9y3vlnn_FQXJYIGrh0wDWwzQWlqZ81yGFaesRJYB_65LO4%26adurl%3D&documentReferer=https%3A%2F%2Fdrd.com.br%2F&ancestorOrigins=https%3A%2F%2Fdrd.com.br&random=6840927307984&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900020.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=081a6c0807&subid=&uid=f65d6693e9223d71&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=720x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCTfLgjytZaH3CfSi7_UPhuOKmA2m5b2gaYWVnKfJD_AuEAEg1s63TmCVgoCAoAfIAQmpAp2Ka-hlSLI-qAMByAObBKoElAJP0HjTBxFwxQj8TaFisDC1HJXRzCj55YSdbemOE13fvrLqBCME6_nFFEG4Qn6d5L0Q0SchY9dyJSs_ynhw08pdgmfJ4dtew_XGLCvYbcz7xchI1TqVHY5d4MjtETabdc6t-Q5mXrot6A28YN2lnM4JwcUu4IaL2cg-dW8RBYHgdeYiFfbEuZoQQbEVAfOuirPXzL7PUGy8-nqBny2PsjfEKTPfZ3xpv4ApySGYDnhXCtBEvnfUG0wlAQCMLuZXi1DXe5A0GgA6SfDrHlSRQN-m3pW876pFxGqHWfFkbCcnjV37Yz78sHU7cm9ja4Y0Q3eraz7NUQv_FNYmO5E1Y-E5Q9HaHnViGW1ODSZh3sAIKORwpGnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYtbr4g-rugwOACgOYCwHICwGADAGqDQJEReINEwiP6_iD6u6DAxV00bsIHYaxAtOwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_f-6IouSAr0LLfNO-gpzDCRi08Rw_D2rWmjR4aPvIBNfE_j7iG1BYHPcWYCQI7ZgcLBWJlwuzGAE%26sig%3DAOD64_0yAXl-Ur5BTqbqrhYyIp-p0LyMUA%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-Bh5Uxki37hsPIV4FArsozG8OzY_Yg5KrPSe6GFl75b8H2V37wD0SCmmhCxV8QgxtE8UQPXNViP1CiryFwc1THK1Ps_d-yNfxiYMWmWDs6BPB2iJq5prGySDahG9uFT5sr7afvt0KQf8IWFT5wN-Bip3qlKn-7AsX5OBchYD4S8MjpqcH4%26cry%3D1%26dbm_d%3DAKAmf-CIEWyqD1pydJU2andmLe3Do7oyP1PMFtvcxCnjxf5JxG_m8mqTp6-dVDrAtubKvSv5eQy6W0jQ7AAFjQS2XywrlCdakezSk7RGbh37nQxubifTELxKHuPlwnL4S5UDxqVO6X7wmUD5MYnW6WVXE7qX-zM235d8Gh3hQ31lrRvmubluqRf3WA1tycKKMbii02OmyoxFP03cbWuCUmNz2KUg7-_tPVtkOGvc6df5nOpA2ioJi_L06Q2yj9Ft07SLRn0Nqc7v6Gbuaa0FrtAXuaSug3j0eWOjAIHncfd55If1zCWdmUlO_pwSM2kJhCwTT-vJYhM86Ect0dWCPw5swNs_ZWpsI3XS6ZQr6GTc4btdzW43BUQHbtJd3u8OrqX5g3F6Y1QDTNcnbEjC06Lk05JhEi4b-jCNDirOsX2w44NIXZeptqKfPi5fAhd-ugFmiGA6pL1BVLWD2t4JEuOXrSU_IK6Zt9EDpWwwK1JOKLUO18JDlHce7Juj7tXgvuBpjhi3n9y3vlnn_FQXJYIGrh0wDWwzQWlqZ81yGFaesRJYB_65LO4%26adurl%3D&documentReferer=https%3A%2F%2Fdrd.com.br%2F&ancestorOrigins=https%3A%2F%2Fdrd.com.br&random=6840927307984&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 300

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKpHFVG712kTlRRzjp7-z8g&google_cver=1

Request Chain 301

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za08ggqMs65YwVkv8aYhPwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKpHFVG712kTlRRzjp7-z8g&google_cver=1

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELe-wr-VkitEZJIhjNrTTbk&google_cver=1

Request Chain 303

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D

Request Chain 327

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGMFWWvuEaqIn_Kkid8Lfrg&google_cver=1&google_push=AXcoOmQTNGrBGxl_WOrXH_jEyNjH5wuf_JQjAus082sX9CGTN3_zL8NUZ0M4ER2IwqG2t8E2XPHmv7eHgFHZimMy6NXxIwKlxwXRUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM1MDQ3MjAxMDkxOTMwOTIz&google_push=AXcoOmQTNGrBGxl_WOrXH_jEyNjH5wuf_JQjAus082sX9CGTN3_zL8NUZ0M4ER2IwqG2t8E2XPHmv7eHgFHZimMy6NXxIwKlxwXRUQ

Request Chain 329

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN4DcNgHtKl0yd7Kk-WlOu4&google_cver=1&google_push=AXcoOmRWzPwY9ZpS9FExJ_x_leDgSHLj3oxtnB-FJ3J24W7sK6XNUO_qF_-fOnzO2gPUZh4f6oeYnkFNIqLhg5-2NeTqiE7OuhAL1A HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRWzPwY9ZpS9FExJ_x_leDgSHLj3oxtnB-FJ3J24W7sK6XNUO_qF_-fOnzO2gPUZh4f6oeYnkFNIqLhg5-2NeTqiE7OuhAL1A&google_gid=CAESEN4DcNgHtKl0yd7Kk-WlOu4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI0OTAzOTczOTY1NTQ3NzczNjM2Ng%3D%3D&google_push=AXcoOmRWzPwY9ZpS9FExJ_x_leDgSHLj3oxtnB-FJ3J24W7sK6XNUO_qF_-fOnzO2gPUZh4f6oeYnkFNIqLhg5-2NeTqiE7OuhAL1A

Request Chain 331

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH5q3RYZ78uTdCE0FVuQWFU&google_cver=1&google_push=AXcoOmT428Hu-U6PTSAYA6WqbYH1MpY0Hzpg2KQoN9xsQsLHMXucHAJth8tpyDB7L74eZ5e7_HFkTG-2ugqw1hxRhSp4HlAAlIIGVYM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT428Hu-U6PTSAYA6WqbYH1MpY0Hzpg2KQoN9xsQsLHMXucHAJth8tpyDB7L74eZ5e7_HFkTG-2ugqw1hxRhSp4HlAAlIIGVYM HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 332

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKGTDZrvBghxx2i9b3ZVZN4&google_cver=1&google_push=AXcoOmSWSQFH-buhwRRMM9RgbX1PX-soRD3IkohOmbdoZpuCaYXspYNzsD-qKFR4UhNjrI4ob8qXivvSh_JxVOIR8nqfEkdYqiY0Jig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSWSQFH-buhwRRMM9RgbX1PX-soRD3IkohOmbdoZpuCaYXspYNzsD-qKFR4UhNjrI4ob8qXivvSh_JxVOIR8nqfEkdYqiY0Jig HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 351

https://fw.adsafeprotected.com/rfw/st/1874223/77019492/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2845463438153782&ias_chanId=1&ias_placementId=20843742424&bidurl=https://drd.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hTwsstpJhB9K6YR9fJuLWF&adContainerId=brand_safety_gjytZdmnO6CWx_AP966o0A0&cbFunctionName=goog_wrapCb_gjytZdmnO6CWx_AP966o0A0&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fdrd.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fdrd.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:adf13e6d-42d5-1e33-d7f9-21ee6e9779b1,c:1X25Kl,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-vs4xd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:u20RipH+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1874223-77019492%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g1%7C1g2,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:54,oid:596ff2c5-b874-11ee-8f39-267699fbbde1,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_gjytZdmnO6CWx_AP966o0A0&cbFunctionName=goog_wrapCb_gjytZdmnO6CWx_AP966o0A0&true_pb=

Request Chain 353

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8767509871324.919 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKPO_oTq7oMDFZzt9QIdNe8JmQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8767509871324.919

Request Chain 382

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJT4cw971oQHqtnobKOZaqo&google_cver=1&google_push=AXcoOmTWYWGAv_lcxHldysTuq4DscffG_i12spgLZlnMDXttZkVsmBIX8XoZtpwTweWglbDKtfVTTJqEmzMKgT-bknwMssQQofH4 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJT4cw971oQHqtnobKOZaqo&google_cver=1&google_push=AXcoOmTWYWGAv_lcxHldysTuq4DscffG_i12spgLZlnMDXttZkVsmBIX8XoZtpwTweWglbDKtfVTTJqEmzMKgT-bknwMssQQofH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a0JWUHoyRTgxUnJBMnY1&google_gid=CAESEJT4cw971oQHqtnobKOZaqo&google_cver=1&google_push=AXcoOmTWYWGAv_lcxHldysTuq4DscffG_i12spgLZlnMDXttZkVsmBIX8XoZtpwTweWglbDKtfVTTJqEmzMKgT-bknwMssQQofH4

Request Chain 384

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEF-QV8TOlw7EHDaaIZtGePw&google_cver=1&google_push=AXcoOmTyjHfUaCTsBEOHMDvqwXep2kBsVT97IVQ4eRyqq18gAGy0Owziw4MQy4yYNO4UUQgArBmc9ZNT-W6pEzkduwzwj7ZEdXUK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTyjHfUaCTsBEOHMDvqwXep2kBsVT97IVQ4eRyqq18gAGy0Owziw4MQy4yYNO4UUQgArBmc9ZNT-W6pEzkduwzwj7ZEdXUK&google_hm=2KAWuBwQRsOIj6meCO1qn_g

Request Chain 385

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMWAofKcdorajWg60gy8bgo&google_cver=1&google_push=AXcoOmS2cPhJPwjV_l5x3_kHYyLHHR7d6aJXOGrHASISFS1jDdL16fH--Mun20UUzCdJy4FWtlb3W6bWPM0MbdlsFFjGkNga6fzI HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=G9Nryq7hRJwYNJ0Bjbplkw&google_push=AXcoOmS2cPhJPwjV_l5x3_kHYyLHHR7d6aJXOGrHASISFS1jDdL16fH--Mun20UUzCdJy4FWtlb3W6bWPM0MbdlsFFjGkNga6fzI

Request Chain 386

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBh5p8hQro5PxYAGj1hTS8Q&google_cver=1&google_push=AXcoOmTniiKYeBTF01XzNtGXlPVR5jcqa9hF_iV47Q9w5bdKTJC6RM-3ZwLNVpRPtRm9AnClxEDGmWGfkKL7j6HNTH7F6nkiA1YU HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBh5p8hQro5PxYAGj1hTS8Q&google_cver=1&google_push=AXcoOmTniiKYeBTF01XzNtGXlPVR5jcqa9hF_iV47Q9w5bdKTJC6RM-3ZwLNVpRPtRm9AnClxEDGmWGfkKL7j6HNTH7F6nkiA1YU&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTniiKYeBTF01XzNtGXlPVR5jcqa9hF_iV47Q9w5bdKTJC6RM-3ZwLNVpRPtRm9AnClxEDGmWGfkKL7j6HNTH7F6nkiA1YU&google_hm=IB3TqGZHGmva9lx3QKKxyjfv

Request Chain 387

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEG8UrU84oJzw4PXdgCRnKGY&google_cver=1&google_push=AXcoOmS3TcA5DHS2Pdi1SLGkyOKJjvl-rhV9PlLZS_nNtmmV64XqmfGe-FXXaAjHc6PW2ujoXW9z7oHKrz0EeYx4xR50ecpO_BWUvw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ace0fe0d-94ce-492d-99fd-4244e6f87686&google_cver=1&google_gid=CAESEG8UrU84oJzw4PXdgCRnKGY&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmS3TcA5DHS2Pdi1SLGkyOKJjvl-rhV9PlLZS_nNtmmV64XqmfGe-FXXaAjHc6PW2ujoXW9z7oHKrz0EeYx4xR50ecpO_BWUvw&gdpr=${GDPR}

Request Chain 392

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlKZeDJbezBzEn2Man0Q0s&google_cver=1

Request Chain 393

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za08ggqMs65YwVkv8aYhPwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlKZeDJbezBzEn2Man0Q0s&google_cver=1

Request Chain 394

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENfMFJiJ_fkt3SvJJzj0XjY&google_cver=1

Request Chain 395

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D

Request Chain 400

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFHuunQS87xJ-OQbZq4tSEs&google_cver=1&google_push=AXcoOmTWUMZjAHffP-GZ-zaJXnwvxevDQxUfU1hVeB2Lt5FGOW2aCRuwgnktwAKG1dXMpbgqqg1EkU0mYjq9SZIyPGjJ-zzwdWQXTg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJOTzlBVU0tMUotNkM2MA==&google_push=AXcoOmTWUMZjAHffP-GZ-zaJXnwvxevDQxUfU1hVeB2Lt5FGOW2aCRuwgnktwAKG1dXMpbgqqg1EkU0mYjq9SZIyPGjJ-zzwdWQXTg

Request Chain 403

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFkX5xqn4RouyGOawFB4xBU&google_cver=1&google_push=AXcoOmQxxpu4nVjDaQangIbyCAEmmm3eve305p8tVAidMjFTeq6EoXYFw-4snL3y2wSLXubJYFl9UegoyZFYPfr1NbLTzZvNJOFUVqk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D&google_gid=CAESEFkX5xqn4RouyGOawFB4xBU&google_cver=1&google_push=AXcoOmQxxpu4nVjDaQangIbyCAEmmm3eve305p8tVAidMjFTeq6EoXYFw-4snL3y2wSLXubJYFl9UegoyZFYPfr1NbLTzZvNJOFUVqk

Request Chain 457

https://ad.doubleclick.net/ddm/trackimp/N343201.127733GOOGLE-YOUTUBE/B21801157.379227102;dc_trk_aid=428992661;dc_trk_cid=107145939;ord=3660488226;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_exteid=1453024930394108447;dc_av=520;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23;tpsrc=ima HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N343201.127733GOOGLE-YOUTUBE/B21801157.379227102;dc_pre=CITN94bq7oMDFf2JgwcdO1UK5A;dc_trk_aid=428992661;dc_trk_cid=107145939;ord=3660488226;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_exteid=1453024930394108447;dc_av=520;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23;tpsrc=ima

469 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
drd.com.br/
Redirect Chain

http://drd.com.br/
https://drd.com.br/

349 KB
349 KB

657ms
234ms

Document
text/html

177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache / PHP/7.4.11
Resource Hash: af784df309613b3f0aeceef5d8277d6507a22a4fe56e5ba81cd79749861a856e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=3, must-revalidate
Connection: Keep-Alive
Content-Length: 357395
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Jan 2024 15:47:09 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding,Cookie
X-Powered-By: PHP/7.4.11

Redirect headers

Connection: close
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Jan 2024 15:47:07 GMT
Location: https://drd.com.br/
Server: Apache
Vary: Accept-Encoding,Cookie
X-Powered-By: PHP/7.4.11
X-Redirect-By: WordPress

GET
H/1.1 200
OK /
drd.com.br/_jb_static/ 1022 KB
1023 KB 1070ms
431ms Stylesheet
text/css 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/_jb_static/??-eJyVUst2wiAQ/ZuuihiNVhcev4XAaGgnwGEG0/59SWJbe4xtsuJ1HzPDlW0Q2jsGxzJgOltHMgIF78he4OKtBsHwzoK9oACga2mdxmSApKY77CLfPcsRzdZHEzKYRPAhoYp5JSapiIAHqTaEOzrX0GSnVwctSeIPvHeYCRG6tmiksXS9f1gyYH517ONtkafYo4xAy7BorJtOR1tJam2AKC+7Xmw4jaqkgF6ZW5WO0M1MrPbL7W79v68I0c8rfdz0jL5SOKfCsliv9zNb2hXFw5ZYVQh9enpKlfofhJNKyH/n4dp+/9tf/Y+2PsbqvH6m+U2fkK4JSb3xMCq+Nd5Myu2wz+iE+aUFlTG/AjrMrJM6NofiZbnZrLbltnzS1aH4BOFCemA=
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache / PHP/7.4.11
Resource Hash: 5fb45b0299dfc444ae41e8ea4ecd2058be49d4660526880c4fe972548a879221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:10 GMT
Last-Modified: Wed, 17 Jan 2024 21:21:04 GMT
Server: Apache
X-Page-Optimize: cached
X-Powered-By: PHP/7.4.11
ETag: "74d44ac8e98f78d71f51db5d678540a1"
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=31536000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98

GET
H2 200 css
fonts.googleapis.com/ 93 KB
3 KB 63ms
26ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAlice%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.4.2

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7191e2857596a8ae0c05b26cae94b5f9604ba73bcd685d45897aa3578b27746

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 15:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 15:47:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 15:47:10 GMT

GET
H2 200 Zap.png
i0.wp.com/drd.com.br/wp-content/uploads/2023/04/ 6 KB
6 KB 37ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/04/Zap.png?w=303&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

75ea400c96249d6ef5fe2256943b5639110c7703dae9243a094078a9299e52c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5636
x-nc: HIT hhn 2
last-modified: Thu, 11 Jan 2024 13:12:04 GMT
server: nginx
etag: "077b5b83e5c5ae4b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/04/Zap.png>; rel="canonical"
expires: Sun, 11 Jan 2026 01:12:04 GMT

GET
H2 200 Logo-vetical-2.png
i0.wp.com/drd.com.br/wp-content/uploads/2023/04/ 12 KB
12 KB 31ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/04/Logo-vetical-2.png?fit=700%2C76&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

cd50eeb1c61edbab8b8817bb9bd24baec98e8df4fb3e0fc56a148cfd1795c878

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 11874
x-nc: HIT hhn 3
last-modified: Thu, 11 Jan 2024 13:12:06 GMT
server: nginx
etag: "9c63d7085aa91257"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/04/Logo-vetical-2.png>; rel="canonical"
expires: Sun, 11 Jan 2026 01:12:06 GMT

GET
H/1.1 200
OK widget-nav-menu.min.css
drd.com.br/wp-content/plugins/elementor-pro/assets/css/ 26 KB
26 KB 627ms
206ms Stylesheet
text/css 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: 13aeab1a9428e836ba301e52fba70d550acded1922af4b2c0d81613e869b846a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:10 GMT
Last-Modified: Tue, 02 Jan 2024 22:26:35 GMT
Server: Apache
ETag: "6760-60dfdfdc30468"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 26464

GET
H/1.1 200
OK widget-theme-elements.min.css
drd.com.br/wp-content/plugins/elementor-pro/assets/css/ 10 KB
10 KB 435ms
204ms Stylesheet
text/css 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/elementor-pro/assets/css/widget-theme-elements.min.css
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: b8ee4ffbf13817a67eb512bbba6cb23e1bc2873661942e70fb0bccb1f2bd8fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:10 GMT
Last-Modified: Tue, 02 Jan 2024 22:26:35 GMT
Server: Apache
ETag: "26fa-60dfdfdc323a8"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9978

GET
H/1.1 200
OK widget-posts.min.css
drd.com.br/wp-content/plugins/elementor-pro/assets/css/ 14 KB
14 KB 436ms
205ms Stylesheet
text/css 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: 0627b25fc29a7eb51b5c68ff6764010a723984ab0cc6be97b30a407e00bb897c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:10 GMT
Last-Modified: Tue, 02 Jan 2024 22:26:35 GMT
Server: Apache
ETag: "374b-60dfdfdc2b648"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14155

GET
H2 200 WhatsApp-Image-2024-01-20-at-21.47.48-1.jpeg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 22 KB
23 KB 21ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-20-at-21.47.48-1.jpeg?w=720&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

54c5adcf3a31b0a17008ee0749b8fa04a48d7b026248e420ff9125d1af9f64cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 22956
x-nc: MISS hhn 2
last-modified: Sun, 21 Jan 2024 14:55:25 GMT
server: nginx
etag: "1ee6e34883fff9c5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-20-at-21.47.48-1.jpeg>; rel="canonical"
expires: Wed, 21 Jan 2026 02:55:25 GMT

GET
H2 200 WhatsApp-Image-2024-01-20-at-17.17.01-scaled.jpeg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 260 KB
261 KB 338ms
335ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-20-at-17.17.01-scaled.jpeg?resize=2048%2C1151&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

8925d5639db25fdc14101ff529500121b1b88ad7057a0361e65dfddbee17f4e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 266552
x-nc: MISS hhn 3
last-modified: Sun, 21 Jan 2024 15:47:10 GMT
server: nginx
etag: "293589a01b0008f4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-20-at-17.17.01-scaled.jpeg>; rel="canonical"
expires: Wed, 21 Jan 2026 03:47:10 GMT

GET
H2 200 Luiz-Alves-Lopes.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/01/ 2 KB
2 KB 12ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/01/Luiz-Alves-Lopes.jpg?resize=128%2C128&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

525c11557eaa192f684c9eb0c67fdb0131ed4bdadf3f458a0b6e6cd756cda597

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1592
x-nc: HIT hhn 1
last-modified: Thu, 11 Jan 2024 13:12:05 GMT
server: nginx
etag: "dbc5d6444553011c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/01/Luiz-Alves-Lopes.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 01:12:05 GMT

GET
H2 200 avatar_user_47_1705434667.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 2 KB
2 KB 33ms
31ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/avatar_user_47_1705434667.jpg?resize=128%2C128&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6ca4dd44c578646ca6723ad641fa6400f4e4850c6bb3cbe4e312388996a3c9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1892
x-nc: MISS hhn 1
last-modified: Sun, 21 Jan 2024 15:47:10 GMT
server: nginx
etag: "0903c5c373d790fa"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/avatar_user_47_1705434667.jpg>; rel="canonical"
expires: Wed, 21 Jan 2026 03:47:10 GMT

GET
H3 200 Sindijori-1-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/01/ 2 KB
3 KB 28ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/01/Sindijori-1-1.jpg?resize=128%2C128&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

dcc4bac99c459f9448c4d85df6c5b4ebf9628659e91f7ccad92d772337de846c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2256
x-nc: MISS hhn 1
last-modified: Sun, 21 Jan 2024 15:47:10 GMT
server: nginx
etag: "3651c4e7243e42e9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/01/Sindijori-1-1.jpg>; rel="canonical"
expires: Wed, 21 Jan 2026 03:47:10 GMT

GET
H3 200 Bob-Villela-2.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/01/ 1 KB
2 KB 25ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/01/Bob-Villela-2.jpg?resize=128%2C128&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b1ce3ef4b578cabb1706503e9c24ec7ab37f20fee9056e96165d8171172a134e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1458
x-nc: MISS hhn 1
last-modified: Thu, 18 Jan 2024 18:22:28 GMT
server: nginx
etag: "c4e81d9d2548a35b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/01/Bob-Villela-2.jpg>; rel="canonical"
expires: Sun, 18 Jan 2026 06:22:28 GMT

GET
H3 200 Celton-Godinho.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/01/ 2 KB
2 KB 25ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/01/Celton-Godinho.jpg?resize=128%2C128&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d783f40a433e08b796f8adc16a9c18a265237c67faa807c95617249718e9c2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2146
x-nc: MISS hhn 2
last-modified: Wed, 17 Jan 2024 16:33:46 GMT
server: nginx
etag: "4113178bd4eea11b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/01/Celton-Godinho.jpg>; rel="canonical"
expires: Sat, 17 Jan 2026 04:33:46 GMT

GET
H2 200 drd.js Show response
tags.juicebarads.com/js/ 75 KB
22 KB 673ms
216ms Script
application/javascript 190.89.238.88
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.juicebarads.com/js/drd.js?v=1705851293&ver=6.4.2

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.89.238.88 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),

Reverse DNS

br204.serverdo.in

Software

nginx /

Resource Hash

6f664b0fb3c81465f75b580bdad1257ed8c8b4d5557c58f135f5a234f8dee8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	âDENYâ
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 13:44:17 GMT
server: nginx
content-encoding: gzip
etag: W/"654a3f31-12b5e"
vary: Accept-Encoding
x-frame-options: âDENYâ
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 responsivevoice.js Show response
code.responsivevoice.org/1.8.3/ 93 KB
23 KB 70ms
19ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.responsivevoice.org/1.8.3/responsivevoice.js?source=wp-plugin&ver=6.4.2

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9240ffa48a0793a624221e13063c5c91d2e3d0098aeb15843f8204f90d74807b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' responsivevoice.com responsivevoice.org .responsivevoice.com .responsivevoice.org
X-Frame-Options	ALLOW-FROM https://responsivevoice.com https://responsivevoice.org

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
content-security-policy: frame-ancestors 'self' responsivevoice.com responsivevoice.org *.responsivevoice.com *.responsivevoice.org
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3012
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Jul 2022 17:48:23 GMT
server: cloudflare
etag: W/"62c47967-1758e"
x-frame-options: ALLOW-FROM https://responsivevoice.com https://responsivevoice.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RLLUZXSaXahT8%2Fn9PJc3qzVYtotQHdx06exWHBoeLnv4OB%2FfqqSb%2Bm2BF9SkzMZmsBJC8G%2BjMWbo%2FrkBNavDzJ9vz2Skf%2B2TLdD92wsjgKCOQH1PXmcOw1Q6ETzYjzOEo5wiIYsdgy1kUSeS7J1XozQ5Rqcpj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8490b1b6e8ee1911-FRA

GET
H/1.1 200
OK wpp.min.js Show response
drd.com.br/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
5 KB 380ms
198ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.3.4
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:10 GMT
Last-Modified: Thu, 09 Nov 2023 18:53:53 GMT
Server: Apache
ETag: "1194-609bcb9ae2144"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4500

GET
H/1.1 200
OK jquery.min.js Show response
drd.com.br/wp-includes/js/jquery/ 86 KB
86 KB 407ms
206ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:10 GMT
Last-Modified: Wed, 08 Nov 2023 23:12:45 GMT
Server: Apache
ETag: "15601-609ac399e7d76"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 87553

GET
H/1.1 200
OK jquery-migrate.min.js Show response
drd.com.br/wp-includes/js/jquery/ 13 KB
14 KB 207ms
205ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-includes/js/jquery/jquery-migrate.min.js?m=1691623430
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:10 GMT
Last-Modified: Wed, 09 Aug 2023 23:23:50 GMT
Server: Apache
ETag: "3509-60285c5a7dc8f"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 13577

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 88ms
34ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-M6JHD6G

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abe0f4b5d093ea88cac5ca9c8eecc60d1239b9d4a6096a6ed81227fbe9a06bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93278
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jan 2024 15:47:10 GMT

GET
H2 200 horoscopo.js Show response
widget.horoscopovirtual.com.br/js/ 1 KB
1 KB 987ms
434ms Script
application/javascript 2606:4700:20::681a:de0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.horoscopovirtual.com.br/js/horoscopo.js?background=ffffff&color=585ca9&border=ffffff&text=585ca9&font=roboto
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:de0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b903fb9e277701d1aed32bcd887e2484aaa4c17fd0e4ce5e474b32a7618ef66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 07 Nov 2023 16:27:53 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1374
etag: W/"654a6589-55e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhDm%2FcUwL4FoVlnS7PzprY21X%2FZcI166j%2Bh89Sk2bvcXviVoNPcsX2BtyXrPTKth%2BFAUeR2kC1630MpR0SqNee2WV1NfUTQn6OojwJfkjCSNFaoykKVt8ey%2BHf0PCJq4EYYqimHTBcvoiMyYS23IQSi4NN1S2MQWpQdutw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8490b1ba0cd31c11-FRA
expires: Mon, 20 Jan 2025 15:47:11 GMT

GET
H/1.1 200
OK image-cdn.js Show response
drd.com.br/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 701 B
982 B 363ms
201ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?m=1703616522
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: 27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:10 GMT
Last-Modified: Tue, 26 Dec 2023 18:48:42 GMT
Server: Apache
ETag: "2bd-60d6e21a53c19"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 701

GET
H2 200 39934521.js Show response
js.hs-scripts.com/ 1 KB
1 KB 162ms
122ms Script
application/javascript 2606:4700::6810:bf59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/39934521.js?integration=WordPress&ver=10.2.17

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bf59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4698729152ca0e9d1076e44c473d3868a0977a5dd1552a544106d5c5efeba49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 886bdebe-6305-4f25-9cc0-f7109332e2e4
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 886bdebe-6305-4f25-9cc0-f7109332e2e4
last-modified: Sun, 21 Jan 2024 15:47:10 GMT
server: cloudflare
x-trace: 2B0693271A5B0024E3C599D3CF0E1D88889F130AB1000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://drd.com.br
x-evy-trace-virtual-host: all
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-s88lp
cf-ray: 8490b1b6de606ab8-FRA
expires: Sun, 21 Jan 2024 15:48:40 GMT

GET
H/1.1 404
Not Found theme.js
drd.com.br/wp-content/themes/jnews/dist/ 0
0 1419ms
1372ms Script
text/html 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/themes/jnews/dist/theme.js?ver=6.4.2
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache / PHP/7.4.11
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:11 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/7.4.11
Vary: Accept-Encoding,Cookie
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://drd.com.br/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK / Show response
drd.com.br/_jb_static/ 309 KB
309 KB 424ms
422ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/_jb_static/??-eJyNzkEKwjAQQNHbuLIdAqbYRXHtMWIympTMpGTGFm+vLS5EENy/Dx+WqUns8z2gwCjgCxGyNhWn/GgpcTvKHr5QLDPWM+sL/iKJ3A0lFxcwfBpftgw0Iq2ScRFwIqgCIYnCtW7i72jdUcpWYprfzYkG0/X94WhNZ3f+Mpgn11ZUIQ==
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache / PHP/7.4.11
Resource Hash: efa9fa35d165f6b4bba253e1ab7b01adf1c25b2b460b2f809fede56b97f5bc0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:11 GMT
Last-Modified: Wed, 08 Nov 2023 23:12:45 GMT
Server: Apache
X-Page-Optimize: cached
X-Powered-By: PHP/7.4.11
ETag: "4b290c91cd311339830725cbea8e10d8"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

GET
H/1.1 404
Not Found plugin.js
drd.com.br/wp-content/themes/jnews-child/jnews-modules/weather/assets/js/ 0
0 1562ms
1561ms Script
text/html 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/themes/jnews-child/jnews-modules/weather/assets/js/plugin.js?ver=1
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache / PHP/7.4.11
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:11 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/7.4.11
Vary: Accept-Encoding,Cookie
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://drd.com.br/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=98
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK / Show response
drd.com.br/_jb_static/ 225 KB
226 KB 912ms
912ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/_jb_static/??-eJydkN0KwjAMhd/GK9c4cIgXw2fp2mx2659N69jb2w1ERJHiZZLvnJwEZl8JZyPaCF6nQVkC1Ghy7ULlgwNOhJFAqw7I8BDzKBGMt4RhYa8OM8qykfZQajgSzNh5Lqa1y0KyURkssvm0+Ffehw2SlXEyaXy7Qlmhk8SNk4oi3DOY1XnknV56pXVmMMQSUcABM8vXJ3zJWrDrJ351bnqGv5i2Ph2O5/rQ1M1OdG39AKMutmI=
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache / PHP/7.4.11
Resource Hash: c616bad8e4a425c2be2a59c297a4b7630982535042dfe418cb4fc9dfcb1b8536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:11 GMT
Last-Modified: Wed, 10 Jan 2024 18:15:15 GMT
Server: Apache
X-Page-Optimize: cached
X-Powered-By: PHP/7.4.11
ETag: "59b547af5773a806ecfc23d6d98b4847"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK i18n.min.js Show response
drd.com.br/wp-includes/js/dist/ 9 KB
10 KB 205ms
205ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: 698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:11 GMT
Last-Modified: Wed, 09 Aug 2023 23:23:50 GMT
Server: Apache
ETag: "24e5-60285c5a74fef"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9445

GET
H/1.1 200
OK frontend.min.js Show response
drd.com.br/wp-content/plugins/elementor-pro/assets/js/ 25 KB
25 KB 214ms
213ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.18.2
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: ea545fbe45f0f4005e27955f6b63c236438679566c666842f98c24dac9d3e70e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:11 GMT
Last-Modified: Tue, 02 Jan 2024 22:26:35 GMT
Server: Apache
ETag: "6237-60dfdfdc23948"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 25143

GET
H/1.1 200
OK / Show response
drd.com.br/_jb_static/ 33 KB
33 KB 624ms
624ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/_jb_static/??/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js,/wp-includes/js/jquery/ui/core.min.js?m=1704910515&cb=1
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache / PHP/7.4.11
Resource Hash: 8ee4793fcd9fa41e3edd4013ff27f7986b296e019a2a2de4f629294d126cd77f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:11 GMT
Last-Modified: Wed, 10 Jan 2024 18:15:15 GMT
Server: Apache
X-Page-Optimize: cached
X-Powered-By: PHP/7.4.11
ETag: "bbe7b98be093036301eec1d7ad5b5770"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK frontend.min.js Show response
drd.com.br/wp-content/plugins/elementor/assets/js/ 39 KB
40 KB 214ms
214ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.19.0-dev2
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: 8cae2ca17fa417df329ce23a9053c4087bff82f9ed6f88793fb4c8222f3b820d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:11 GMT
Last-Modified: Wed, 10 Jan 2024 18:15:15 GMT
Server: Apache
ETag: "9d72-60e9b69a1319a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 40306

GET
H/1.1 200
OK elements-handlers.min.js Show response
drd.com.br/wp-content/plugins/elementor-pro/assets/js/ 37 KB
38 KB 213ms
212ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.18.2
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: 503f20b8f6709c55f119a78910163881b3b3ac32d9b6283a914be20107111f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:11 GMT
Last-Modified: Tue, 02 Jan 2024 22:26:35 GMT
Server: Apache
ETag: "94f4-60dfdfdc2b648"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 38132

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 54ms
16ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAlice%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drd.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:46:50 GMT
x-content-type-options: nosniff
age: 396020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 01:46:50 GMT

GET
H2 200 player.php Show response
fb.radiosnaweb.com/hls/ Frame 0D13 769 B
520 B 790ms
235ms Document
text/html 170.81.43.202
Ferenz Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://fb.radiosnaweb.com/hls/player.php?dnipf=5a2b083e9f360.streamlock.net&canal=imparsomhd&canal2=imparsomhd&wowza=0&lar=320&alt=42&tipo=3&autostart=true&mute=50&nome=imparsomhd
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.81.43.202 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS: rw.servidoresbrasil.com
Software: nginx / PHP/7.3.33 PleskLin
Resource Hash: a4e6c297997f7a0d940c4cb30e37938934ea37799db090fafb2d282318ad3931

Request headers

Referer: https://drd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=ISO-8859-1
date: Sun, 21 Jan 2024 15:47:11 GMT
server: nginx
x-cache-status: BYPASS
x-powered-by: PHP/7.3.33 PleskLin

GET
H2 200 player.php Show response
fb.radiosnaweb.com/hls/ Frame 635A 771 B
522 B 784ms
235ms Document
text/html 170.81.43.202
Ferenz Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://fb.radiosnaweb.com/hls/player.php?dnipf=5a2b083e9f360.streamlock.net&canal=ibiturunafm&canal2=ibiturunafm&wowza=0&lar=320&alt=42&tipo=3&autostart=true&mute=50&nome=ibiturunafm
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.81.43.202 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS: rw.servidoresbrasil.com
Software: nginx / PHP/7.3.33 PleskLin
Resource Hash: 90e6b772ad9489432d6ed49bc5a46e9f8050a4fd78310cb52483b9be968872e4

Request headers

Referer: https://drd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=ISO-8859-1
date: Sun, 21 Jan 2024 15:47:11 GMT
server: nginx
x-cache-status: BYPASS
x-powered-by: PHP/7.3.33 PleskLin

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drd.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 169669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 16:39:21 GMT

GET
H3 200 Ingressos-para-a-estreia-do-Democrata-no-Mineiro-estarao-a-venda-a-partir-de-segunda-feira.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 72 KB
72 KB 23ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Ingressos-para-a-estreia-do-Democrata-no-Mineiro-estarao-a-venda-a-partir-de-segunda-feira.jpg?w=1000&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a1d16f157706b46739c782f88a93ccd2148d58974215c02d9adb88298ef19305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 73304
x-nc: HIT hhn 4
last-modified: Fri, 19 Jan 2024 22:23:52 GMT
server: nginx
etag: "029cb57db86e600e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Ingressos-para-a-estreia-do-Democrata-no-Mineiro-estarao-a-venda-a-partir-de-segunda-feira.jpg>; rel="canonical"
expires: Mon, 19 Jan 2026 10:23:52 GMT

GET
H3 200 ufjf-1.jpeg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 16 KB
17 KB 31ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ufjf-1.jpeg?w=640&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

4265d3f5cd80199dad39e5e2fadef16e4da2d44616a6cb7aafa89ccd62ca4a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 16552
x-nc: HIT hhn 3
last-modified: Fri, 19 Jan 2024 19:27:00 GMT
server: nginx
etag: "da4df1bfc38c1fef"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/ufjf-1.jpeg>; rel="canonical"
expires: Mon, 19 Jan 2026 07:27:00 GMT

GET
H3 200 WhatsApp-Image-2024-01-19-at-15.46.24-1.jpeg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 75 KB
76 KB 32ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-19-at-15.46.24-1.jpeg?w=1032&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f23dc5f9dcf597316a38b53fcf69f40b50d5639b29177cd8b55d14f1c0c7bb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 76918
x-nc: HIT hhn 2
last-modified: Fri, 19 Jan 2024 22:23:56 GMT
server: nginx
etag: "2bf379b5b9087043"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-19-at-15.46.24-1.jpeg>; rel="canonical"
expires: Mon, 19 Jan 2026 10:23:56 GMT

GET
H3 200 Ja-estao-abertas-as-inscricoes-para-o-Enem-dos-concursos.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 69 KB
70 KB 37ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Ja-estao-abertas-as-inscricoes-para-o-Enem-dos-concursos.jpg?w=1000&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

67c9b6793bce65f57dd2df058a4e06f68d4cffee9970177cc2adbf83be98e109

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 70766
x-nc: HIT hhn 3
last-modified: Fri, 19 Jan 2024 19:27:00 GMT
server: nginx
etag: "23adcf0c59181d25"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Ja-estao-abertas-as-inscricoes-para-o-Enem-dos-concursos.jpg>; rel="canonical"
expires: Mon, 19 Jan 2026 07:27:00 GMT

GET
H3 200 Valadares-recebe-etapa-do-Mineiro-de-Parapente-em-fevereiro.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 67 KB
67 KB 39ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Valadares-recebe-etapa-do-Mineiro-de-Parapente-em-fevereiro.jpg?w=1000&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

8a32eeb2e141a6de6ae1b228c3c088bf05fa5ffcb88aecd94cdcbf3802b185dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 68566
x-nc: HIT hhn 4
last-modified: Fri, 19 Jan 2024 19:27:00 GMT
server: nginx
etag: "f958dc3e8320c2ed"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Valadares-recebe-etapa-do-Mineiro-de-Parapente-em-fevereiro.jpg>; rel="canonical"
expires: Mon, 19 Jan 2026 07:27:00 GMT

GET
H3 200 person-paying-with-its-smartphone-wallet-app.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 38 KB
39 KB 42ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/person-paying-with-its-smartphone-wallet-app.jpg?w=1000&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

edbf7e3c6a7909dbcb3dbfbf887c39613ad3ff354b10743bdce461684c213239

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 39226
x-nc: HIT hhn 3
last-modified: Sun, 21 Jan 2024 10:25:27 GMT
server: nginx
etag: "93abc6af4481c666"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/person-paying-with-its-smartphone-wallet-app.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:27 GMT

GET
H3 200 ANGELICA.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 22 KB
22 KB 49ms
34ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ANGELICA.jpg?w=650&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

fea6630edeb42171fed7030306489b90988aa11b20953c7056d43eb61e2247ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 22614
x-nc: HIT hhn 1
last-modified: Sat, 20 Jan 2024 23:14:58 GMT
server: nginx
etag: "f1ae356c2c30ec16"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/ANGELICA.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 11:14:58 GMT

GET
H3 200 WhatsApp-Image-2024-01-20-at-10.52.13.jpeg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 143 KB
144 KB 49ms
35ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-20-at-10.52.13.jpeg?w=1200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

cfef418ef02c4bc78cac47615c713c4cece812f26ef24457bd37c20a6286c391

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 146704
x-nc: HIT hhn 1
last-modified: Sat, 20 Jan 2024 19:04:32 GMT
server: nginx
etag: "e8ec16581d5310c3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-20-at-10.52.13.jpeg>; rel="canonical"
expires: Tue, 20 Jan 2026 07:04:32 GMT

GET
H3 200 WhatsApp-Image-2024-01-20-at-12.02.26-1.jpeg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 157 KB
158 KB 49ms
36ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-20-at-12.02.26-1.jpeg?w=899&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b8ba952cc43ebb948172545abeab28d53e1a79be90f1261a305226357048f6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 160990
x-nc: HIT hhn 1
last-modified: Sat, 20 Jan 2024 23:14:58 GMT
server: nginx
etag: "fff00b9f314eaa12"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-20-at-12.02.26-1.jpeg>; rel="canonical"
expires: Tue, 20 Jan 2026 11:14:58 GMT

GET
H3 200 PC-apreende-veiculo-clonado-avaliado-em-mais-de-meio-milhao-de-reais-em-Valadares.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 37 KB
37 KB 51ms
37ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/PC-apreende-veiculo-clonado-avaliado-em-mais-de-meio-milhao-de-reais-em-Valadares.jpg?w=1000&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d8848f82e8c8007a7361443f11c4ead6d524d315e78d089a93a0e146634a956b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 37530
x-nc: HIT hhn 3
last-modified: Sat, 20 Jan 2024 19:04:32 GMT
server: nginx
etag: "37412fa5d21e0332"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/PC-apreende-veiculo-clonado-avaliado-em-mais-de-meio-milhao-de-reais-em-Valadares.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 07:04:32 GMT

GET
H3 200 Mega-operacao-contra-faccao-criminosa-mobiliza-170-policiais-em-Minas-17-pessoas-foram-presas.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 107 KB
108 KB 52ms
39ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Mega-operacao-contra-faccao-criminosa-mobiliza-170-policiais-em-Minas-17-pessoas-foram-presas.jpg?w=1000&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

81ea53485f80aedba2a0578404835ba9a7d955cccfeb7e095654493d66c3e981

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 109704
x-nc: HIT hhn 4
last-modified: Fri, 19 Jan 2024 18:59:15 GMT
server: nginx
etag: "f1481555d08ade45"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Mega-operacao-contra-faccao-criminosa-mobiliza-170-policiais-em-Minas-17-pessoas-foram-presas.jpg>; rel="canonical"
expires: Mon, 19 Jan 2026 06:59:15 GMT

GET
H3 200 Univale-4.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/06/ 3 KB
3 KB 54ms
42ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/06/Univale-4.jpg?fit=275%2C60&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

46b6bc9e7a6f163d7f2089c50ef5a7f5d8d10237bb3746f8f2b26df5b2739697

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3042
x-nc: HIT hhn 3
last-modified: Wed, 10 Jan 2024 22:32:33 GMT
server: nginx
etag: "c8a11eadbd2547ff"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/06/Univale-4.jpg>; rel="canonical"
expires: Sat, 10 Jan 2026 10:32:33 GMT

GET
H3 200 igor01.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 36 KB
36 KB 53ms
43ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/igor01.jpg?w=1600&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

2dfdbfb1fa6600f2adf294665934ea65796e1a29a29d1f567b7a0b4ef30cc99f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 36548
x-nc: MISS hhn 3
last-modified: Sun, 21 Jan 2024 15:47:11 GMT
server: nginx
etag: "66f6a7fb1b3f90b9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/igor01.jpg>; rel="canonical"
expires: Wed, 21 Jan 2026 03:47:11 GMT

GET
H/1.1 200
OK animations.min.css
drd.com.br/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
18 KB 207ms
207ms Stylesheet
text/css 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?m=1704910515
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:12 GMT
Last-Modified: Wed, 10 Jan 2024 18:15:15 GMT
Server: Apache
ETag: "4824-60e9b69a1be3a"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18468

GET
BLOB 200
OK b6792c11-2530-46a0-ae35-f48064cfe99c
https://drd.com.br/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://drd.com.br/b6792c11-2530-46a0-ae35-f48064cfe99c
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 233 KB
84 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9B9B8W

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3f1709af38abfbd404fa764c730190cf055b517d05a212f9b379e48e0b994ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85639
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Jan 2024 15:47:11 GMT

GET
H2 200 39934521.js Show response
js.hs-analytics.net/analytics/1705851900000/ 66 KB
21 KB 499ms
438ms Script
text/javascript 2606:4700::6810:4fba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1705851900000/39934521.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/39934521.js?integration=WordPress&ver=10.2.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e163822018c84b39a126870ff4ad791e558465481682d6c47321a4703c8c36b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: ZFHQ903C5A7ZK19R
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 08c30181-2d90-40cf-b841-575319b93fde
x-envoy-upstream-service-time: 43
x-amz-id-2: //D8kzad7+6+q9s9/T3P4/g1S3M1B7oH6JtIpeVHTTCE+SqkGYVSruZZ3vCsJtCf8iDqoaFQIaRvVOLg5J8qVQ==
x-evy-trace-listener: listener_https
x-request-id: 08c30181-2d90-40cf-b841-575319b93fde
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 03 Jan 2024 17:27:49 GMT
server: cloudflare
etag: W/"0a9f9f7871ae97e9e14734fca3455989"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-dk98m
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8490b1bc594d5d66-FRA
expires: Sun, 21 Jan 2024 15:52:11 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/39934521/ 65 KB
21 KB 471ms
420ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/39934521/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/39934521.js?integration=WordPress&ver=10.2.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 128759092dde19c09b25293c1fe8d84fc9c4ea86b81c213d465b235521486402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-amz-version-id: XERkUWViS8wq5j7Le4Kw8sFSPdje0AtW
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: ZFHWTGHCWT914YCY
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 7e7f7166-cefa-4298-91eb-9142845d570a
x-envoy-upstream-service-time: 19
x-amz-id-2: H6+eSqiMh8qDw7bFesSjuQYUuIgMExBpZwL2C9EQCf12shJVVqmSXtUKGSc1veqIEvU6CslMa5k=
x-evy-trace-listener: listener_https
x-request-id: 7e7f7166-cefa-4298-91eb-9142845d570a
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 11 Jan 2024 23:39:54 GMT
server: cloudflare
etag: W/"dff1f9d273afd9a9bdc7a67ced0ebac1"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://drd.com.br
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-7zm4v
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8490b1bc5ea31c17-FRA
expires: Sun, 21 Jan 2024 15:52:11 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 167ms
124ms Script
application/javascript 2606:4700::6811:599a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/39934521.js?integration=WordPress&ver=10.2.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:599a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drd.com.br/
Origin: https://drd.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-amz-version-id: JAkD5shSwdxe4gNEROP8R.wQbdFvcCSE
via: 1.1 7c77abdf1c625c25627fe2a24e660a34.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: e857314f-72e0-4d5f-a6d9-d1ed8f3c059e
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.451/bundles/project.js&cfRay=8490b1bc7be59150-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e857314f-72e0-4d5f-a6d9-d1ed8f3c059e
last-modified: Wed, 03 Jan 2024 09:59:36 UTC
server: cloudflare
etag: W/"dc52d8d37d1323196ca91b50795df6c4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-h748p
cf-ray: 8490b1bc7be59150-FRA
x-amz-cf-id: -8ndOvadjveay_ughUo2B28s7ffum8SIUOqpwMpDyxgNHzqw1FaTlA==
x-hs-target-asset: collected-forms-embed-js/static-1.451/bundles/project.js

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 60ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWKQ2CRHK1&gtm=45Pe41h0v9101524707&_p=1705852031352&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1561389508.1705852031&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705852031&sct=1&seg=0&dl=https%3A%2F%2Fdrd.com.br%2F&dt=DRD%20-%20Di%C3%A1rio%20do%20Rio%20Doce&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4785
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-M6JHD6G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drd.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 76ms
20ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RWKQ2CRHK1&cid=1561389508.1705852031&gtm=45Pe41h0v9101524707&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-M6JHD6G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drd.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 120ms
40ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RWKQ2CRHK1&cid=1561389508.1705852031&gtm=45Pe41h0v9101524707&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=132382431

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Emigrante-3.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/11/ 11 KB
11 KB 8ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/11/Emigrante-3.jpg?fit=1000%2C80&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/_jb_static/??-eJyVUst2wiAQ/ZuuihiNVhcev4XAaGgnwGEG0/59SWJbe4xtsuJ1HzPDlW0Q2jsGxzJgOltHMgIF78he4OKtBsHwzoK9oACga2mdxmSApKY77CLfPcsRzdZHEzKYRPAhoYp5JSapiIAHqTaEOzrX0GSnVwctSeIPvHeYCRG6tmiksXS9f1gyYH517ONtkafYo4xAy7BorJtOR1tJam2AKC+7Xmw4jaqkgF6ZW5WO0M1MrPbL7W79v68I0c8rfdz0jL5SOKfCsliv9zNb2hXFw5ZYVQh9enpKlfofhJNKyH/n4dp+/9tf/Y+2PsbqvH6m+U2fkK4JSb3xMCq+Nd5Myu2wz+iE+aUFlTG/AjrMrJM6NofiZbnZrLbltnzS1aH4BOFCemA=

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

92a80608054c3f8fd26021753e2c005e96ffff298f238f9e7540072036fe996a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 11224
x-nc: HIT hhn 4
last-modified: Tue, 16 Jan 2024 04:36:43 GMT
server: nginx
etag: "80dfbe7f50f74699"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/11/Emigrante-3.jpg>; rel="canonical"
expires: Thu, 15 Jan 2026 16:36:43 GMT

GET
H3 200 OpNCnoEEmtHa6GcOrg4.woff2
fonts.gstatic.com/s/alice/v20/ 25 KB
25 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alice/v20/OpNCnoEEmtHa6GcOrg4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73f21482958d69c7fb4481ea9f7741fe64be178081ef506805bd7bbd67cbff70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drd.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:19:22 GMT
x-content-type-options: nosniff
age: 394069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25212
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 17:50:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:19:22 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drd.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 20:44:46 GMT
x-content-type-options: nosniff
age: 414145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 20:44:46 GMT

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drd.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:32:38 GMT
x-content-type-options: nosniff
age: 393273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:32:38 GMT

GET
H3 200 janeirobranco.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 30 KB
31 KB 33ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/janeirobranco.jpg?w=1200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e760704ef6545fcb3d58d99a719f5e8cc0eb669e2b713fc34c227c81e0b28213

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 30964
x-nc: MISS hhn 1
last-modified: Sun, 21 Jan 2024 15:47:11 GMT
server: nginx
etag: "2f1cf5d7907876aa"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/janeirobranco.jpg>; rel="canonical"
expires: Wed, 21 Jan 2026 03:47:11 GMT

GET
H3 200 rincon.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 99 KB
99 KB 17ms
12ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/rincon.jpg?w=1080&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

ad0511ff7ece05b25d40c90d00e5fb1cc692676cabcd8e02d43d52f2e728ed73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 100872
x-nc: HIT hhn 3
last-modified: Fri, 19 Jan 2024 18:34:03 GMT
server: nginx
etag: "e7f7bf1346177b99"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/rincon.jpg>; rel="canonical"
expires: Mon, 19 Jan 2026 06:34:03 GMT

GET
H3 200 tenista-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 21 KB
21 KB 14ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/tenista-1.jpg?w=369&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

55fc78862b569321b8708c43056f7ca920b796208ea120f40ff1bb4875294997

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 21322
x-nc: HIT hhn 3
last-modified: Thu, 18 Jan 2024 20:27:10 GMT
server: nginx
etag: "ebb68b724eb68fc3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/tenista-1.jpg>; rel="canonical"
expires: Sun, 18 Jan 2026 08:27:10 GMT

GET
H3 200 daniel-2.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 49 KB
50 KB 18ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/daniel-2.jpg?w=1000&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a086774cdbb0466139fc032561f0338bb9d678dac4304d9e81d7eb6cd147badd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 50418
x-nc: HIT hhn 4
last-modified: Fri, 19 Jan 2024 13:14:31 GMT
server: nginx
etag: "471b00ee3bf0f577"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/daniel-2.jpg>; rel="canonical"
expires: Mon, 19 Jan 2026 01:14:31 GMT

GET
H3 200 EDITAIS.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/11/ 14 KB
15 KB 20ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/11/EDITAIS.jpg?fit=800%2C94&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f30c3d110d1fb0e87a1212b10d8b24ae8be9206e2ee0e91c583ec95e010480c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 14820
x-nc: HIT hhn 2
last-modified: Thu, 11 Jan 2024 13:12:11 GMT
server: nginx
etag: "d01057e1fa03e2d2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/11/EDITAIS.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 01:12:11 GMT

GET
H3 200 TV-Leste.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/11/ 2 KB
2 KB 22ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/11/TV-Leste.jpg?fit=275%2C60&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f10edb33bef155eaa49a96ed794bdaab4ce8116e3085453c669699091f64d998

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1948
x-nc: HIT hhn 2
last-modified: Thu, 11 Jan 2024 13:12:16 GMT
server: nginx
etag: "29aebea22aeda65f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/11/TV-Leste.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 01:12:16 GMT

GET
H3 200 dengue-2.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 46 KB
46 KB 15ms
11ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/dengue-2.jpg?zoom=3&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

ae35600988e41a9a61eb01be47f2f1929c69dfad4b519211feaea08a9a0f9d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 47116
x-nc: HIT hhn 4
last-modified: Fri, 19 Jan 2024 01:29:44 GMT
server: nginx
etag: "c3bfe03fa130465f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/dengue-2.jpg>; rel="canonical"
expires: Sun, 18 Jan 2026 13:29:44 GMT

GET
H3 200 janeiroroxo.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 19 KB
19 KB 20ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/janeiroroxo.jpg?zoom=2&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d2f090411faebdf8480023fa064f0d3ae391a5c101cb3395bfbd6d387e452e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19560
x-nc: HIT hhn 4
last-modified: Fri, 19 Jan 2024 13:14:31 GMT
server: nginx
etag: "8905fd69c7e9ce85"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/janeiroroxo.jpg>; rel="canonical"
expires: Mon, 19 Jan 2026 01:14:31 GMT

GET
H3 200 janeirobranco-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 11 KB
12 KB 22ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/janeirobranco-1.jpg?zoom=2&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d1d59d2e6c991e492153ca5f15d739f1fbee1dbe716aa75ab16c624dc8f774d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 11716
x-nc: HIT hhn 3
last-modified: Fri, 19 Jan 2024 13:14:31 GMT
server: nginx
etag: "4befcb366e7df6d3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/janeirobranco-1.jpg>; rel="canonical"
expires: Mon, 19 Jan 2026 01:14:31 GMT

GET
H3 200 acidente-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 72 KB
73 KB 23ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/acidente-1.jpg?zoom=3&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

03f014fecb14c0348ad274dc6100756d4eeae1cd4cc3d05a8c3d3406e69ee5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 74168
x-nc: HIT hhn 1
last-modified: Fri, 19 Jan 2024 13:14:31 GMT
server: nginx
etag: "b367dd0ed414056e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/acidente-1.jpg>; rel="canonical"
expires: Mon, 19 Jan 2026 01:14:31 GMT

GET
H3 200 dengue-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 12 KB
12 KB 21ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/dengue-1.jpg?zoom=2&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e95962f1cad9a680046260c7ecdbbe11592468485494d52d91d8f96c94b23c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 12116
x-nc: HIT hhn 4
last-modified: Thu, 18 Jan 2024 16:31:36 GMT
server: nginx
etag: "b49bc39cf6515866"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/dengue-1.jpg>; rel="canonical"
expires: Sun, 18 Jan 2026 04:31:36 GMT

GET
H3 200 Agenda.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/12/ 4 KB
4 KB 24ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/12/Agenda.jpg?fit=321%2C80&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

9c4cd77916dbcef806e3e18bda2cd8ca168e2c04629e94ba96823d4fcaddbf96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4024
x-nc: HIT hhn 4
last-modified: Wed, 10 Jan 2024 22:33:05 GMT
server: nginx
etag: "90355af52d36d6b5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/12/Agenda.jpg>; rel="canonical"
expires: Sat, 10 Jan 2026 10:33:05 GMT

GET
H3 200 Samuel-Martins.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 42 KB
42 KB 24ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Samuel-Martins.jpg?zoom=2&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

1a2e0d044c5b50f16f7599e52b5a93d85c557939e6fab62e0a253a378d06695f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 43100
x-nc: HIT hhn 4
last-modified: Mon, 15 Jan 2024 23:25:55 GMT
server: nginx
etag: "397abeea2dd4970c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Samuel-Martins.jpg>; rel="canonical"
expires: Thu, 15 Jan 2026 11:25:55 GMT

GET
H3 200 Viviane-Donde.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 17 KB
17 KB 25ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Viviane-Donde.jpg?zoom=2&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

3e0289d8845b02eab20372883d292c8d4131bb9375703119cb9106a7f4f12558

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 17000
x-nc: HIT hhn 1
last-modified: Mon, 15 Jan 2024 23:25:53 GMT
server: nginx
etag: "0191eb816f0b671c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Viviane-Donde.jpg>; rel="canonical"
expires: Thu, 15 Jan 2026 11:25:53 GMT

GET
H3 200 SENADOR-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 15 KB
15 KB 25ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/SENADOR-1.jpg?zoom=2&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

fce94aac851d686b92257ba5992aa739f73fdc66c862e96b86834db5c0fde7be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 15382
x-nc: HIT hhn 1
last-modified: Thu, 11 Jan 2024 18:17:51 GMT
server: nginx
etag: "2514d4c11217d4ab"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/SENADOR-1.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 06:17:51 GMT

GET
H3 200 CINEMA3.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/04/ 33 KB
33 KB 26ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/04/CINEMA3.jpg?w=500&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

76a41c3aad9f0671bea786393c8925e79276361c222acd0a89ae82d56edad9ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 33600
x-nc: HIT hhn 4
last-modified: Thu, 11 Jan 2024 13:12:22 GMT
server: nginx
etag: "fd7166ab5c7cc2f1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/04/CINEMA3.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 01:12:22 GMT

GET
H3 200 madonna.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 18 KB
19 KB 27ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/madonna.jpg?zoom=2&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

947ef7ae722a99c0973ead4076d447c13b8a0d4b80e1b206cd3ef846429f1dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 18808
x-nc: HIT hhn 1
last-modified: Sun, 21 Jan 2024 10:55:38 GMT
server: nginx
etag: "d9a1cd7d5b6a29fe"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/madonna.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:55:38 GMT

GET
H3 200 10-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 94 KB
94 KB 27ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/10-1.jpg?zoom=3&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

90b7489f8e4208906622929ac8af43e3a202e7e9cdd9cfcaea6d47bf497e0553

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 95778
x-nc: HIT hhn 3
last-modified: Mon, 15 Jan 2024 23:25:54 GMT
server: nginx
etag: "6451f36dccacaf81"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/10-1.jpg>; rel="canonical"
expires: Thu, 15 Jan 2026 11:25:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 93ms
22ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9B9B8W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 Jan 2024 14:17:48 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5363
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 21 Jan 2024 16:17:48 GMT

GET
H2 200 hotjar-1624119.js Show response
static.hotjar.com/c/ 9 KB
4 KB 96ms
58ms Script
application/javascript 52.222.139.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1624119.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9B9B8W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-110.ams50.r.cloudfront.net

Software

Resource Hash

fb4afdcf42b82f6208807e665617a1fd9cc77a340f5d235503d4f90db0fa1574

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 fc8f1559bec15e56ec52376ce42c7d90.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
etag: W/268855464348d4072013820521f761f8
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ZZGFN3qMX2t2ldRWR908i5Du4_JYfU61rKdOGq4nAjKg_piilzHHJA==

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/585138387/ 3 KB
2 KB 97ms
54ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/585138387/?random=1705852031701&cv=11&fst=1705852031701&bg=ffffff&guid=ON&async=1&gtm=45He41h0v830314507&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdrd.com.br%2F&label=5YDxCI6xpN8BENOBgpcC&hn=www.googleadservices.com&frm=0&tiba=DRD%20-%20Di%C3%A1rio%20do%20Rio%20Doce&value=0&bttype=purchase&auid=1278253825.1705852032&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9B9B8W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

aea57c116a67a7005d3cc45037fafa78981bde9fc0939488c4d14381f3dcb04c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1643
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 74ms
14ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 21 Jan 2024 15:47:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57023
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: TNEr8Z2wpVjjwvrvxKiZHZkdjastYDMXs3tOsqA5TQj0xzdJn1EZ/cF3g0gAb1g8QPTXa6NObNL/Fc33YkFuOg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/@clappr/player@latest/dist/ Frame 635A 605 KB
161 KB 72ms
42ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js

Requested by

Host: fb.radiosnaweb.com
URL: https://fb.radiosnaweb.com/hls/player.php?dnipf=5a2b083e9f360.streamlock.net&canal=ibiturunafm&canal2=ibiturunafm&wowza=0&lar=320&alt=42&tipo=3&autostart=true&mute=50&nome=ibiturunafm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0445a4b98a570af2253cd291c241a2e716e4105ffeec79628e058a8fe77aaedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.radiosnaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32704
x-jsd-version: 0.5.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230050-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"9749e-b9gRAIPgw4fY+0mk1qUmSyjHVfg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dik2jzIMxn3tanmMIqHD1M52kJP2gU26tGeajmlhjFdwmlXR30q3LgOnhxxX92G3MTzQ57I00YOFnX3TmuNxFwEqiSXdI0YlCfe2RpJGIGdnRxBmCP0g%2FcsVadrMuuOHGnIcVFewaZnSKOBNKts%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8490b1beab0b1e5a-FRA

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/@clappr/player@latest/dist/ Frame 0D13 605 KB
161 KB 56ms
29ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js

Requested by

Host: fb.radiosnaweb.com
URL: https://fb.radiosnaweb.com/hls/player.php?dnipf=5a2b083e9f360.streamlock.net&canal=imparsomhd&canal2=imparsomhd&wowza=0&lar=320&alt=42&tipo=3&autostart=true&mute=50&nome=imparsomhd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0445a4b98a570af2253cd291c241a2e716e4105ffeec79628e058a8fe77aaedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.radiosnaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32704
x-jsd-version: 0.5.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230050-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"9749e-b9gRAIPgw4fY+0mk1qUmSyjHVfg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5riRSOHwtepSm%2ByR%2BI30IgS2Kdwty7EaE3VheNAjaTl3kdNj1W5bt9NXT3Um3TFfRaVw%2FO94CaDwDQefAM7ZyZHl7KyYp7pPvUC%2FAxHvho0jxWtUEprpRZAJwOOk%2B8rXjRHTWycntGf0QtKAXVA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8490b1beab0d1e5a-FRA

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 116 B
426 B 122ms
113ms XHR
application/json 2606:4700::6811:599a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=39934521&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:599a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db462b72eef6737a233fb0c331c28955f5a0bb6ce059b71d6dd93cf0df94d072

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://drd.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e05c7eed-dfb3-4b08-aa9d-ef1a405671ca
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e05c7eed-dfb3-4b08-aa9d-ef1a405671ca
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://drd.com.br
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-29qhf
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8490b1bedeb19150-FRA

GET
H2 200 modules.2472296d2d26f0040059.js Show response
script.hotjar.com/ 219 KB
55 KB 96ms
40ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.2472296d2d26f0040059.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1624119.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

5bdaa2d2fac01a05dee8737ec7b70ad184651961d3a3998c1efa7cf147ae1ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 522665
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55620
last-modified: Mon, 15 Jan 2024 14:36:02 GMT
etag: "5f2cc7c8ec157af965fb3409029f8b70"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: CmocBU0O8iJfQ2AB7Szs8NCBqXJzMOrvvUi4dv8xLZFs1_JYM6gCdQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 26ms
20ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1801232330&t=pageview&_s=1&dl=https%3A%2F%2Fdrd.com.br%2F&ul=en-us&de=UTF-8&dt=DRD%20-%20Di%C3%A1rio%20do%20Rio%20Doce&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=442140238&gjid=1006305174&cid=1561389508.1705852031&tid=UA-138887033-1&_gid=1549473837.1705852032&_r=1&_slc=1&gtm=45He41h0n81W9B9B8Wv830314507&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=846059667

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drd.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drd.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/585138387/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/585138387/?random=898097351&cv=11&fst=1705852031701&bg=ffffff&guid=ON&async=1&gtm=45He41h0v830314507&gcd=11l1l1l1l1&dma_cps=sypham&d...
https://www.google.com/pagead/1p-conversion/585138387/?random=898097351&cv=11&fst=1705852031701&bg=ffffff&guid=ON&async=1&gtm=45He41h0v830314507&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...
https://www.google.de/pagead/1p-conversion/585138387/?random=898097351&cv=11&fst=1705852031701&bg=ffffff&guid=ON&async=1&gtm=45He41h0v830314507&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...

42 B
64 B

31ms
31ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/585138387/?random=898097351&cv=11&fst=1705852031701&bg=ffffff&guid=ON&async=1&gtm=45He41h0v830314507&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdrd.com.br%2F&label=5YDxCI6xpN8BENOBgpcC&hn=www.googleadservices.com&frm=0&tiba=DRD%20-%20Di%C3%A1rio%20do%20Rio%20Doce&value=0&auid=1278253825.1705852032&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=Ek5DaEFJZ0o2enJRWVE3clhpbk9Ubnlad0NFaVlBM2Q0SFpBOC1tNk94UkdzTHZqSGFjV1VCYjl5Y2xRSEp6SDRZYmIwRm9hV3U2WlJiSlEaWkNoRUlnSjZ6clFZUW5jZVJ0Y25ZbnBmQ0FSSXVBQWhMRU5zTE5DLXpzLXdWQjlQRHYyd1otT2NVMHQtTTQ2VU1XREhfRUtiUFJkYktQWHNLSVQ4d0ppM1JQZyITCNndkoPq7oMDFYlKkQUd9kQLUA&is_vtc=1&ocp_id=fzytZZmiL4mVxdwP9omtgAU&cid=CAQSGwAvHhf_GqzPTMwL95jDfwTgDxhIQpium7sWsA&eitems=ChAIgJ6zrQYQzvjBi52U5d9VEh0AcZnPSSwBynXbKXy7O56DjL2soIpilHaMhBF8Vw&random=2483595016&ipr=y

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/585138387/?random=898097351&cv=11&fst=1705852031701&bg=ffffff&guid=ON&async=1&gtm=45He41h0v830314507&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdrd.com.br%2F&label=5YDxCI6xpN8BENOBgpcC&hn=www.googleadservices.com&frm=0&tiba=DRD%20-%20Di%C3%A1rio%20do%20Rio%20Doce&value=0&auid=1278253825.1705852032&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=Ek5DaEFJZ0o2enJRWVE3clhpbk9Ubnlad0NFaVlBM2Q0SFpBOC1tNk94UkdzTHZqSGFjV1VCYjl5Y2xRSEp6SDRZYmIwRm9hV3U2WlJiSlEaWkNoRUlnSjZ6clFZUW5jZVJ0Y25ZbnBmQ0FSSXVBQWhMRU5zTE5DLXpzLXdWQjlQRHYyd1otT2NVMHQtTTQ2VU1XREhfRUtiUFJkYktQWHNLSVQ4d0ppM1JQZyITCNndkoPq7oMDFYlKkQUd9kQLUA&is_vtc=1&ocp_id=fzytZZmiL4mVxdwP9omtgAU&cid=CAQSGwAvHhf_GqzPTMwL95jDfwTgDxhIQpium7sWsA&eitems=ChAIgJ6zrQYQzvjBi52U5d9VEh0AcZnPSSwBynXbKXy7O56DjL2soIpilHaMhBF8Vw&random=2483595016&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 26ms
20ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-138887033-1&cid=1561389508.1705852031&jid=442140238&gjid=1006305174&_gid=1549473837.1705852032&_u=YADAAEAAAAAAACAAI~&z=2009318060

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drd.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 21 Jan 2024 15:47:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drd.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1016 B 162ms
133ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 18527f0c-c769-40e1-9e08-95e8c4e74ccb
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 18527f0c-c769-40e1-9e08-95e8c4e74ccb
Server: cloudflare
X-Trace: 2BC5BFE98F53E533697DBA8CE96BE5FD13B3D2A3B0000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-547b899f8d-qz6tr
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 8490b1c05da6bbbb-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 80ms
41ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-138887033-1&cid=1561389508.1705852031&jid=442140238&_u=YADAAEAAAAAAACAAI~&z=1817409600

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 40ms
39ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-138887033-1&cid=1561389508.1705852031&jid=442140238&_u=YADAAEAAAAAAACAAI~&z=1817409600

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 play.png
fb.radiosnaweb.com/clapp/ Frame 0D13 1 KB
1 KB 234ms
234ms Image
image/png 170.81.43.202
Ferenz Networks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fb.radiosnaweb.com/clapp/play.png
Requested by: Host: fb.radiosnaweb.com
URL: https://fb.radiosnaweb.com/hls/player.php?dnipf=5a2b083e9f360.streamlock.net&canal=imparsomhd&canal2=imparsomhd&wowza=0&lar=320&alt=42&tipo=3&autostart=true&mute=50&nome=imparsomhd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.81.43.202 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS: rw.servidoresbrasil.com
Software: nginx / PleskLin
Resource Hash: 99a653bbfe7705e3d28ff644cc45899479833653a865191ce288e39cc7146196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.radiosnaweb.com/hls/player.php?dnipf=5a2b083e9f360.streamlock.net&canal=imparsomhd&canal2=imparsomhd&wowza=0&lar=320&alt=42&tipo=3&autostart=true&mute=50&nome=imparsomhd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:12 GMT
last-modified: Thu, 08 Jul 2021 01:00:41 GMT
server: nginx
etag: "60e64e39-515"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 1301

GET
H2 200 play.png
fb.radiosnaweb.com/clapp/ Frame 635A 1 KB
1 KB 234ms
234ms Image
image/png 170.81.43.202
Ferenz Networks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fb.radiosnaweb.com/clapp/play.png
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.81.43.202 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS: rw.servidoresbrasil.com
Software: nginx / PleskLin
Resource Hash: 99a653bbfe7705e3d28ff644cc45899479833653a865191ce288e39cc7146196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.radiosnaweb.com/hls/player.php?dnipf=5a2b083e9f360.streamlock.net&canal=ibiturunafm&canal2=ibiturunafm&wowza=0&lar=320&alt=42&tipo=3&autostart=true&mute=50&nome=ibiturunafm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:12 GMT
last-modified: Thu, 08 Jul 2021 01:00:41 GMT
server: nginx
etag: "60e64e39-515"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 1301

GET
H2 200 1602266760082890 Show response
connect.facebook.net/signals/config/ 142 KB
37 KB 202ms
201ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1602266760082890?v=2.9.141&r=stable&domain=drd.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

440cda1cb3357859ca4c70dc18b249747514be2f5e0852bc0de4b209315e6032

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 21 Jan 2024 15:47:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: pD8cJxye2j+aNreWq30W444INLQIYz5o4ws3bdP1jkyrtGWO/8OZBE7vwhIVQFwRGHRLBVTqH1vtCOImOwjauA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK playlist.m3u8 Show response
5a2b083e9f360.streamlock.net/imparsomhd/imparsomhd.stream/ Frame 0D13 86 B
672 B 551ms
233ms XHR
application/vnd.apple.mpegurl 135.148.100.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://5a2b083e9f360.streamlock.net/imparsomhd/imparsomhd.stream/playlist.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.148.100.137 , United States, ASN16276 (OVH, FR),
Reverse DNS: wz3.dnip.com.br
Software: /
Resource Hash: b8cc0ee8d4d768fc7bd68a0d95e5cba1663934cf3918447a10aca06d2dc20e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.radiosnaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:12 GMT
Content-Encoding: gzip
ETag: "uMwO6NTXaPx71ooNleXLoWY5NM85GER6EKygbS3CDms"
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length, ETag
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 97

GET
H/1.1 200
OK playlist.m3u8 Show response
5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/ Frame 635A 105 B
693 B 537ms
228ms XHR
application/vnd.apple.mpegurl 135.148.100.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/playlist.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.148.100.137 , United States, ASN16276 (OVH, FR),
Reverse DNS: wz3.dnip.com.br
Software: /
Resource Hash: 0b9fbbeae7506b37c6abb44c909a18d4c444ce9ea7ad6967a1da8133cda6857b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.radiosnaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:12 GMT
Content-Encoding: gzip
ETag: "C5+76udQazfGq7RMkJoY1MREzp6nrWlnodqBM82mhXs"
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length, ETag
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 117

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 49ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1602266760082890&ev=PageView&dl=https%3A%2F%2Fdrd.com.br%2F&rl=&if=false&ts=1705852032610&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.2.1705852032412.1700649980&cs_est=true&ler=empty&it=1705852032182&coo=false&cdl=&rqm=GET

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 21 Jan 2024 15:47:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK chunklist_w1969103430.m3u8 Show response
5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/ Frame 635A 197 B
721 B 97ms
97ms XHR
application/vnd.apple.mpegurl 135.148.100.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/chunklist_w1969103430.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.148.100.137 , United States, ASN16276 (OVH, FR),
Reverse DNS: wz3.dnip.com.br
Software: /
Resource Hash: 9e3e46e6b9bbc7db57a93d2f8973582a55edd18a2a00bd995502532863e6fd28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.radiosnaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:13 GMT
Content-Encoding: gzip
ETag: "nj5G5rm7x9tXqT0viXNYKlXt0YoqAL2ZVQJTKGPm/Sg"
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length, ETag
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 145

GET
H/1.1 404
Not Found chunklist_w962735063.m3u8 Show response
5a2b083e9f360.streamlock.net/imparsomhd/imparsomhd.stream/ Frame 0D13 0
397 B 8300ms
8300ms XHR
text/plain 135.148.100.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://5a2b083e9f360.streamlock.net/imparsomhd/imparsomhd.stream/chunklist_w962735063.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.148.100.137 , United States, ASN16276 (OVH, FR),
Reverse DNS: wz3.dnip.com.br
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.radiosnaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length, ETag
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 0

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
drd.com.br/wp-includes/js/ 18 KB
19 KB 198ms
198ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:12 GMT
Last-Modified: Mon, 12 Jun 2023 03:49:38 GMT
Server: Apache
ETag: "4904-5fde69b9ad637"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 18692

POST
H/1.1 200
OK widget Show response
drd.com.br/wp-json/wordpress-popular-posts/v2/ 1001 B
1 KB 989ms
988ms XHR
application/json 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://drd.com.br/wp-json/wordpress-popular-posts/v2/widget?is_single=0

Requested by

Host: drd.com.br
URL: https://drd.com.br/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.3.4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpshost7047.publiccloud.com.br

Software

Apache / PHP/7.4.11

Resource Hash

36c437a693ce78a0183d692d383e2d9947eed4d951d38e2e7b4e2a1a36136f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drd.com.br/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
X-WP-Nonce: a870624c8b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Date: Sun, 21 Jan 2024 15:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.4.11
Transfer-Encoding: chunked
Connection: Keep-Alive
Server: Apache
Vary: Accept-Encoding,Cookie,Origin
Allow: POST
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Origin: https://drd.com.br
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=UTF-8
X-Robots-Tag: noindex
X-WP-Nonce: a870624c8b
Keep-Alive: timeout=5, max=97
Link: <https://drd.com.br/wp-json/>; rel="https://api.w.org/"

POST
H/1.1 200
OK widget Show response
drd.com.br/wp-json/wordpress-popular-posts/v2/ 1001 B
1 KB 962ms
962ms XHR
application/json 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://drd.com.br/wp-json/wordpress-popular-posts/v2/widget?is_single=0

Requested by

Host: drd.com.br
URL: https://drd.com.br/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.3.4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpshost7047.publiccloud.com.br

Software

Apache / PHP/7.4.11

Resource Hash

36c437a693ce78a0183d692d383e2d9947eed4d951d38e2e7b4e2a1a36136f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drd.com.br/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
X-WP-Nonce: a870624c8b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Date: Sun, 21 Jan 2024 15:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.4.11
Transfer-Encoding: chunked
Connection: Keep-Alive
Server: Apache
Vary: Accept-Encoding,Cookie,Origin
Allow: POST
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Origin: https://drd.com.br
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=UTF-8
X-Robots-Tag: noindex
X-WP-Nonce: a870624c8b
Keep-Alive: timeout=5, max=97
Link: <https://drd.com.br/wp-json/>; rel="https://api.w.org/"

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 152ms
85ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/drd.js?v=1705851293&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11f4b1f8b5d55dedafdc32acc6a4c56f7c5b3c631654d5d028578c3db77eb009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29411
x-xss-protection: 0
server: cafe
etag: 39 / 19743 / m202401160101 / config-hash: 15866861927224639442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:47:12 GMT

GET
H/1.1 200
OK nav-menu.d43af66e5000fd109c04.bundle.min.js Show response
drd.com.br/wp-content/plugins/elementor-pro/assets/js/ 5 KB
5 KB 206ms
206ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/elementor-pro/assets/js/nav-menu.d43af66e5000fd109c04.bundle.min.js
Requested by: Host: drd.com.br
URL: https://drd.com.br/_jb_static/??-eJydkN0KwjAMhd/GK9c4cIgXw2fp2mx2659N69jb2w1ERJHiZZLvnJwEZl8JZyPaCF6nQVkC1Ghy7ULlgwNOhJFAqw7I8BDzKBGMt4RhYa8OM8qykfZQajgSzNh5Lqa1y0KyURkssvm0+Ffehw2SlXEyaXy7Qlmhk8SNk4oi3DOY1XnknV56pXVmMMQSUcABM8vXJ3zJWrDrJ351bnqGv5i2Ph2O5/rQ1M1OdG39AKMutmI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: 23575acd7d1fc434f43c4a26cd5c2bf21e8178357b1e6ba52a785ef8df2676b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:13 GMT
Last-Modified: Tue, 02 Jan 2024 22:26:35 GMT
Server: Apache
ETag: "1227-60dfdfdc26828"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4647

GET
H/1.1 200
OK search-form.a25a87283d08dad12f18.bundle.min.js Show response
drd.com.br/wp-content/plugins/elementor-pro/assets/js/ 2 KB
2 KB 316ms
205ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/elementor-pro/assets/js/search-form.a25a87283d08dad12f18.bundle.min.js
Requested by: Host: drd.com.br
URL: https://drd.com.br/_jb_static/??-eJydkN0KwjAMhd/GK9c4cIgXw2fp2mx2659N69jb2w1ERJHiZZLvnJwEZl8JZyPaCF6nQVkC1Ghy7ULlgwNOhJFAqw7I8BDzKBGMt4RhYa8OM8qykfZQajgSzNh5Lqa1y0KyURkssvm0+Ffehw2SlXEyaXy7Qlmhk8SNk4oi3DOY1XnknV56pXVmMMQSUcABM8vXJ3zJWrDrJ351bnqGv5i2Ph2O5/rQ1M1OdG39AKMutmI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: b2b94e355f3d14d9c617e5dd96f47aaa06a103286c5f0863d279f166b9601d20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:13 GMT
Last-Modified: Tue, 02 Jan 2024 22:26:35 GMT
Server: Apache
ETag: "84c-60dfdfdc26828"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2124

GET
H/1.1 200
OK load-more.064e7e640e7ef9c3fc30.bundle.min.js Show response
drd.com.br/wp-content/plugins/elementor-pro/assets/js/ 5 KB
6 KB 403ms
206ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/elementor-pro/assets/js/load-more.064e7e640e7ef9c3fc30.bundle.min.js
Requested by: Host: drd.com.br
URL: https://drd.com.br/_jb_static/??-eJydkN0KwjAMhd/GK9c4cIgXw2fp2mx2659N69jb2w1ERJHiZZLvnJwEZl8JZyPaCF6nQVkC1Ghy7ULlgwNOhJFAqw7I8BDzKBGMt4RhYa8OM8qykfZQajgSzNh5Lqa1y0KyURkssvm0+Ffehw2SlXEyaXy7Qlmhk8SNk4oi3DOY1XnknV56pXVmMMQSUcABM8vXJ3zJWrDrJ351bnqGv5i2Ph2O5/rQ1M1OdG39AKMutmI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: 8410e522fabec7c478a8e174e93aa8229802bb16790741266e2ddba771cc8643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:13 GMT
Last-Modified: Tue, 02 Jan 2024 22:26:35 GMT
Server: Apache
ETag: "151a-60dfdfdc26828"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 5402

GET
H/1.1 200
OK posts.caaf3e27e57db8207afc.bundle.min.js Show response
drd.com.br/wp-content/plugins/elementor-pro/assets/js/ 3 KB
4 KB 411ms
198ms Script
application/javascript 177.153.49.228
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://drd.com.br/wp-content/plugins/elementor-pro/assets/js/posts.caaf3e27e57db8207afc.bundle.min.js
Requested by: Host: drd.com.br
URL: https://drd.com.br/_jb_static/??-eJydkN0KwjAMhd/GK9c4cIgXw2fp2mx2659N69jb2w1ERJHiZZLvnJwEZl8JZyPaCF6nQVkC1Ghy7ULlgwNOhJFAqw7I8BDzKBGMt4RhYa8OM8qykfZQajgSzNh5Lqa1y0KyURkssvm0+Ffehw2SlXEyaXy7Qlmhk8SNk4oi3DOY1XnknV56pXVmMMQSUcABM8vXJ3zJWrDrJ351bnqGv5i2Ph2O5/rQ1M1OdG39AKMutmI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.153.49.228 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: vpshost7047.publiccloud.com.br
Software: Apache /
Resource Hash: af57756214ff8464e4689626e7772e144f0b68284ee17d71a9dc1ea70f392120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:13 GMT
Last-Modified: Tue, 02 Jan 2024 22:26:35 GMT
Server: Apache
ETag: "cf5-60dfdfdc277c8"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3317

GET
H/1.1 200
OK media_w1969103430_17173.aac Show response
5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/ Frame 635A 119 KB
120 KB 98ms
97ms XHR
audio/x-aac 135.148.100.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/media_w1969103430_17173.aac
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.148.100.137 , United States, ASN16276 (OVH, FR),
Reverse DNS: wz3.dnip.com.br
Software: /
Resource Hash: 431745ec2ed2a48951fea7b82eb55b503627f3bfe461599baeadc97582f5af9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.radiosnaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:13 GMT
ETag: "SB8Tet8wC/AKYJAqENK0SmrMvZGWcFe/FG2TMWmDqZc"
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: audio/x-aac
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length, ETag
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 122116

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 430 KB
135 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:38:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18502
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138162
x-xss-protection: 0
server: cafe
etag: 1666572220375911148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 20 Jan 2025 10:38:51 GMT

GET
H2 200 pub-5822243610880583 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 139ms
49ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-5822243610880583?ers=1

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/drd.js?v=1705851293&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df2862980156926e5baa2e9d513a18d972207cab1aef880a0967ddb5756d3434

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-byeWm9QN5AZjhGircH5d6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-byeWm9QN5AZjhGircH5d6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175164381-18

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/drd.js?v=1705851293&ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8507b350d2d43e812321b6d9e8eda7ca7208ff0a1cf8d7c4212ead0a85514da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69232
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Jan 2024 15:47:13 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175164381-18&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-M6JHD6G

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d4795746480f55e7c38653ed6f7b7a859886253508473608d4a7fda54196e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69258
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Jan 2024 15:47:13 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 377 KB
130 KB 117ms
30ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/drd.js?v=1705851293&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38105aac42d1610743fba1feb58227a93739e52333b57597bd988ae71dad6353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132425
x-xss-protection: 0
expires: Sun, 21 Jan 2024 15:47:13 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0L1TDGNZ5X

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/drd.js?v=1705851293&ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

181a3764950b2ebdbfd908b695b77eb5f82b4737f072e90700cebaecf1f7ddc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93221
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jan 2024 15:47:13 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0L1TDGNZ5X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-M6JHD6G

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42edd24b19f0d9cccb55e0fedf06df3e6d63bc3c748db99ae20bc109b74d0cc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93265
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jan 2024 15:47:13 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 15 KB
7 KB 108ms
22ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-11382-4/CT-1249
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:30:55 GMT
content-encoding: gzip
via: 1.1 google
age: 978
x-guploader-uploadid: ABPtcPrgW-f9XKp_SOT-hEGIbCZs6BpLrInYbaB4SU1KClIhZQG0C9OwC1Ez4XvtiXP_u71hVRjkV0WJHA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6184
last-modified: Thu, 19 Dec 2019 17:12:55 GMT
server: nginx/1.8.1
etag: "0aa924c986b60c68345be2b644a237df"
vary: Accept-Encoding
x-goog-generation: 1576775575233105
x-goog-hash: md5=CqkkyYa2DGg0W+K2RKI33w==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 6184
accept-ranges: bytes
expires: Sun, 21 Jan 2024 17:30:55 GMT

GET
H2 200 prebid.js Show response
tags.denakop.com/ 323 KB
101 KB 70ms
37ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/prebid.js
Requested by: Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/drd.js?v=1705851293&ver=6.4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca6f07ec1368dbc869318144688deac0eca76f09553a468c942c2d9a227ca4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 03 Oct 2023 13:24:20 GMT
server: cloudflare
age: 197
cf-polished: origSize=330936
etag: W/"651c1604-50cb8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 8490b1c6dd004d76-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1XMM1N28QX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175164381-18&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21a84ffcbfae9b003ec89c79331ddfcd8f3572435d7be4cf445fc09e28b9759f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jan 2024 15:47:13 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 37ms
37ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1801232330&t=pageview&_s=1&dl=https%3A%2F%2Fdrd.com.br%2F&ul=en-us&de=UTF-8&dt=DRD%20-%20Di%C3%A1rio%20do%20Rio%20Doce&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACUABBAAAACAAI~&jid=1113158762&gjid=1179464840&cid=1561389508.1705852031&tid=UA-175164381-18&_gid=1549473837.1705852032&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1017380175

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drd.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drd.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 23ms
22ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175164381-18&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 Jan 2024 14:50:28 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3405
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 21 Jan 2024 16:50:28 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0L1TDGNZ5X&gtm=45je41h0v9122028349&_p=1705852031352&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1561389508.1705852031&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705852033&sct=1&seg=0&dl=https%3A%2F%2Fdrd.com.br%2F&dt=DRD%20-%20Di%C3%A1rio%20do%20Rio%20Doce&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6648
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0L1TDGNZ5X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drd.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWCJh5U7nIi-1QJmjN5t8FlG8hqm4f3j4o5jEvE_ByRshPcVGdfIstlSB_oTyLcK380LMnAleOulsHsoabU2sAtRzPUU34o4ORCN2NVBP7Bgca0xEnFdh8ikA0ZleTATIvNyivf2g== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWCJh5U7nIi-1QJmjN5t8FlG8hqm4f3j4o5jEvE_ByRshPcVGdfIstlSB_oTyLcK380LMnAleOulsHsoabU2sAtRzPUU34o4ORCN2NVBP7Bgca0xEnFdh8ikA0ZleTATIvNyivf2g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1ODUyMDMzLDM3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9kcmQuY29tLmJyLyIsbnVsbCxbWzgsImtoSnZEZUZzbWJRIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMwJ9BA3wRA87nRKq-wcXLDPRM5jiw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80caf902cadae7f866cf371353de606a62513b1e0f0884aacd41dbd3398144c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g8lOUJzKVtu68a3jCT7jnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-g8lOUJzKVtu68a3jCT7jnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 1384ms
1383ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=809282911772198&correlator=3395913934477769&eid=31080494%2C31080526%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=21622511100%3A22339781885%2Cdrd_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=1&didk=1595388400&sfv=1-0-40&fsfs=1&sc=1&cookie_enabled=1&abxe=1&dt=1705852033399&lmt=1705852033&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdrd.com.br%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1561389508.1705852031&ga_sid=1705852033&ga_hid=1801232330&ga_fc=true&dlt=1705852029668&idt=3444&prev_scp=site%3Ddrd%26place%3Dd-stickyHome%26sm%3Ds&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=271554863&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

932e7a757b52f63e3a789f3f2a3b63e3cbe1ceb32961181602d8464b11c0d8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11932
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drd.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 113 KB
46 KB 1884ms
1883ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=809282911772198&correlator=3395913934477769&eid=31080494%2C31080526%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=21622511100%3A22339781885%2Cdrd_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1280x180%7C728x90&ifi=2&didk=837275106&sfv=1-0-40&fsfs=1&sc=1&cookie_enabled=1&abxe=1&dt=1705852033409&lmt=1705852033&adxs=160&adys=16&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdrd.com.br%2F&vis=1&psz=1600x1200&msz=1600x0&fws=4&ohw=1600&ga_vid=1561389508.1705852031&ga_sid=1705852033&ga_hid=1801232330&ga_fc=true&dlt=1705852029668&idt=3444&prev_scp=site%3Ddrd%26place%3Ddm-h-topo%26sm%3Dhvd&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=2512169060&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0b7b8273e8f2692befb0f36215fd3b76fc3d50e3be0b9dfe0c7642eed3ad88d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47230
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drd.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
15 KB 331ms
330ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=809282911772198&correlator=3395913934477769&eid=31080494%2C31080526%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=21622511100%3A22339781885%2Cdrd_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&didk=2163510019&sfv=1-0-40&fsfs=1&sc=1&cookie_enabled=1&abxe=1&dt=1705852033413&lmt=1705852033&adxs=436&adys=6762&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdrd.com.br%2F&vis=1&psz=1600x9616&msz=1600x0&fws=0&ohw=0&ga_vid=1561389508.1705852031&ga_sid=1705852033&ga_hid=1801232330&ga_fc=true&dlt=1705852029668&idt=3444&prev_scp=site%3Ddrd%26place%3Ddmh-h-destaque2&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=3036425255&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e471e2ad97424600abc20ab828239f3a3dc62e1ef49a121d871995ad965307f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15655
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drd.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 1065ms
1064ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=809282911772198&correlator=3395913934477769&eid=31080494%2C31080526%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=21622511100%3A22339781885%2Cdrd_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&didk=2163510016&sfv=1-0-40&fsfs=1&sc=1&cookie_enabled=1&abxe=1&dt=1705852033415&lmt=1705852033&adxs=436&adys=8296&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdrd.com.br%2F&vis=1&psz=1600x9616&msz=1600x0&fws=0&ohw=0&ga_vid=1561389508.1705852031&ga_sid=1705852033&ga_hid=1801232330&ga_fc=true&dlt=1705852029668&idt=3444&prev_scp=site%3Ddrd%26place%3Ddmh-h-destaque5&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=3036425250&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e570353ec6fe853c5c07d703916b489554f9548d27b77c24a2075ca5e6d7ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12877
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drd.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 216 KB
58 KB 794ms
792ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=809282911772198&correlator=3395913934477769&eid=31080494%2C31080526%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=21622511100%3A22339781885%2Cdrd_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&didk=2916102310&sfv=1-0-40&fsfs=1&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1705852033418&lmt=1705852033&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdrd.com.br%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1561389508.1705852031&ga_sid=1705852033&ga_hid=1801232330&ga_fc=true&dlt=1705852029668&idt=3444&prev_scp=site%3Ddrd%26place%3Dinterstitial&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=4156458825&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

527814145b197b95138659954e68096559b3f0a403531cda679231adbd651c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59860
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drd.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E0D4 6 KB
3 KB 107ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:47:13 GMT
expires: Mon, 20 Jan 2025 15:47:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 40 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eb063dd5efc39b1b3492ea35f77a7fa157fbdbd8ef1dcbeb885d9349066f3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 16:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83444
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13863
x-xss-protection: 0
server: cafe
etag: 12572411096080002997
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 19 Jan 2025 16:36:29 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1XMM1N28QX&gtm=45je41h0v9123986993&_p=1705852031352&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1561389508.1705852031&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705852033&sct=1&seg=0&dl=https%3A%2F%2Fdrd.com.br%2F&dt=DRD%20-%20Di%C3%A1rio%20do%20Rio%20Doce&en=page_view&_fv=1&_ss=1&tfd=6794
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1XMM1N28QX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drd.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK b49f3d5d-de15-429e-95d2-428fae12b2ef
https://fb.radiosnaweb.com/ Frame 635A 90 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fb.radiosnaweb.com/b49f3d5d-de15-429e-95d2-428fae12b2ef
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7856eff924fd772c659bde422dc801f76b030e0fef18601169a15cb61ac0c73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 92590
Content-Type: text/javascript

GET
H3 200 Logo-Imparsom-menor.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/11/ 3 KB
4 KB 9ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/11/Logo-Imparsom-menor.jpg?fit=166%2C166&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a37119e40021bb2f4bca35bfbc1c0c49468313ae60c22d963db823d6098e9b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3510
x-nc: HIT hhn 3
last-modified: Thu, 11 Jan 2024 13:12:16 GMT
server: nginx
etag: "9d2eee36b242ad4f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/11/Logo-Imparsom-menor.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 01:12:16 GMT

GET
H3 200 Logomarca-Radio-Ibituruna-FM-899-menor.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/11/ 3 KB
3 KB 8ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/11/Logomarca-Radio-Ibituruna-FM-899-menor.jpg?fit=152%2C152&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

3f85c1f9b870d68e5a458f570ec2cec565b5b0383244633e207a4195db3ac136

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2862
x-nc: HIT hhn 1
last-modified: Thu, 11 Jan 2024 13:12:16 GMT
server: nginx
etag: "95102edfbf6bb4c2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/11/Logomarca-Radio-Ibituruna-FM-899-menor.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 01:12:16 GMT

GET
H3 200 Papo-de-Boleiro.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/04/ 4 KB
4 KB 8ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/04/Papo-de-Boleiro.jpg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

fd2117263b7bf39d5787073ac9a4bf5508365314b22f45f166e3a28267aaef9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4024
x-nc: HIT hhn 3
last-modified: Thu, 11 Jan 2024 13:12:15 GMT
server: nginx
etag: "8ac6f464d2751522"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/04/Papo-de-Boleiro.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 01:12:15 GMT

GET
H3 200 Coroa.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 7 KB
7 KB 9ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Coroa.jpg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c5da4d86ddc25c7f02351d98321339664a6e9120bfb940c4edda52404e00a41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6700
x-nc: HIT hhn 4
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "611935c3ebfd0dca"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Coroa.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 Coluna-MG-5.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 18 KB
19 KB 10ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Coluna-MG-5.jpg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

586d3f9bb43a51e438aef34b4bb61e7ce9d4bb0dd8b85c5f31e2e2fd069f0358

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 18790
x-nc: HIT hhn 3
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "9eae6cf3cf9a28c4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Coluna-MG-5.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 El-conde.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 6 KB
7 KB 11ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/El-conde.jpg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

eb5916ab78f83bd89c185163938f4477d8cb6b13939202cb89711efb139d67c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6516
x-nc: HIT hhn 4
last-modified: Thu, 18 Jan 2024 16:14:29 GMT
server: nginx
etag: "7d358e96feedd687"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/El-conde.jpg>; rel="canonical"
expires: Sun, 18 Jan 2026 04:14:29 GMT

GET
H3 200 Coluna-MG-4.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 14 KB
14 KB 11ms
11ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Coluna-MG-4.jpg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

2f92716194f78bc2b3ac23ed75b3f93428e39dc8e5a957682da7e0b0477397db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 13998
x-nc: HIT hhn 3
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "2dcd4a26afc10a39"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Coluna-MG-4.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 Tempo.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 1 KB
1 KB 10ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Tempo.jpg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

dc553a181f5ccb520b8b89628208051fd90129ea83a2949d3c78aa2154682563

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1114
x-nc: HIT hhn 1
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "221ea832bbabf5db"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Tempo.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 golpe02.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 3 KB
3 KB 12ms
11ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/golpe02.jpg?fit=300%2C179&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

349ce1d6298968da4005c2980db3a334c2449aa0fb82541f42ba3f256477f9a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3080
x-nc: HIT hhn 2
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "1ae1236b33b2f2ed"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/golpe02.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 gonet.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 3 KB
4 KB 12ms
11ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/gonet.jpg?fit=300%2C157&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e0e287052c2365df71594ff99ec0df6fa068e3e0ff436413a8fad11e9a25cc3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3246
x-nc: HIT hhn 4
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "4f43b8d3d827da8a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/gonet.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 haddad-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 10 KB
11 KB 12ms
11ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/haddad-1.jpg?fit=300%2C179&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

8db4ef9d018b386c500ab2f5686555ec7bebe09e10d82dd9bedd387790dc11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 10676
x-nc: HIT hhn 2
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "c2fee897230270c9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/haddad-1.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 bigtechs.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 12 KB
12 KB 13ms
12ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/bigtechs.jpg?fit=300%2C179&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

547de90e40a2bfef11e5fa9659b1d5e4f0db7d038f1d66ebb9365b6eb3debf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 12288
x-nc: HIT hhn 2
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "e14688af8ef1b017"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/bigtechs.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 tcu.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 8 KB
8 KB 13ms
12ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/tcu.jpg?fit=300%2C179&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

4c7105c9b1fc02a2f6a3819b984764a514caaedc29d84a5f989c7a6ac840c82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8116
x-nc: HIT hhn 1
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "acd9e9ee72bb7db3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/tcu.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 receita.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 10 KB
11 KB 13ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/receita.jpg?fit=300%2C300&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6d17654eafb95536cef25a35518272e4257eaad6bdbc6166d3d939ff32c56773

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 10428
x-nc: HIT hhn 3
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "2539510b723fed96"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/receita.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 patricia.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 5 KB
5 KB 12ms
12ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/patricia.jpg?fit=300%2C179&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f040c7bc601f4b7019b262b33001ffe70965205f8e346cf16f6b38944eb5169f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5200
x-nc: HIT hhn 2
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "6ab086aca941c97d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/patricia.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 WhatsApp-Image-2023-12-07-at-16.04.33.jpeg
i0.wp.com/drd.com.br/wp-content/uploads/2023/12/ 9 KB
9 KB 12ms
12ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/12/WhatsApp-Image-2023-12-07-at-16.04.33.jpeg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c47c793cc273eb613b66cf9dcc1df1ed9920e17896e0918a582b593cb548043f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8760
x-nc: HIT hhn 2
last-modified: Thu, 11 Jan 2024 13:12:15 GMT
server: nginx
etag: "ff62a8b7d9be1133"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/12/WhatsApp-Image-2023-12-07-at-16.04.33.jpeg>; rel="canonical"
expires: Sun, 11 Jan 2026 01:12:15 GMT

GET
H3 200 thiago-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 9 KB
10 KB 13ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/thiago-1.jpg?resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

5ee18020b5dcd2478220a9a3ac2f21b95149cda25a35e37b39bd90a79b60b365

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 9658
x-nc: HIT hhn 4
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "6045bc151a659598"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/thiago-1.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 chuvas.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 12 KB
12 KB 11ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/chuvas.jpg?resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d42eb11a434bc905323158aa169d66003eb8836cc099bdc0ae8dc48779b5ad72

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 12376
x-nc: HIT hhn 1
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "5cfde1fd16238a52"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/chuvas.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 pexels-jannis-knorr-2933243-scaled.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/12/ 16 KB
16 KB 11ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/12/pexels-jannis-knorr-2933243-scaled.jpg?resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e2564d17293884dfd3c0d72b984ed6c984d18dcf29c8e245d453b3b9934beb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 16272
x-nc: HIT hhn 4
last-modified: Thu, 11 Jan 2024 13:12:16 GMT
server: nginx
etag: "7863769234167f46"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/12/pexels-jannis-knorr-2933243-scaled.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 01:12:16 GMT

GET
H3 200 bc.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 5 KB
6 KB 11ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/bc.jpg?fit=300%2C179&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a6f6e47d1fde592f3bb81e7cb4f0782434d50371d9b9116773f7ddb7f56fdb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5362
x-nc: HIT hhn 1
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "895c3c7d3ca1f943"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/bc.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 sisu.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 8 KB
8 KB 8ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/sisu.jpg?fit=300%2C179&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f567344f68b30f93c640c0721dd5521a53613fa8ed6787bb1f09a1317016f02d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8132
x-nc: HIT hhn 1
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "fe2ba8d020fc0fc3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/sisu.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 thiago-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 9 KB
9 KB 8ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/thiago-1.jpg?fit=300%2C300&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a0dd3e6170ead1903730e7fe649a6e9c6d3e322b1bade315806f530ded11ffc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8828
x-nc: HIT hhn 4
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "f23bf0453f086eb0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/thiago-1.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 briga.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 17 KB
18 KB 8ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/briga.jpg?fit=300%2C207&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

425cc740654fe88a06cd65756aa78d83315b79c6e28617e20474b8bf458ab80c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 17574
x-nc: HIT hhn 2
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "a4b2ecdb3bf9f75b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/briga.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 nisia.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 5 KB
5 KB 8ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/nisia.jpg?fit=300%2C179&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

4f2713a7b8cde9ab68c5068b013f146e6eac5ec75c6af6766aa3fcd135831c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4668
x-nc: HIT hhn 1
last-modified: Wed, 17 Jan 2024 21:25:20 GMT
server: nginx
etag: "0a84cc0b3dc138ba"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/nisia.jpg>; rel="canonical"
expires: Sat, 17 Jan 2026 09:25:20 GMT

GET
H3 200 Tres-pessoas-sao-presas-dura-operacao-policial-no-Leste-de-Minas.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 19 KB
20 KB 9ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Tres-pessoas-sao-presas-dura-operacao-policial-no-Leste-de-Minas.jpg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

8014daa1862fbea1f376f7759cf1e05debe7b277a2f767f5cece54a106524c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19778
x-nc: HIT hhn 2
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "14a63f7823362ba0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Tres-pessoas-sao-presas-dura-operacao-policial-no-Leste-de-Minas.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 Bombeiros-resgatam-idoso-que-caiu-em-fosso-de-10-metros.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 13 KB
13 KB 9ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Bombeiros-resgatam-idoso-que-caiu-em-fosso-de-10-metros.jpg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6a913b9a7eb52e7c126b52b973e073b34422b1180d55b3043bd2cccc128c7974

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 13096
x-nc: HIT hhn 4
last-modified: Fri, 19 Jan 2024 08:57:17 GMT
server: nginx
etag: "2ba0ef6069c14cb6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Bombeiros-resgatam-idoso-que-caiu-em-fosso-de-10-metros.jpg>; rel="canonical"
expires: Sun, 18 Jan 2026 20:57:17 GMT

GET
H3 200 Acidente-na-BR-458-deixa-duas-pessoas-feridas.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 10 KB
10 KB 9ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Acidente-na-BR-458-deixa-duas-pessoas-feridas.jpg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b965d4255ad1afd629cc1ccfdfc67a33bcb956c5b5eec0a311c48b0a007eeac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 10206
x-nc: HIT hhn 1
last-modified: Fri, 19 Jan 2024 08:57:17 GMT
server: nginx
etag: "707cdde9728c5b51"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Acidente-na-BR-458-deixa-duas-pessoas-feridas.jpg>; rel="canonical"
expires: Sun, 18 Jan 2026 20:57:17 GMT

GET
H3 200 WhatsApp-Image-2024-01-17-at-19.31.09.jpeg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 5 KB
5 KB 9ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-17-at-19.31.09.jpeg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

43ce19144ccef54b64290e1f425ae045181d32455e99a45aec1e729466a6b606

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4634
x-nc: HIT hhn 3
last-modified: Thu, 18 Jan 2024 16:31:37 GMT
server: nginx
etag: "d42a7d4a7116f8eb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-17-at-19.31.09.jpeg>; rel="canonical"
expires: Sun, 18 Jan 2026 04:31:37 GMT

GET
H3 200 Motorista-desvia-de-cao-perde-o-controle-do-veiculo-e-cai-as-margens-de-rodovia.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 24 KB
24 KB 9ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Motorista-desvia-de-cao-perde-o-controle-do-veiculo-e-cai-as-margens-de-rodovia.jpg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

50ee26ef6918a74e5070ed95196b33568b1beaff690411c84f2a3673e500a779

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 24316
x-nc: HIT hhn 4
last-modified: Sun, 21 Jan 2024 10:25:35 GMT
server: nginx
etag: "f59a3dff0e271517"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Motorista-desvia-de-cao-perde-o-controle-do-veiculo-e-cai-as-margens-de-rodovia.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:35 GMT

GET
H3 200 receita.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 4 KB
4 KB 10ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/receita.jpg?resize=150%2C150&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c2e2fa34ebb3b1fc1d96e5b0cbbeb847743b618e81b8b7159d677b99749d0cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4206
x-nc: HIT hhn 3
last-modified: Sat, 20 Jan 2024 22:08:22 GMT
server: nginx
etag: "9d653b82fb80381d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/receita.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 10:08:22 GMT

GET
H3 200 ibge.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 5 KB
5 KB 10ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ibge.jpg?resize=150%2C150&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d6c3fb3d9b8becb2f5544276298b812e8c52f77309534b8c6d5002e5b8100ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4726
x-nc: HIT hhn 4
last-modified: Sun, 21 Jan 2024 10:25:39 GMT
server: nginx
etag: "4fb496975daa2f88"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/ibge.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:39 GMT

GET
H3 200 receita.png
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 4 KB
5 KB 10ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/receita.png?resize=150%2C150&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

def7bd84f26bb5196d449e61db872c50f847db0fbe32c537561e9b98753dd91c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4282
x-nc: HIT hhn 3
last-modified: Sun, 21 Jan 2024 10:25:39 GMT
server: nginx
etag: "726b76bc53ebf02b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/receita.png>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:39 GMT

GET
H3 200 inflacao.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 3 KB
3 KB 11ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/inflacao.jpg?resize=150%2C150&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b0aa1401fddc51091658c40c3f4f97f2fb3dc485e5f4d7d48dbffd62ea6cfa83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2786
x-nc: HIT hhn 4
last-modified: Sun, 21 Jan 2024 10:25:39 GMT
server: nginx
etag: "658ea0e31b72c142"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/inflacao.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:39 GMT

GET
H3 200 orquestra.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 8 KB
8 KB 10ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/orquestra.jpg?fit=300%2C142&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

fc2b1e97053e3c3bf8b4af4f448cb657f02ab479e098d8844cbc1ff79888072e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8296
x-nc: HIT hhn 3
last-modified: Sun, 21 Jan 2024 10:25:39 GMT
server: nginx
etag: "d499a56ed6b27b7c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/orquestra.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:39 GMT

GET
H3 200 racismo.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 5 KB
5 KB 8ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/racismo.jpg?resize=150%2C150&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

76e3e93e2e121b0893c8cd1f83ac26c72771602810889b74a5b22d56605541bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4982
x-nc: HIT hhn 2
last-modified: Mon, 15 Jan 2024 22:36:53 GMT
server: nginx
etag: "ead9d59a30f7b080"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/racismo.jpg>; rel="canonical"
expires: Thu, 15 Jan 2026 10:36:53 GMT

GET
H3 200 e162c256-4da8-4eeb-bf01-1ba93233f2dd-scaled.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 4 KB
4 KB 10ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/e162c256-4da8-4eeb-bf01-1ba93233f2dd-scaled.jpg?resize=150%2C150&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f40444119f0e4a1655566672eef9cd69f446a43ca74cbb414ae34be420452877

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3784
x-nc: HIT hhn 4
last-modified: Thu, 18 Jan 2024 23:54:19 GMT
server: nginx
etag: "63d45c14311929b2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/e162c256-4da8-4eeb-bf01-1ba93233f2dd-scaled.jpg>; rel="canonical"
expires: Sun, 18 Jan 2026 11:54:19 GMT

GET
H3 200 chaves.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 5 KB
6 KB 11ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/chaves.jpg?resize=150%2C150&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6185ba49010eb97fc478fff12e1dc138c5328a56b7381dd8fa637c8f67154282

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5424
x-nc: HIT hhn 1
last-modified: Sat, 13 Jan 2024 06:23:42 GMT
server: nginx
etag: "9c2bdad39bb61a59"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/chaves.jpg>; rel="canonical"
expires: Mon, 12 Jan 2026 18:23:42 GMT

GET
H3 200 9099a9a7-britney-spears-silencio-tutela-960x640-1.jpeg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 3 KB
4 KB 11ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/9099a9a7-britney-spears-silencio-tutela-960x640-1.jpeg?resize=150%2C150&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

ef9353f9584bbda269335176590186d17c9dc72636a5effbc987ef3dd5807e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3442
x-nc: HIT hhn 1
last-modified: Sun, 21 Jan 2024 10:25:39 GMT
server: nginx
etag: "efd7a6e74b28699f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/9099a9a7-britney-spears-silencio-tutela-960x640-1.jpeg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:39 GMT

GET
H3 200 376013278_862017881939880_5524449069099243869_n.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 8 KB
9 KB 10ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/376013278_862017881939880_5524449069099243869_n.jpg?fit=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

4c9ae7fc0d03bb486ac6c6cb515307e0f05700036c4343d79955bb3b8ec18f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8646
x-nc: HIT hhn 4
last-modified: Wed, 17 Jan 2024 01:31:06 GMT
server: nginx
etag: "6e17cf0932d88175"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/376013278_862017881939880_5524449069099243869_n.jpg>; rel="canonical"
expires: Fri, 16 Jan 2026 13:31:06 GMT

GET
H3 200 guardiola.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 4 KB
5 KB 9ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/guardiola.jpg?resize=150%2C150&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

0518986d737ac1fb67cd0692504fe8196dc8927aefe37a95c720bbbd33b48aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4364
x-nc: HIT hhn 3
last-modified: Sun, 21 Jan 2024 10:25:39 GMT
server: nginx
etag: "e89f260ec1d66027"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/guardiola.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:39 GMT

GET
H3 200 ederson-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 5 KB
5 KB 9ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ederson-1.jpg?resize=150%2C150&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

432438d097f89d910b1a48efe9edb09d36366c6ef52ac68f18bbbaabe6aab770

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4954
x-nc: HIT hhn 1
last-modified: Sun, 21 Jan 2024 10:25:39 GMT
server: nginx
etag: "46bcad1f181d3605"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/ederson-1.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:25:39 GMT

GET
H3 200 Papo-de-Boleiro.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/04/ 4 KB
4 KB 43ms
42ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/04/Papo-de-Boleiro.jpg?resize=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

fd2117263b7bf39d5787073ac9a4bf5508365314b22f45f166e3a28267aaef9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4024
x-nc: MISS hhn 3
last-modified: Sun, 21 Jan 2024 15:47:13 GMT
server: nginx
etag: "c28ed81e8a71eadd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/04/Papo-de-Boleiro.jpg>; rel="canonical"
expires: Wed, 21 Jan 2026 03:47:13 GMT

GET
H3 200 Coroa.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 7 KB
7 KB 45ms
41ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Coroa.jpg?resize=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c5da4d86ddc25c7f02351d98321339664a6e9120bfb940c4edda52404e00a41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6700
x-nc: MISS hhn 4
last-modified: Sun, 21 Jan 2024 15:47:13 GMT
server: nginx
etag: "ebfde3f3d0df330e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Coroa.jpg>; rel="canonical"
expires: Wed, 21 Jan 2026 03:47:13 GMT

GET
H3 200 Coluna-MG-5.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 18 KB
19 KB 53ms
50ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Coluna-MG-5.jpg?resize=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

586d3f9bb43a51e438aef34b4bb61e7ce9d4bb0dd8b85c5f31e2e2fd069f0358

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 18790
x-nc: MISS hhn 3
last-modified: Sun, 21 Jan 2024 15:47:13 GMT
server: nginx
etag: "3ebb58aa51cc7637"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Coluna-MG-5.jpg>; rel="canonical"
expires: Wed, 21 Jan 2026 03:47:13 GMT

GET
H3 200 El-conde.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 6 KB
7 KB 25ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/El-conde.jpg?resize=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

eb5916ab78f83bd89c185163938f4477d8cb6b13939202cb89711efb139d67c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6516
x-nc: MISS hhn 4
last-modified: Thu, 18 Jan 2024 18:22:39 GMT
server: nginx
etag: "47d0ceaa70591558"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/El-conde.jpg>; rel="canonical"
expires: Sun, 18 Jan 2026 06:22:39 GMT

GET
H3 200 Coluna-MG-4.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 14 KB
14 KB 125ms
122ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Coluna-MG-4.jpg?resize=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

2f92716194f78bc2b3ac23ed75b3f93428e39dc8e5a957682da7e0b0477397db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 13998
x-nc: MISS hhn 3
last-modified: Sun, 21 Jan 2024 15:47:13 GMT
server: nginx
etag: "f908dc2d57af6924"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Coluna-MG-4.jpg>; rel="canonical"
expires: Wed, 21 Jan 2026 03:47:13 GMT

GET
H3 200 Tempo.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 1 KB
1 KB 39ms
37ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/Tempo.jpg?resize=300%2C200&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e93df28782512489f77ecbb0c00434bd0f1251a8b6811201b6e3bb0b4c7ae6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1132
x-nc: MISS hhn 1
last-modified: Sun, 21 Jan 2024 15:47:13 GMT
server: nginx
etag: "76e10a11bfe10743"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/Tempo.jpg>; rel="canonical"
expires: Wed, 21 Jan 2026 03:47:13 GMT

GET
H3 200 golpe02.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 20 KB
20 KB 13ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/golpe02.jpg?w=1170&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c3a87de4c18e1a374d97c070deef50ec2583dfe0a8086bba138568e9cc5d29f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 20180
x-nc: HIT hhn 2
last-modified: Sun, 21 Jan 2024 10:55:38 GMT
server: nginx
etag: "2c8bb6c3b3ec9911"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/golpe02.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:55:38 GMT

GET
H3 200 gonet.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 9 KB
9 KB 11ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/gonet.jpg?w=500&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c2a9f5b83818cd82df292eb504ed5520cffc368581c7a0b1ec120b5d94215bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8830
x-nc: HIT hhn 4
last-modified: Sat, 20 Jan 2024 08:25:44 GMT
server: nginx
etag: "0060c7f1cf578443"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/gonet.jpg>; rel="canonical"
expires: Mon, 19 Jan 2026 20:25:44 GMT

GET
H3 200 haddad-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 64 KB
65 KB 13ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/haddad-1.jpg?w=1170&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

23e596df288f0be8c6d113969f6b2f8d36e74ae938caebe6e2b6edb9fbfdc7b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 65840
x-nc: HIT hhn 2
last-modified: Sun, 21 Jan 2024 10:55:38 GMT
server: nginx
etag: "eea5f0898484d272"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/haddad-1.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:55:38 GMT

GET
H3 200 bigtechs.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 77 KB
78 KB 14ms
12ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/bigtechs.jpg?w=1170&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c6c55295f1bd6a194c3b55ceb27de3b33dddc1ba9aa160883ed2d7987ab6ecd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 79178
x-nc: HIT hhn 2
last-modified: Sun, 21 Jan 2024 10:55:38 GMT
server: nginx
etag: "e3e6ac6fb6d296dd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/bigtechs.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:55:38 GMT

GET
H3 200 tcu.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 43 KB
44 KB 18ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/tcu.jpg?w=1170&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

7c360bcd0e400c002d3c26c250ef279510a268eb75e7aa2a03205c063e8e6a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 44486
x-nc: HIT hhn 1
last-modified: Thu, 18 Jan 2024 20:45:54 GMT
server: nginx
etag: "d09c94c41756113e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/tcu.jpg>; rel="canonical"
expires: Sun, 18 Jan 2026 08:45:54 GMT

GET
H3 200 receita.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 39 KB
39 KB 16ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/receita.jpg?w=740&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

33ad90c829e669ba81e6d1cd4bb129fb5fc348b5e4742de6c613475a0a19871f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 39456
x-nc: HIT hhn 3
last-modified: Thu, 18 Jan 2024 18:52:24 GMT
server: nginx
etag: "bb7458f90a81f8fc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/receita.jpg>; rel="canonical"
expires: Sun, 18 Jan 2026 06:52:24 GMT

GET
H3 200 thiago-1.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 39 KB
39 KB 15ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/thiago-1.jpg?zoom=3&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

1b9ede9b5664a2a5cc12104c719d7d32b7b93752c5060ee2bd7e6bd989cb0f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 39730
x-nc: HIT hhn 4
last-modified: Sun, 21 Jan 2024 10:55:38 GMT
server: nginx
etag: "ed8fb670fd8e4878"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/thiago-1.jpg>; rel="canonical"
expires: Tue, 20 Jan 2026 22:55:38 GMT

GET
H3 200 chuvas.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2024/01/ 83 KB
84 KB 21ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2024/01/chuvas.jpg?zoom=3&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

1320975328f7fbae15798e2467ac7c151c798548f6288bdc8539a64f7573805c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 85150
x-nc: HIT hhn 1
last-modified: Tue, 16 Jan 2024 04:34:05 GMT
server: nginx
etag: "5ce62416c222220b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2024/01/chuvas.jpg>; rel="canonical"
expires: Thu, 15 Jan 2026 16:34:05 GMT

GET
H3 200 pexels-jannis-knorr-2933243-scaled.jpg
i0.wp.com/drd.com.br/wp-content/uploads/2023/12/ 91 KB
92 KB 19ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/drd.com.br/wp-content/uploads/2023/12/pexels-jannis-knorr-2933243-scaled.jpg?zoom=3&resize=350%2C250&ssl=1

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

5343e20370d6c0cf887cc958f4dba759b230c41a7aff4dbbfb8215d40284df41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 93472
x-nc: HIT hhn 4
last-modified: Fri, 12 Jan 2024 00:33:51 GMT
server: nginx
etag: "ca6ae7c49918942e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://drd.com.br/wp-content/uploads/2023/12/pexels-jannis-knorr-2933243-scaled.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 12:33:51 GMT

GET
H/1.1 404
Not Found media_w1969103430_17174.aac Show response
5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/ Frame 635A 0
397 B 95ms
95ms XHR
text/plain 135.148.100.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/media_w1969103430_17174.aac
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.148.100.137 , United States, ASN16276 (OVH, FR),
Reverse DNS: wz3.dnip.com.br
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.radiosnaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length, ETag
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 0

GET
H2 200 39934521.js Show response
js-na1.hs-scripts.com/ 1 KB
787 B 152ms
133ms Script
application/javascript 2606:4700::6810:bf59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/39934521.js

Requested by

Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1705851900000/39934521.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bf59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9d5725420abff58c3ce7fa0515fa6ba9f047c265a4da376146861712a383ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6fc29a16-eac2-4df5-ac90-4ec419260042
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6fc29a16-eac2-4df5-ac90-4ec419260042
last-modified: Fri, 19 Jan 2024 22:45:56 GMT
server: cloudflare
x-trace: 2BF244E27CF9A268647C4ACD9FEEBA52A7C5FBA966000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://drd.com.br
x-evy-trace-virtual-host: all
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-kz2n2
cf-ray: 8490b1cacb5e6ab8-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 184ms
153ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3725600676&v=1.1&a=39934521&ct=standard-page&rcu=https%3A%2F%2Fdrd.com.br%2F&pu=https%3A%2F%2Fdrd.com.br%2F&t=DRD+-+Di%C3%A1rio+do+Rio+Doce&cts=1705852033697&vi=2cca1dc1946aaeec938d2443bb7e10e8&nc=true&u=104920860.2cca1dc1946aaeec938d2443bb7e10e8.1705852033692.1705852033692.1705852033692.1&b=104920860.1.1705852033693&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8697dbfd-6b4b-40af-8f25-f59857cfc0fe
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 26
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8697dbfd-6b4b-40af-8f25-f59857cfc0fe
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuvBBU4z1ZSnyoj4ybApP84reF77Y%2BGHNFI29iAlJ3vSGJfDE8%2FGwqCxr4NIc3gGhwJbExfF%2BEpo4UT5TUHLtS8xQsmqHvNP%2BEoVa%2Bce%2Bb2%2FcIuLexJ7dQeqtr4WMpsSYLlBORfyUWy%2F8325Dceh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-865d96945d-k44zc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8490b1cadbad1bdb-FRA
x-robots-tag: none

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 44ms
18ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 07:06:09 GMT
content-encoding: gzip
age: 31264
x-guploader-uploadid: ABPtcPqVQowqj6p4LjUwo7Kj9b8DRZHeA5JY4v2Y7jBBObJQzrnNJ4fvaTU1fsfpYAFx8v_-BR1-W2Lq0A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6116
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash: crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation: 1694696370171925
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6116
accept-ranges: bytes
expires: Mon, 22 Jan 2024 07:06:09 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 120ms
73ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f37927ee66be77b99b929683f16baad30db8c1015da51990ca213737ab0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12396
x-xss-protection: 0

GET
H2 200 container.html Show response
d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F628 6 KB
3 KB 17ms
16ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:47:13 GMT
expires: Mon, 20 Jan 2025 15:47:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 19ms
16ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:48:13 GMT
content-encoding: gzip
age: 64740
x-guploader-uploadid: ABPtcPrsgvpfafCbpLlXj-wSnM3Ia_xBjz2PMUsgtxAHMJGAZ4-JoGXTgkD17RT50TFk6ym43OEN4ls2Vg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash: crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation: 1694696370056280
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8334
accept-ranges: bytes
expires: Sun, 21 Jan 2024 21:48:13 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032401091919000/ Frame F628 196 KB
56 KB 89ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032401091919000/amp4ads-v0.mjs

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b197be9f7e01b66185d803a6621583ef198bba6596cc028dd17677c82d8a0233

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 00:10:10 GMT
age: 401823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56089
x-xss-protection: 0
server: sffe
etag: "909fcb7b3896445c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 00:10:10 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032401091919000/v0/ Frame F628 15 KB
5 KB 127ms
55ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032401091919000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 00:10:10 GMT
age: 401823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5212
x-xss-protection: 0
server: sffe
etag: "d5f0e0ea1e5219b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 00:10:10 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032401091919000/v0/ Frame F628 95 KB
29 KB 119ms
49ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032401091919000/v0/amp-analytics-0.1.mjs

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 00:10:10 GMT
age: 401823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29119
x-xss-protection: 0
server: sffe
etag: "7ed328db9ca95286"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 00:10:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032401091919000/v0/ Frame F628 5 KB
2 KB 124ms
54ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032401091919000/v0/amp-fit-text-0.1.mjs

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 00:10:10 GMT
age: 401823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1910
x-xss-protection: 0
server: sffe
etag: "b1b3f9c71858a21a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 00:10:10 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032401091919000/v0/ Frame F628 40 KB
13 KB 127ms
56ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032401091919000/v0/amp-form-0.1.mjs

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 00:10:10 GMT
age: 401823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12971
x-xss-protection: 0
server: sffe
etag: "0e9793e292f94cd9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 00:10:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F628 4 KB
751 B 28ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 15:38:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 15:47:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F628 4 KB
728 B 28ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 15:03:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 15:47:13 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F628 3 KB
3 KB 66ms
19ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 20:50:43 GMT
x-content-type-options: nosniff
server: cafe
age: 68190
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Sun, 21 Jan 2024 20:50:43 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F628 344 B
714 B 65ms
18ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:01:23 GMT
x-content-type-options: nosniff
server: cafe
age: 74750
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sun, 21 Jan 2024 19:01:23 GMT

GET
H2 200 6384120009881414670
s0.2mdn.net/simgad/ Frame F628 170 KB
171 KB 69ms
16ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6384120009881414670

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9e26b439580ad8452ffdc882d161e927706705bc7189c75a68d8ed5ed31df74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Mon, 20 Jan 2025 09:10:51 GMT
date: Sun, 21 Jan 2024 09:10:51 GMT
x-content-type-options: nosniff
age: 23782
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174531
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 16:52:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14384880721180863590
s0.2mdn.net/simgad/ Frame F628 22 KB
22 KB 118ms
66ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14384880721180863590

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab5e5702e60b7c87702434c7516b8faa6282bf0c7aea5fecbc02e883139acf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 19:15:40 GMT
date: Tue, 16 Jan 2024 19:15:40 GMT
x-content-type-options: nosniff
age: 419493
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22045
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 06:24:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 204 l
www.google.com/ads/measurement/ Frame F628 0
0 25ms
24ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3pczNovQx6UIDxl2om91wJRaX_7Ouk_G3IwQHBFL2EtLbbdXlklDQHNBGDjlU0I5wZE70dPINRHUM3nKDuPsSRhxQrg
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 u Show response
b.t.tailtarget.com/ 76 B
506 B 198ms
137ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tteurekaads
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: eb972584888cb7a143b5b406d5b8bd21fd9042e6c6c35a10311ca7aefa24ba41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame F628 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dc104b7388a9d1d184b265b9a3597fd9f1fc749fd8c056cb170ceff39900caa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F628 15 KB
15 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:46:50 GMT
x-content-type-options: nosniff
age: 396023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 01:46:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F628 16 KB
16 KB 17ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 20:44:46 GMT
x-content-type-options: nosniff
age: 414147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 20:44:46 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 15:47:13 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0DAC 13 KB
5 KB 18ms
17ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 14:44:27 GMT
expires: Mon, 20 Jan 2025 14:44:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AB72 829 B
560 B 25ms
24ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5b5faa93319b6d575b766834cf3c4a10cb969be3e07842f247b6171bc97c58d5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1Ws-SmVECyQOEGoPtRRsQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1Ws-SmVECyQOEGoPtRRsQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:47:13 GMT
expires: Sun, 21 Jan 2024 15:47:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F628
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

28ms
28ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Sun, 21 Jan 2024 15:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AB72 0
0 189ms
160ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401160101&jk=809282911772198&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DAC 39 KB
15 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 12:30:21 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame F628 42 B
235 B 45ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFy5dHTmXgLyTQg0-MmeCTK6ggslidygWGGIi6bB_WS8m_GYI-jchJLF43v75kljKYxF2BE1MEwvm2Kyj683AelWmy0r3OOgdsm3sXGg8NNjMzuJ3Vdcr9d5ZXAtFiDsoVUwK39nZsi94k4ZzLNofJxA8ld6z_lwNaHgcJ2iJF5H5v8vQ&cry=1&dbm_d=AKAmf-BxaDWBqyO0bWNWX61o45LqGfCZj0k7kMsfwnBTgHaNABXbhQvbdEjXw_lKWvBzQMXZI-yLqZNP2ByCTVu7s8v1cJJfyhYKyP3MVWVvMl82Q8THoFsd6ymusBOTLKMJ4Cnfjkd3zXz77nU-24F9WB5RK1sQ4DnP0sJSNPWQ6LyZF0MKd0Ko0HQWzGJ1FaP_50-xhg0fxQNKmfcai2VV4s2yvrZ8LbS99kKSdn2oe3ST5J-6ssMKiSDXk7CYNtnl7voZWhY2L1bSkpS32BdousB2OeknOhXgXB-gBKTlAsou29jQyFt_SgTmquG1c4ccKEL9TNFwMVJbL0yA4KPGZ0Bx_jiG3xzSKMcdozyXv6acY1w2iOuYgZ5tJPFDm1QkEqyhw73jmk_1oz3vGjBqQOcxLTrJSaF9Lx2EifZ-lIzylxBfAtyGIRCHDq_FSL5UggFZx8Nb7YD6iQiWxL-exaXz15jGcjv43jKCCnHqfawAlUV7nZXN3I3GnuwzT3Aj8_kkiAQqVyYMlZFV2mT2aV5uH8ASvsgYdXZS9MmMdyfMw8RllKp_cEGMwQxGip9MvgrV1EnPr6400UIbXU3RGfvG-Nz0xOcNSd3Z68ghkpznPcyBIdzGS_FSRRVr8LCGAoHHkBz_a7XAI-GeUCUjQMZQst-YaPe6wjWQ5fNObJP5_sxEsPulVqiaWhsC6j_BpTBuD490NpYiqWMqJiYp8Wvdo5LLhHWzUOqSx2x-qEcUDtC_9GFMQpnDjVWlcr4pm1m0P0817JcL716z1-FkesQ7hXABo2s4XU_c37IKnZ0wyF4DL8-UQZSXZ31Y8dR1sVy25kuRjtbTic7NZe_IqiGtbXqGygy3m3Kr2XC9hYlx2m3BOCGJB36CaA4IOgcRh9TauzF_GkI6E49SqBwUAZcUhVUwhvbWrTs-ypRDdHEALOybeBhb2EVyXLjBCR9ThYBrI-vmtVMTj859lxBKhdpqPI0fmIroYe7QU04oRQ2juhuhg9qqj1qEHYpw5fy_vyH79G5pH3QR-5uvb9a-zeLScMvmPHepGgF5B05sjnDDVakp085EDgHqUGkL2AoY94hXKxIJCNLJ1WBvjaFm5wgmBJLy6ycck7P_d9j_Sd-HgdLauWMdYSDRaADeKA7iVLqkB4ZM30nJhCTLs3zGfwJsvN7ttWdg_7PlQXPazxWwyt1LkMj2XAMMugiq3QBE7zZccSjiX4Fvao4K_px7EwCelTGYCbtCFGHxL8_m8IjMpSxKP3eKGMc2KQLOIXfl0ZqBe1QB_6__AcDt3VI0uX5OhYv_pIvyDJsIvTp4N7tBdIrvDEJeNqQJu-av8x6I1HPdBOTiR2Ndo2qOXpHy1Sna-h5TIuxSD5WSo1-Z65bgLsLMZKjVuhw-zboCuCU7tm8ulhHCIp7NtC_AEaYeXy7kPIBnH1gGlubWGMWPTnbloQHdHg7lob1p5EAaVuw_T9GRfcjD2Bk-qtyNIPIvLjVRC0WwMkp85u3ahfxkM8ObSRXyY-flb32-2f6H8PltT9q1fX0AsXENuRMbJTCrdNWG5kHNqoYt6kdJmMj-8UmglBHOEOnzq5fMYPIv0raJlIYYQAvL2ZxMp4Odnt8g-R1nxR5FoxWpSsFqQmfhIKU_jZNfABz0TLaO_cx-vh5XSOXRUVZvSjYuwdyq61LGZ1rcyqKgfxtC-csowT6NgLVaMGpsTE8J4_aVnQ2v03Minp8bKpmcegbX1R-AQyh-xwGX4Oxu0b-Q9m15ESSm89qdZWwfHbvnCco_CQ51xzxlBCTUzCg2e2YlDyCdIejBkbExc2jjzvMCzlizOUOc86NdR-1iUDLDJFZ52jLSD_i5aBSy41C7T13CTvX-jsYlo-wgu2XyMgyy2C2xVBi8F0wTBuOy5W1WldxWvHEL315RwL9pDGmUkvsY5Esr2l8YkyFWn7BHFp4Y1Gkaxei8FysQSn2O__U4m-KY-ZtwGxCRnGnZhvBm_0HBWIL4BVkmb0f4bODzNA_Wv0EecUHUb8uo3q6xBGBIHqxJUz2vDht1wMElad7fx25L0Lyiq851sLgo-jRF0nfccGMeYbO30HLvWhDe2Vpnv8EgmMvL6-rkLPPRfdx5l2SIGDonLhCWZo6jcd6tLE3mNxerGmP7lQ-EroF4AqqXU0lSMhbjr404Zeo1cAPZRvckaIchdyGXyNW44wRgUim1rl-xKO0zDpeYeQjnEzCILtRL-4iAgYqXJe9YN6er_Uo7EXkWT54YGTVnfHHBnl6eEyaksTE5YbxcPwM5oY5IQ9SM3ZPhu69867IuNNuHqzD_mBC4Zsuy6r9yJ37Y9aj0bsH6Gm9t7zx-n9eWe1-Bn5Fy50mly5CaWwO4sf4Tt2oDgc3PEcvt3ChY-8yW1Q0MTER0T1bV1czM2CazdLDckwgEGznblaX-Z7qaCcizxCO5l7_nfQ7aL1QF2mXMy6jJckh_MWGRih5yYoIBK8SBGjdNY6ijo_08SsCjXmTzGDJi1LB9MWrv-o4Hn2iQT9OfwL5DjZghkfnkOkv7pe5b2zxEaR0ZT4yJ4rKMPgZ5nGusbEmUWbA8zHY_omRn1MZSNdSM-dzFJWbO99loqhMpHQi2ZT-D7pCV28OmWb7R_z2M7fEbrid2dtqNcqNmRLZ__diroDwYw1t7f39yi55g6Qp2crADtiHPw8UDMDfMG4vsCZGCT3mJjyWuMHgjL9OMyqioN-MTVlKc36lhjhtLRIxe8uIIwuuCaCn-_hdsVjR3AzVk49nobyp_Lmf2jythLQRr3OPaxnAkkkU-sin7SshutNiMGbUOj2aK7GlIoNUwa-kMQqnh-i-Y3yjxyphGkOumxcdy26YO_8EWQFAZCLUYpIiqJN6vkq-6nQdq4lcmrA4MQ4w5bNDLG7Uc2UlFIoG6cRI4aL4U2b3Wvw0PPtN1_GbhOLxbTC4jiOqo9eulzW5FUAnhjjDlKWHr5RbcxylA5vPSQD1FtlfuQtAuQozhhaXi8RgK8lrLK8mx_qOypnPnMBu80jS4Cf2EGNhkXlaLFrgwF4C6A4ChBlszx0H5wHsGXZPlMg91oHqzf5AI_xkvDBzvVqnzlK9S1m0boZsfzO4hovrlEFd7OSFUYZUbVqmyGw6Gyp_Ks_QfTzrT1xGK_KguDURAx-TJOyIcr1YfZBw4r-inhV_3fapCp_e-q6h6oZp-Vp4Uxn3ErV-F1M5V2IDKSgiVEEZ66HXGe_a7RPfdrWI9fgzPVHefX0bzHt_AgMyQept8vSWGht51xbcA5-aVU2KSp2HeQ0eFI64WwOzJ6yy3qYtki0CIXCaWBQzkXFU22PyVcjjWLc4IdhIla6kZbPwjWRvTChxzL1p1I-fwioNTMwVQ69ROVYGghTwniviq0qgHdNCPyLt8ul98A3NY5edqrDCcqB84AGpbv7566Zlpt2fudpqZ6Zw8sCkmVrHso8Cf9z9wQoxwkE8KslcYncJm2QSKmParPOpu7NoWtFAR70kY4DyRB3ry-ac3IToB85AHt0zVSkIxHjq6HHC5jtGaoKsCh5nUeEEG5RsBxJeep4E_0NSQ-AjGV2MQQ7xSV2g_IoDvRmthQHylB_EgY06iFsIan-gYyiZPnU3gaAStxXVkSI3VSnkm9VSfUA4s2auLTFR_3L0GL_Ik2UOUYhM1c5UgwSRiS0hYH4OlOUPdaAKLglguPuTdTqUrh3VVKtP3zT_82IoPkagvUkYUmp2hsSHa3bvXHNcxF3vmd1VzOduvilJ7SsEbsUd4n52nHk9T3XgenyhCT52Y6yJHWPJ14bJySNQyst72rKfRNRded51RG6cv_2oB6GJ4MDD7SfSkjK9KVgS5nF9kLY8xSzVkDyUInhZRI2KK7ygWE5fnExgLnJlcsUruUWqB0ZLoX7CrUs5XxXqkLYd5dga8tZ_KlhC-jhvjYn0DaIfEk31g-N9c3iGHUsXvF9ItZkoS7vrdbolEwvvNwpyKCKC9UTmEhdAtenQp-4lV9Oq1moJ92m1YJvk5c1YW0axn0QUIivXksodGiUQGLf6rLvZNllt-eVmNE1JxLi9vKx5v4hgwBUl00biqXMLQIg2R58heOMnSQgvb4mrYpiCvtiECbo1kac0iywgUVItG26P0PFohjLt1-mqaGydWopfGYHdpp0XrE8s6mS5dHIZTPxl9XV1VRveLc1aggEBm_bgJieCXhoF0DnryCsWyIn526xWgAh6B4swtlNtGv9Pc4i1iP3_utxy252A2hk2DBTnAKkCJ6mRA-AnU8-LAqnFND__sjb9zp-OcFDwt-QdgVCieNslFyimbLP7e64bBpv3SvKCsPmMy21ala4WohBDD2RvP4r7e90LmPNMoCHDCUq5W451VDXZRvy6ooj-sXN3fREwMmxFuU9BOveuYwBWuFXZH8rROlVQhElZlwLnZ5m2M3ul5xt0BsdYLoD09mqiYA0UiX2qRs9s&cid=CAQSOwAvHhf_6mnK3H7Bdgws55LpJ6mgLOM1R6-BthhZBukFn11psmUrxWEL77T3qd38dkvxPX-pJQfJRbfcGAE&dc_exteid=31467415893873924725029901651483809&dc_pubid=4&cbvp=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F628 0
0 51ms
50ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-dzcgTytZfq0HMmN7_UPpMyAmAnVkdqiddflmo3sEoOb8uKNLRABINbOt05glYKAgKAHoAGhsdTCAsgBBqkCnYpr6GVIsj6oAwGqBJICT9BGMhIgElUllQvBcTNLpLROavX13Wb0KrgxlRGBT3urC0F_ZWHMhsRYdsDMepsU54sFgjkN_Ibpk2rgTIkYGNR6Hr2Vz_G2Bhp8vJK3gH0sBH2Lnt0wI6L2-5ccYJ7OwrWJICzmOqFI50IWpDGFO2of3XnpAI2ezfEhOu8ofAIBQKH68HlmDrY5Zy_jS5l_BTfvP4P-WQFe92moBYvt473Fh5Ym3KAvF6Fmz0Gfy8kGsu5vH9IpA6qj4ekIdmNhtLXwBKpeZPPhn0mng8c28jB1EqMcvhNmDUybNDHMJ3rf2lsAfZwpUGCVScZjmLUJInoNn9drPMgt35TwRu_S7cBry_ZkNwRLatbx2i8y1KOgy8AEotiRt8kE4AQDiAXc1ZD-TZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHx86rvQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHChDFoQgYxfaCgwLSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI-t-IPq7oMDmgmXAmh0dHBzOi8vd3d3LnR1aS5jb20vZmx1Zy9mbHVnYXVzd2FobC8_b3JpZ2luPUZSQSxEVVMsQkVSLFZJRSxIQU0mZGVzdGluYXRpb249TFBBLEJDTixQTUksTElTJm1hdHVyaXR5PTE0JmpvdXJuZXlUeXBlPVJPVU5EVFJJUD9jb29waWQ9RFBBX05fUFJPX1RVSV9URk1fRFYzNjBfVUNfQmVhY2gmdXRtX21lZGl1bT1kaXNwbGF5X04mdXRtX3NvdXJjZT1wcm9zcGVjdGluZ19EVjM2MCZ1dG1fY2FtcGFpZ249dGZtX1VDX0JlYWNoJnV0bV9jb250ZW50PTEyMDB4NjI3JnV0bV90ZXJtPWZsaWdodIAKA8gLAeINEwiD1PiD6u6DAxXJxrsIHSQmAJOwE4WSoxbIE_TFluQD0BMA2BMNiBQF2BQB0BUBgBcBshceChwIABIUcHViLTU4MjIyNDM2MTA4ODA1ODMYz9Rp&sigh=3NHlla8DLGw&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwAvHhf_6mnK3H7Bdgws55LpJ6mgLOM1R6-BthhZBukFn11psmUrxWEL77T3qd38dkvxPX-pJQfJRbfcGAE&template_id=509&vt=10&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 b Show response
b.t.tailtarget.com/ 135 B
552 B 114ms
112ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-11382-4&tY=1&tS=3&tU=0100007F813CAD65820621B50206064C&tX=b.52&tZ=118969211&env=_ttq_tteurekaads
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: b89d4bbd003edf2dea330ce59f45f18ada605d4b61d571ae9ee8839e71c14727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0DAC 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wr6crg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ca Show response
tt-11382-4.seg.t.tailtarget.com/ 83 B
335 B 137ms
116ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-11382-4.seg.t.tailtarget.com/ca?tZ=891971470&env=_ttq_tteurekaads
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 6223565c36aab19351d435b950c432671cf3e465df310fc29fdabfc320d37a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxURaQNggjgOSDw5Ub_BLGc2qe_W0W7vMh8zF0ugqc-QbqAGYJlHEk8Jpa0eGD7c5axN1yAI0hEiTtgnlENYeOpg5HEXSECjXkhc9n5t70tlxUUTBErL0J2J8bqJFue1gxDumbsEoXeWg4aic7PpnWYT0OCOa... 54 B
109 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxURaQNggjgOSDw5Ub_BLGc2qe_W0W7vMh8zF0ugqc-QbqAGYJlHEk8Jpa0eGD7c5axN1yAI0hEiTtgnlENYeOpg5HEXSECjXkhc9n5t70tlxUUTBErL0J2J8bqJFue1gxDumbsEoXeWg4aic7PpnWYT0OCOaTWMIWarZvev4KDT3LvSeA2e4DkQnldZ/_/xbanner.js/GoogleDFP./468x72_/mydirtyhobby.-ads-master/

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.khJvDeFsmbQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxn6_Df_ZAdd726ZYUhIgFMFxfMig/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca2ee41de2f8efcd10b5dde5aeb4ab14c975d8b2003f5160898b5f2e48d21194

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--11au7BIjzLA9dnSsSPZ8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--11au7BIjzLA9dnSsSPZ8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 14:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:58:15 GMT

POST
H3 204 AGSKWxVhRICAHygjBwnxLL1yALp1ixfoUUlTRjFjCjrpuOPQgVcyOynNM-1XzTmtpqF8NWM_jNJIU36TM5Z0VIyggC5_bKqtAboOuNkmnfSpNNYuhrTHfaMwEpr1IsW3h0H8kke1Nymmkg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 55ms
25ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVhRICAHygjBwnxLL1yALp1ixfoUUlTRjFjCjrpuOPQgVcyOynNM-1XzTmtpqF8NWM_jNJIU36TM5Z0VIyggC5_bKqtAboOuNkmnfSpNNYuhrTHfaMwEpr1IsW3h0H8kke1Nymmkg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sLNYiHDVmAOUbIJAog4DYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sLNYiHDVmAOUbIJAog4DYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYHEVn8HqC8RTAmewzgFip_QZrAFALMTD0fRzy1o2gQv_TjYxAgCxHh5o"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://drd.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0DBE 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:47:13 GMT
expires: Mon, 20 Jan 2025 15:47:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 0DBE 4 KB
671 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 14:21:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 15:47:14 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 308A 9 KB
4 KB 98ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 22:51:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 Apr 2024 19:07:52 GMT

GET
H2 200 28f12ab4430160ff951d347f758c0661.js Show response
www.gstatic.com/mysidia/ Frame 308A 119 KB
42 KB 102ms
19ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/28f12ab4430160ff951d347f758c0661.js?tag=leadgen/frosmoth_image

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80be6b743dc602a53fa769ab4661a65895d5d6a41b1b443d2272eaf8d61aacd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42749
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 Apr 2024 17:36:01 GMT

GET
H2 200 d0c418fd7c3c9b1fa25e4b07b8f8ee33.js Show response
www.gstatic.com/mysidia/ Frame 308A 20 KB
8 KB 119ms
36ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7275579cae6c93512a73f3a929764eda9e88331f6bc4c44021229276c23775fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8305
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 22:51:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 Apr 2024 14:42:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 308A 20 KB
2 KB 23ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7CRoboto%3A400%7CGoogle%20Sans%3A400

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8936a6938f2dc15cb1bab8b433e906b86cb94cdc559de5a580e6eb434749b79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 14:13:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 15:47:14 GMT

GET
H3 200 mdc_list_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 308A 27 KB
6 KB 75ms
71ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74360
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
server: cafe
etag: 4758454654811317262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Jan 2024 19:07:54 GMT

GET
H3 200 mdc_menu_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 308A 51 KB
11 KB 65ms
61ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11146
x-xss-protection: 0
server: cafe
etag: 2759356358486721826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Jan 2024 23:43:42 GMT

GET
H3 200 mdc_menu_surface.min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 308A 18 KB
5 KB 68ms
64ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:27:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4739
x-xss-protection: 0
server: cafe
etag: 18373107336927916518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Jan 2024 23:27:39 GMT

GET
H3 200 mdc_select_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 308A 103 KB
18 KB 68ms
65ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:41:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18791
x-xss-protection: 0
server: cafe
etag: 10996637669125113147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:41:29 GMT

GET
H3 200 mdc_textfield_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 308A 58 KB
10 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 17:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10107
x-xss-protection: 0
server: cafe
etag: 7588401036457704084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Jan 2024 17:24:35 GMT

GET
H3 200 mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 308A 31 KB
3 KB 55ms
51ms Stylesheet
text/css 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 11:58:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3021
x-xss-protection: 0
server: cafe
etag: 18113988596513574663
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 22 Jan 2024 11:58:36 GMT

GET
H3 200 mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 308A 3 KB
791 B 44ms
41ms Stylesheet
text/css 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 09:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 766
x-xss-protection: 0
server: cafe
etag: 14497039402300002370
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 22 Jan 2024 09:13:56 GMT

GET
H3 200 mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 308A 2 KB
636 B 62ms
59ms Stylesheet
text/css 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 02:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 611
x-xss-protection: 0
server: cafe
etag: 18268606943400439583
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 22 Jan 2024 02:38:46 GMT

GET
H3 200 mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 308A 37 KB
4 KB 61ms
58ms Stylesheet
text/css 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 17:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3940
x-xss-protection: 0
server: cafe
etag: 17986137158686949241
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Jan 2024 17:08:59 GMT

GET
H3 200 mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 308A 51 KB
5 KB 60ms
57ms Stylesheet
text/css 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 20:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4595
x-xss-protection: 0
server: cafe
etag: 17552977722549843295
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Jan 2024 20:39:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 308A 2 KB
822 B 28ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H2 200 e9e356ec41155b008235c83648cb19be.js Show response
www.gstatic.com/mysidia/ Frame 308A 23 KB
10 KB 93ms
15ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9e356ec41155b008235c83648cb19be.js?tag=exit_2019

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9775
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 Apr 2024 19:45:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 308A 23 KB
9 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 308A 3 KB
1 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 10:38:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 308A 20 KB
8 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 308A 0
0 63ms
61ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThDFnTwcKO3Mn1edBlH3vVXUs_S4_-8hI6vrcdAtqpLPThlszitEnJyAgMEG52QFuXvR_xpu4K6V9USS8SSf7_lnJhiQ
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 308A 206 KB
65 KB 111ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:47:14 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 0DBE 22 KB
9 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:42:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:42:53 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0DBE 205 B
520 B 111ms
41ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:21:40 GMT
x-content-type-options: nosniff
age: 393934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Jan 2025 02:21:40 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0DBE 604 B
695 B 111ms
42ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 04:40:19 GMT
x-content-type-options: nosniff
age: 40015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 20 Jan 2025 04:40:19 GMT

POST
H3 204 AGSKWxVhRICAHygjBwnxLL1yALp1ixfoUUlTRjFjCjrpuOPQgVcyOynNM-1XzTmtpqF8NWM_jNJIU36TM5Z0VIyggC5_bKqtAboOuNkmnfSpNNYuhrTHfaMwEpr1IsW3h0H8kke1Nymmkg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 58ms
58ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVhRICAHygjBwnxLL1yALp1ixfoUUlTRjFjCjrpuOPQgVcyOynNM-1XzTmtpqF8NWM_jNJIU36TM5Z0VIyggC5_bKqtAboOuNkmnfSpNNYuhrTHfaMwEpr1IsW3h0H8kke1Nymmkg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i75a_H0JUqWLXlXCXwdUgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-i75a_H0JUqWLXlXCXwdUgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYHEVn8HqC8RTAmewzgFip_QZrAFALMTD0fRzy1o2gQdtGxcwAgCxCB4L"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://drd.com.br
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVhRICAHygjBwnxLL1yALp1ixfoUUlTRjFjCjrpuOPQgVcyOynNM-1XzTmtpqF8NWM_jNJIU36TM5Z0VIyggC5_bKqtAboOuNkmnfSpNNYuhrTHfaMwEpr1IsW3h0H8kke1Nymmkg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 58ms
58ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVhRICAHygjBwnxLL1yALp1ixfoUUlTRjFjCjrpuOPQgVcyOynNM-1XzTmtpqF8NWM_jNJIU36TM5Z0VIyggC5_bKqtAboOuNkmnfSpNNYuhrTHfaMwEpr1IsW3h0H8kke1Nymmkg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XkN4dmyP1JI98qiQF6_76A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XkN4dmyP1JI98qiQF6_76A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYHEVn8HqC8RTAmewzgFip_QZrAFALMTD0fRzy1o2gQOrjyxgBACxNR4j"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://drd.com.br
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVhRICAHygjBwnxLL1yALp1ixfoUUlTRjFjCjrpuOPQgVcyOynNM-1XzTmtpqF8NWM_jNJIU36TM5Z0VIyggC5_bKqtAboOuNkmnfSpNNYuhrTHfaMwEpr1IsW3h0H8kke1Nymmkg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 59ms
58ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVhRICAHygjBwnxLL1yALp1ixfoUUlTRjFjCjrpuOPQgVcyOynNM-1XzTmtpqF8NWM_jNJIU36TM5Z0VIyggC5_bKqtAboOuNkmnfSpNNYuhrTHfaMwEpr1IsW3h0H8kke1Nymmkg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fejez4Wm65-kRm1Zbx28_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-fejez4Wm65-kRm1Zbx28_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYHEVn8HqC8RTAmewzgFip_QZrAFALMTD0fRzy1o2gQeTGxYyAgCx4x3s"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://drd.com.br
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUaapmpYRw-l-tbC6SVXk1CUrOFkLxvFx5spK-ityKGNGkYqBw2Wb5AQ6y3k3AT-pZNdsloaAWLMz1M7uwqWKBWMp-YVhTlro1E_IRXF_dbypFP_hbAyKFD6DtHN5lWXcqJ_kz4Rg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUaapmpYRw-l-tbC6SVXk1CUrOFkLxvFx5spK-ityKGNGkYqBw2Wb5AQ6y3k3AT-pZNdsloaAWLMz1M7uwqWKBWMp-YVhTlro1E_IRXF_dbypFP_hbAyKFD6DtHN5lWXcqJ_kz4Rg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1ODUyMDM0LDMyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZHJkLmNvbS5ici8iLG51bGwsW1s4LCJraEp2RGVGc21iUSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e701168e653ce9232ac71665e86bd1fac354728c10b1d34809108f386d4d707

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-o6SRkBRvnmHXr-CdexPEjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-o6SRkBRvnmHXr-CdexPEjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXFAi07YpI5HfWOG9v661ZvHf-_6WvAFf6fl56IkR_tZI6Bc1e0tI7jO-iyZQTvuIn-6AlV4cQe4BTI8OPtVDQVYJFE4iPf-oJBeWFqrU2SEksLyHwWurWWGyBfgDc8UWpMqinP1Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 23ms
23ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXFAi07YpI5HfWOG9v661ZvHf-_6WvAFf6fl56IkR_tZI6Bc1e0tI7jO-iyZQTvuIn-6AlV4cQe4BTI8OPtVDQVYJFE4iPf-oJBeWFqrU2SEksLyHwWurWWGyBfgDc8UWpMqinP1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XGD0fKNjEyiYEohw2SNDVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-XGD0fKNjEyiYEohw2SNDVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYHEVn8HqC8RTAmewzgFip_QZrAFALMTD0fRzy1o2gRtbvh1lBACw3R6V"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://drd.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FF50 1 KB
649 B 16ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sun, 21 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
289 B 134ms
110ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-11382-4&tE=0&tF=&tI=___de_1705852034160_624573176&tJ=&tU=0100007F813CAD65820621B50206064C&tX=b.52&tY=1&tZ=272789724
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 container.html Show response
d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A5AA 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:47:13 GMT
expires: Mon, 20 Jan 2025 15:47:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 451 466606.gif
id.rlcdn.com/ Frame FF50 0
98 B 86ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQ1BDZen8t8w2TvOnxKDEHYjgWmcQwAmIk6759LYsKiz2QNDdK95NgZJl07UK1dLrStaaDSl1tWpL-2XXfeYm7M5wdcn2oacff6&google_gid=CAESEM8V1uoS1atLqowyL-KMVc0&google_cver=1
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF50
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmRjPuP1...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmRjPuP1...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMjExNTQ3MTQwMDAxMzAxMzA0MzI0Ng%3D%3D&google_push=AXcoOmRjPuP19qv3BPWOggtZPXpIk5cW9o3V2jfpWxOcG-A2bH1PgF10CyIWZWJWj1YWPC...

170 B
188 B

25ms
24ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMjExNTQ3MTQwMDAxMzAxMzA0MzI0Ng%3D%3D&google_push=AXcoOmRjPuP19qv3BPWOggtZPXpIk5cW9o3V2jfpWxOcG-A2bH1PgF10CyIWZWJWj1YWPCfWkRBZOXzmxV3rleQJm1gwnSEddst5VVnm

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMjExNTQ3MTQwMDAxMzAxMzA0MzI0Ng%3D%3D&google_push=AXcoOmRjPuP19qv3BPWOggtZPXpIk5cW9o3V2jfpWxOcG-A2bH1PgF10CyIWZWJWj1YWPCfWkRBZOXzmxV3rleQJm1gwnSEddst5VVnm
pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sun, 21 Jan 2024 15:47:14 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FF50
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIr5uiASBRXEuTQF5-7zDUg&google_cver=1&google_push=AXcoOmSTpxlP5tU74A6woZGoZjenK_Ham8PvMU1XPUbjNLNZZ_PkhlNnhumKmMqIhmPMkzfvAcssLh-1-FH6yd9xzkiR8Dq...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSTpxlP5tU74A6woZGoZjenK_Ham8PvMU1XPUbjNLNZZ_PkhlNnhumKmMqIhmPMkzfvAcssLh-1-FH6yd9xzkiR8DqZis0ugSmu&google_hm=eS1JWjlmbU1sRTJwSD...

170 B
232 B

28ms
27ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSTpxlP5tU74A6woZGoZjenK_Ham8PvMU1XPUbjNLNZZ_PkhlNnhumKmMqIhmPMkzfvAcssLh-1-FH6yd9xzkiR8DqZis0ugSmu&google_hm=eS1JWjlmbU1sRTJwSDN2TGRFNnBncDVsXy5OSE1CX2Nmbn5B

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 15:47:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSTpxlP5tU74A6woZGoZjenK_Ham8PvMU1XPUbjNLNZZ_PkhlNnhumKmMqIhmPMkzfvAcssLh-1-FH6yd9xzkiR8DqZis0ugSmu&google_hm=eS1JWjlmbU1sRTJwSDN2TGRFNnBncDVsXy5OSE1CX2Nmbn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF50
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDj9W_0Lc2E--YmsClTGjF4&google_cver=1&google_push=AXcoOmQosjTrcAF8k6Cv8tz910u05YOqBmJYDLrHVT1aVrqggb5kadi-ceDcW8Nst-nbhfjAVQALkjeu...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDj9W_0Lc2E--YmsClTGjF4&google_cver=1&google_push=AXcoOmQosjTrcAF8k6Cv8tz910u05YOqBmJYDLrHVT1aVrqggb5kadi-ceDcW8Nst-nbhfjAVQA...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM1MDQ3MjAxMDkxOTMwOTIz&google_push=AXcoOmQosjTrcAF8k6Cv8tz910u05YOqBmJYDLrHVT1aVrqggb5kadi-ceDcW8Nst-nbhfjAVQALkjeu...

170 B
188 B

27ms
26ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM1MDQ3MjAxMDkxOTMwOTIz&google_push=AXcoOmQosjTrcAF8k6Cv8tz910u05YOqBmJYDLrHVT1aVrqggb5kadi-ceDcW8Nst-nbhfjAVQALkjeuguQtUIEtTQwNpyU5KROxr6A

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM1MDQ3MjAxMDkxOTMwOTIz&google_push=AXcoOmQosjTrcAF8k6Cv8tz910u05YOqBmJYDLrHVT1aVrqggb5kadi-ceDcW8Nst-nbhfjAVQALkjeuguQtUIEtTQwNpyU5KROxr6A
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame FF50 43 B
363 B 57ms
16ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRQrl4E0KtJ0aMpcTlw4lzeMg0qntgEjhqHKXAryOzTjW6lRKdCO45l5fCx1gQtYFoyxvijDA-EhvU5waIf6JcG7o5l6Wcq00ib&google_gid=CAESEP7oJ4s8ijNlAWOSv8TesGg&google_cver=1

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 302207
expires: Sun, 21 Jan 2024 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FF50
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGkW6T9qxlmBHROW7JeTWzE&google_cver=1&google_push=AXcoOmQNp9OBOQPfbCzbYIFUlM9t-j6Hn3bGpMWkW8zBIhV5cbgv7MaSPbB55SPL5nNHy1N3RbHDmZkZpKvv...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQNp9OBOQPfbCzbYIFUlM9t-j6Hn3bGpMWkW8zBIhV5cbgv7MaSPbB55SPL5nNHy1N3RbHDmZkZpKvv0FQ-BHoAmVl5xO0iKHAJ

170 B
329 B

25ms
24ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQNp9OBOQPfbCzbYIFUlM9t-j6Hn3bGpMWkW8zBIhV5cbgv7MaSPbB55SPL5nNHy1N3RbHDmZkZpKvv0FQ-BHoAmVl5xO0iKHAJ

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQNp9OBOQPfbCzbYIFUlM9t-j6Hn3bGpMWkW8zBIhV5cbgv7MaSPbB55SPL5nNHy1N3RbHDmZkZpKvv0FQ-BHoAmVl5xO0iKHAJ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame FF50
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBRnz3WlwlqN...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRl_5CqP90AlCmqcILlMSO9SODLz09DbwPymEZdP8lm0THIzbl-UkTFuV9KNAJQ1sVZVIH5PQjrVD9avnf0HL1NAKtrdpGfW13WdA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

31ms
31ms

Image
image/gif

2.19.85.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.19.85.30 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-30.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 21 Jan 2024 15:47:14 GMT
pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FF50 0
139 B 91ms
22ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LATglizfO_D1FHbZl_fbkTPSPJTZZdpU5Rin1TqxBRnFaO12X8KqdK-BvCivHCNbi8rALQ4w

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 308A 0
26 B 166ms
165ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoNCAEqCWxhbmRzY2FwZQoKCAIqBnNlcnZlcgouGiFkaXNwbGF5X2xlYWRfZm9ybV9xdWVzdGlvbl9udW1iZXIhAAAAAAAAFEAwAQoNECshAAAAAAAAP0AwARIaQ05pUGlvVHE3b01ERmZXb19RY2R3Vk1Hb2ciFmxlYWRnZW4vZnJvc21vdGhfaW1hZ2UoLA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame D08B 50 KB
19 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:23:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 02:23:58 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AA1B 624 B
248 B 55ms
52ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUCJywOBVck4Nq2n2jt_Ea0hRcctao-ppl1iizdLhI3ISnreFNWHrPzc58S5dH5uvHHH6IHOcLQv3NjPr28nnywqXBFZWDpYyt6dCDiBS79d5iHKFS_ci2OvtvjhEqK7VYyMX_N_gCG_5RKXFuKE4QCvyX_sUVReh7iHlBx0H5CzbtDd38

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:47:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A5AA 89 KB
31 KB 100ms
98ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:47:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A5AA 42 B
69 B 161ms
160ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D60UOOjr1sczgkSmxYzcfzKDQ6uptyMuUVJzEpKOkYhNZaI4ioCKb0hMcorASPV3XCjtSYDUfsa-TmBCEDrV8AdWBraWxa1Pgd5vogeXBnwLXqFek

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A5AA 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 10:38:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A5AA 20 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A5AA 0
0 24ms
23ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5rGwg9l141ERpp4Rnfql6OP787HB0JuofXeI5j68FzM5qLEwHZPIEnuyM4L1tNjhyeZn7McYKssQeJ20nB7x2zWFiig
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5AA 206 KB
65 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:47:14 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame AA1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjofm3ogp7VDsQwJAJxX8s&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjofm3ogp7VDsQwJAJxX8s&google_cver=1&C=1

43 B
340 B

26ms
26ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjofm3ogp7VDsQwJAJxX8s&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUCJywOBVck4Nq2n2jt_Ea0hRcctao-ppl1iizdLhI3ISnreFNWHrPzc58S5dH5uvHHH6IHOcLQv3NjPr28nnywqXBFZWDpYyt6dCDiBS79d5iHKFS_ci2OvtvjhEqK7VYyMX_N_gCG_5RKXFuKE4QCvyX_sUVReh7iHlBx0H5CzbtDd38
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kBCnUyJ0PQSU5xqjwSYWtDS2ID%2Fm7oh%2Bie%2BWyHQAVhu61kvFDUxRrqJHsFSYLElFzzqapOliugzvCONtPjUCRavsBWQU5fSEEe1%2B3S4vw%2BAQ37hal9TAsKeuFeuOYNEVMAkSn9nimASHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8490b1d13a5d1a47-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWvlryJ%2BIexu0aAqVK0ZhGHcFi%2BtAVULdQfkq7HqGPyoj3By9AREzY748BTC64v0t6SR9omK9zIMX33qwh0P5Qzbv30x3VjURf7iIK2j50lbLs88LCdXOMLtgcGm6TDX7%2BMuzmryGwznuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEPjofm3ogp7VDsQwJAJxX8s&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8490b1d10a271a47-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AA1B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za08ggqMs65YwVkv8aYhPwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjofm3ogp7VDsQwJAJxX8s&google_cver=1

43 B
769 B

27ms
27ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjofm3ogp7VDsQwJAJxX8s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUCJywOBVck4Nq2n2jt_Ea0hRcctao-ppl1iizdLhI3ISnreFNWHrPzc58S5dH5uvHHH6IHOcLQv3NjPr28nnywqXBFZWDpYyt6dCDiBS79d5iHKFS_ci2OvtvjhEqK7VYyMX_N_gCG_5RKXFuKE4QCvyX_sUVReh7iHlBx0H5CzbtDd38
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1XgjWhN0NsKSoL9S7fbYKfgHzYvPCTW97DMZSYRxnVs79527se4IqGlJayz15YdfBE7ojB9VE6OuCUNq5Q8v%2FMDvmu8zgFZl4%2B%2Bn%2BmJdSY2I0dXMlGje2glOAjiyiU6af6esLq01JX4DA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8490b1d1986f9231-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjofm3ogp7VDsQwJAJxX8s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame AA1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDbwkcgKdm_sZmjudz8lCNA&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDbwkcgKdm_sZmjudz8lCNA%26google_cver%3D1

43 B
1 KB

18ms
18ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDbwkcgKdm_sZmjudz8lCNA%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUCJywOBVck4Nq2n2jt_Ea0hRcctao-ppl1iizdLhI3ISnreFNWHrPzc58S5dH5uvHHH6IHOcLQv3NjPr28nnywqXBFZWDpYyt6dCDiBS79d5iHKFS_ci2OvtvjhEqK7VYyMX_N_gCG_5RKXFuKE4QCvyX_sUVReh7iHlBx0H5CzbtDd38

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
an-x-request-uuid: 51c2e17a-9ecd-49ed-9e60-62f7952c6403
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
an-x-request-uuid: 95091405-6617-4122-a99d-eeadc8e786fd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDbwkcgKdm_sZmjudz8lCNA%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA1B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D

170 B
188 B

25ms
25ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
an-x-request-uuid: 90f1ab91-2c06-4bdf-b5fb-27d820891835
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D
x-proxy-origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 168ms
166ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401160101&jk=809282911772198&bg=!dXaldjnNAAa8BdJLnAU7ADQBe5WfOJHmjv97_cmtk9qNciAM-u2fDA-HBwtcq9NVpXLnTQQ2HKVHFtIu7fdKr32KRLxxAgAAAF1SAAAAA2gBBwoAP4X7lXTWyWfSBDbIAM-cuCOtYbS_kyx4dH1cnlIjB1sK8QcbT3hvkSxAP3UwUzTb96zBL0VIYWDSvdem-OgtCZkCtF40BjIbqEUFqedj67fdgzLzIn6lqp0qoR7Gf0gfFcgsZLK0qavtB_RSMQWwBSyP0VI7gXyHyxR1rHR85Ny4J1R9ZhUDzQl-zK0QaB8S_bLYVxCc-WL3HzDgaR_pPtdgt6se7PxVdjMWnAvtSxw6kbw4Dbi8iG5gOUjwOhUvvjUUiJhdfKcOZT6OpYtyU6J20tCFCFb7E3xd7tOeinmt_mm-ay82jzk1R1GRUjFNSOtMnh3Oxo_L-gT7egDWulP7RVxIMNhLXShGE4HBlLR5mTPohSsy84I38fYjY4enFGy8fguBL1Ey443G9eL4WJegbHaY3Rg1vCoZp3DZfaqHmum_HMNxwjs9sOCtwr--TRCqde2EI506lCIr0pMqydMl0r49Z2so0kDfHHR90YT24windrovQaSuYROqDw1UjYJFIdiJda0PdPFvme7RTSirAy0u7mUs2P482gju2Qq9ROQPlEHL5r4ehO2wbP1jFCcyW9TwwUQQa-xqgZXnVD9Lx0M8XA0RQfYICNfQlyYW3gPWk4P6JE83QYLWEslm4-BbJ4cTNFYYgU-UvRNCe_JXrEqW33Sq1Mo8ArHnL4JGIIloq4Qt6oE_IWgS4zirwilUbSATrTgnDfQqKZDDgCHNnKT9IlhjqLKElGz83cxOIZn7j2ARjP-n4OZkjv0Fessreh_vr0yMCjG44-Yj-ETWGjq-yqYRo4YS7N8BxRq8gBmOwm4F0ftyu2RWsELuBibFHokyeT8naIXhB02qWseWOlMM1ZDDkVceO8d61ADygsmvCEnpspcOpF7JeFSfmMRlfvaqXkrtze1DBQgus5JY_ugpj5jNgenxx_HWM1p65-lM-S8r9LycXnmgaRnw9pFQXaUQkiJh-eo2a2w979oCSJNyPdXyBfFslbU2q_71dDwqjWwl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A5AA 0
26 B 161ms
160ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=596362938382&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A5AA 0
26 B 161ms
161ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=596362938382&version=m202309260101&ct=77&x=1&cor=11656722239500188000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A5AA 20 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADn7Y1_c0WietXDfj_iQBxkCr-a40noM5w-ZyHhEgRbTCAFxJSFv3HmU3BCAe6nIPEN3m1dSC0RFIJKifeL1NjNPooezQZ7YbeObLS55_2_JwBoFg20I9YGAQ9eVU4G1eOU1K9tidQgZVdwrLIp4QaJTOeNVSFGepeI4Bz-za5XsARuwI&cry=1&dbm_d=AKAmf-CxMi5N5-mhvF2VNc1gUtw9peZiVCNtwzYEzS_6Ua6NCe9a28JG9OMdScbC-bJqsiI9_QkaaExwFe9TGfzQDqX9SoSaJEia1gD0CNvrMA7M-Z_6bTjd0Jici8GqfEs2yCalFeQjImlkMXFySDTquNuFd1Z2a3tPJQVPrYGF2CsiOOldniUSV17U_upkYXOKJIEpUh33EbSVoYzl_vE1QbyrgiawTbZFU6aIBUnY5SX8LsJchZ05fJ_P1f7nsZAjAjrA7yt3mK65npceKFr43OMpEFeGQEiQquFMNMmCRGKT8-QRphDaCfi_m69YOTDlE5hr56gJDxMKkLYNoZC5NSIyX_FU5yOeFUXZF2BUvHe9nLXkO4ANOFvTF1z04Vky9K_hIG5xQzAiIgE0VKyCtcSSvMeazFkhdFoe6m65IVf2sEt0AJhAa0Cb5VVkRhBuO6qyPyyLQZ7tRRmr808IF7XTCf_W495YG4rgrti4IiczMfVLJO_O2DBgZh3wBcSuYP4w_9mFUXKIIhgHTwg3-5aqlBOWJreDurta4xTTIh8qq9Dwfh6g9cWxrUyUdY4dHdM_78Dne3TcmHRNfiqrJ51ZB93AymbLfmmyu8m38ez0X3F3Np_HDcW7Xd2ff1K8CxYxTwi_qF3ppI8s5cgCyLj3A11hFVa3KdFe_g-DkSFb-izNOedsIgUAMlVfiWt_dRSeQ9oRqOfCZEjhDmH6lQ7eGey4rLpKLyz9Bs-fGSdokMgqMBQCBbzPuqzKfQZApZLj62JMFuHxvgb1is9HsRkOrd7C4n_vvBskr_MYo9CKNS4KANNxCeXo1gj_I1fCW5y8bpWOxEQBOxdPLYzb-5LXbgaA6HlaOWAON5Qi5AimXgeHJbPXQaimicfgSaYyv9mM5zJPZBSsYDhqq2qAX1llccCODM5lc2JnFToVbV5ZrrEBP0rYvIyKwpI543FdEl8wEwFuQkCeiI9DJZsN0nc4qEPRzlmZr16JsiKEp79HOXHDg4CpuhWuJIoYXRD9sfoUs9gLYF0lgTSK3jrYfURYqJeOrIFA8IRejPYRqzAKSnhsgNkxCHSKCdJyimv-bHYECUGfKnIuRFyzG3HslhLU6RqvNpmNXqZnXS3aZoPm21H7MqcYZx7UhIuwDTtARlP3kB1EimmoqkD0DwvhsYWPUsbJK68v_GXUf93TjU8GRXr8eTLTXXwVdyobXNrj4pO_5OeUtoE0IH53t2YHbehPuxvxiLl8F_K3Gp8agmcAI0A4xxw5nN-tKXUoPXcr0QXsCf5CvLm2lgJJ_dZFtHVTxlZs4AwgawpTC0Z2RvwPPfAAl7g5J4yMeLsCDfwjMODpAdHu23lw6GYErBY4YmSasZfzvBiQZJyJVRrhOq7Ii1jfvxzSCoe04z1FG-DNxDABFjbpOXgHceWcL3Qt4nfoARFGHijpKc7A3NBeV9UJtuFAct6cjAgWiDuMG2IZV5ID0w9k0ZUbEwI3wt-miSCHsNMVlqgikpTzW36lgx2AvSHrUxCZtqxBmhWzKDrQyNa0qzsoko7aYT_q1N9sv4-2CxOT7MTRAmziSlEUFuntqCWZ5kPqfnQZ9LC1i3sqmfhWIQpNfix2hviNthOiWkeyX5vFBUGLx3q9QKacJ-M-HnVwLw-xgVtdGNHNExdny_mX2Bk57o15tTYF9LaFHCY-HkSkKE5YC3m5XZRZiUJYnj6c7xjl2DAe7FFkjjGARb73gFQUEQmBVueJ8HVr88bqL2B6pB3l7VqD97XzQSg_vF9_EO91nu06Kn2Cf0zcp1gdB8frAAl-_fHGsdo1MInngXKWIRkC-M5j8i0EF4zpCjZaw4O1LQBrqXJdacl7r-p_JOGYyIy0eH5Mak84pwWphhUo1Hl0A2599unjkVV5zo0RLs6TE6UMx4093SNAhnFxGRiS8vvabcdsyOGuKUoe7fQgQc4LdNRHNGlCajNRrZSkUZw7cFbADG29tAyQzbkm1l2UO-yMAsi948Iw1muj0wHAmPNjG4CTP5lkiWHyPLy_SzIsr33CNILh_o95R1gTCiwNrVkD-Vm1E4nVJwytKuigxd_WmJyqPF6JmL_Hfq0ITOCSlgK76d3xajIr907-o2KgEHA2MtAlHaNa5RhotVXIiCZ7Iv4T2gVqQfL9klIf8EKFCMGNLioCqQDlKKN4k7Prr770s_mHGOTg-NgXVwT7O4ZmVmtpidbesNh7p1VNpEckIPKUwjcrlDM96a3uAJBt2sJgjKp0yt7rej8RshlZaki-ODnZnkakOvB1r7x9jvIDF0BOEA6Y9Gqhw8K0swAZWiSVQZbpxszhFmX_J52rCavTB3yU2qt3qFhpyut9vDk2gKvw761SR0pTZkqdMbvn_ndAJ2UErejh1TavIO2-Y8FsLS-UrXG0yzXydHcH0cS21mxprWKuo5dkh8mdbCC8a5foVxB-mNtb4pqGvA7CmeoSewfsSMUCmV9R0EzRdHMij0BOkm1ggOpfSErIDmgD1eXZfFmINwtzMGe_3lbod1obHXGW5mBeIguZb6CrZyvdWivg8RenO1BrzpsI3NcO0TLIKLxi67bT50WUrwDsLmnj2sXsJayp72iqmEiskCsdnN3_JcaJVcMVrDK1H23pPz6fytj_nOsV-DOcZ3o1lxeYPDWrrXU6GFRHx6sjBW1kUuC_bYObitqUSEeEM2xsDtl5GF1vmVLh7Nr54t9-k-zqCvcDL-H57MxXYkn55SsU4jyind184_0hvUeVw82Pq-VZVwC8LXU77BHXEtJIrP1ri1Pi9ubS9NQ07G-q-MqHuJo4CBRglnsGKKpJnW2cYKcAbBllK7eIScyb04BsCjbz7l_rj7gxs6zj5jktsHMdA4PIT4Rc0FjgQd_c1DermccYllrnhiUXFWuhNO7RDhOp608mSHWorrh-De6bKTpvnofL9eShcUsqh_7NnMr3mPlCKCQajUV3wkKUIdwcOcDUpGiFf4BG4GcJm3ciIjHapoN1cyLtG-g3cj6hV-w730sJGaKaRpLR8ANycatvvagpO70zDMT_6av-GGanaXU8sr4kg8c_JpYqZ0TOh4IJuV8BWHNwZVRbox3nPlxbyEXk8MpF5cXuB7BEI1alkHFzpztnRBKEObtmBsencSqCQylVtsHbTXpg-U2A2BITyNdeA0TT8PxWCMZ7lLAfL69rUNEdviYRsdA_sKZoIqsdHzwI_VQVl8Ixba7P8v6ictqUAeiwDb0JH108snhGDPIp14-8KwwJ4ERFe8rp_foITKS0pGFKHHVSIa8HBWkypmgq4fygs7Cb15KeKkpYU1dqw-OHa3y-WlEe3qUrrQUj_xwdLCrn5CCC4LWd7_1sG_Fwm-XP95tMCx1aM1KopkjeHAqAHGrr3YZiZO4JRP3bX64WOxxRzfNTDRd54ODj7SreoEaZL7sXCxJDShq9Y1Sz61y3dWdqAQybKqeuPH5FlHFCgh77NOQLBVQWfquFW8CnIl5maRP4eOOEh6HJEHzoUfMFjfNB2H-DwMNfwm8frxCgl0iUgCZ2Xx_E_WnlCCV-gAZaevI-aM3Wb9ysRWDJEQVEw0mPedNS8-L3N9qAO_KchEQ1P1FPsvtfK1C17tVJwOB4UClc5PKQs-WWD-kzbEzWEA2NTodBbD8TxsnxWVSb-RaDnrluoHz-Q3LpOHq6ysj0z6vehjxmahKN5qjCxj9_1z7gccmqmuWY4XQ1T8clQkbdsggLgjiTOgCiUppcfhTinoAX5Dle5DclGq35tmjczOoBVF6751nukDrG3-ROGVLrG9Rj89cD3g2-314IEI3ZlfrLO6-cDbCF_2O7WSEIyAUpzlIWJMEzqWFvhJpldIxlzP-YTjTwuTosDqkPv-yRFf6PYIcxH5AwpP89x1j10XmAbrYoc982HlTOm2MN1SV6yKwvAlqYsNAI2tlkK6MQ1XYkglT2SuKH2YVks7VkBHM-22fsVH0fYtCP&cid=CAQSOwAvHhf_f-6IouSAr0LLfNO-gpzDCRi08Rw_D2rWmjR4aPvIBNfE_j7iG1BYHPcWYCQI7ZgcLBWJlwuzGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdrd.com.br%2F&ds=l&xdt=1&iif=1&cor=11656722239500188000&adk=1033480540&idt=106&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93b90f4f183719d7249ae84874e32c857152c4c96adc1f0c10077b477119facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13894
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A5AA 41 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADn7Y1_c0WietXDfj_iQBxkCr-a40noM5w-ZyHhEgRbTCAFxJSFv3HmU3BCAe6nIPEN3m1dSC0RFIJKifeL1NjNPooezQZ7YbeObLS55_2_JwBoFg20I9YGAQ9eVU4G1eOU1K9tidQgZVdwrLIp4QaJTOeNVSFGepeI4Bz-za5XsARuwI&cry=1&dbm_d=AKAmf-CxMi5N5-mhvF2VNc1gUtw9peZiVCNtwzYEzS_6Ua6NCe9a28JG9OMdScbC-bJqsiI9_QkaaExwFe9TGfzQDqX9SoSaJEia1gD0CNvrMA7M-Z_6bTjd0Jici8GqfEs2yCalFeQjImlkMXFySDTquNuFd1Z2a3tPJQVPrYGF2CsiOOldniUSV17U_upkYXOKJIEpUh33EbSVoYzl_vE1QbyrgiawTbZFU6aIBUnY5SX8LsJchZ05fJ_P1f7nsZAjAjrA7yt3mK65npceKFr43OMpEFeGQEiQquFMNMmCRGKT8-QRphDaCfi_m69YOTDlE5hr56gJDxMKkLYNoZC5NSIyX_FU5yOeFUXZF2BUvHe9nLXkO4ANOFvTF1z04Vky9K_hIG5xQzAiIgE0VKyCtcSSvMeazFkhdFoe6m65IVf2sEt0AJhAa0Cb5VVkRhBuO6qyPyyLQZ7tRRmr808IF7XTCf_W495YG4rgrti4IiczMfVLJO_O2DBgZh3wBcSuYP4w_9mFUXKIIhgHTwg3-5aqlBOWJreDurta4xTTIh8qq9Dwfh6g9cWxrUyUdY4dHdM_78Dne3TcmHRNfiqrJ51ZB93AymbLfmmyu8m38ez0X3F3Np_HDcW7Xd2ff1K8CxYxTwi_qF3ppI8s5cgCyLj3A11hFVa3KdFe_g-DkSFb-izNOedsIgUAMlVfiWt_dRSeQ9oRqOfCZEjhDmH6lQ7eGey4rLpKLyz9Bs-fGSdokMgqMBQCBbzPuqzKfQZApZLj62JMFuHxvgb1is9HsRkOrd7C4n_vvBskr_MYo9CKNS4KANNxCeXo1gj_I1fCW5y8bpWOxEQBOxdPLYzb-5LXbgaA6HlaOWAON5Qi5AimXgeHJbPXQaimicfgSaYyv9mM5zJPZBSsYDhqq2qAX1llccCODM5lc2JnFToVbV5ZrrEBP0rYvIyKwpI543FdEl8wEwFuQkCeiI9DJZsN0nc4qEPRzlmZr16JsiKEp79HOXHDg4CpuhWuJIoYXRD9sfoUs9gLYF0lgTSK3jrYfURYqJeOrIFA8IRejPYRqzAKSnhsgNkxCHSKCdJyimv-bHYECUGfKnIuRFyzG3HslhLU6RqvNpmNXqZnXS3aZoPm21H7MqcYZx7UhIuwDTtARlP3kB1EimmoqkD0DwvhsYWPUsbJK68v_GXUf93TjU8GRXr8eTLTXXwVdyobXNrj4pO_5OeUtoE0IH53t2YHbehPuxvxiLl8F_K3Gp8agmcAI0A4xxw5nN-tKXUoPXcr0QXsCf5CvLm2lgJJ_dZFtHVTxlZs4AwgawpTC0Z2RvwPPfAAl7g5J4yMeLsCDfwjMODpAdHu23lw6GYErBY4YmSasZfzvBiQZJyJVRrhOq7Ii1jfvxzSCoe04z1FG-DNxDABFjbpOXgHceWcL3Qt4nfoARFGHijpKc7A3NBeV9UJtuFAct6cjAgWiDuMG2IZV5ID0w9k0ZUbEwI3wt-miSCHsNMVlqgikpTzW36lgx2AvSHrUxCZtqxBmhWzKDrQyNa0qzsoko7aYT_q1N9sv4-2CxOT7MTRAmziSlEUFuntqCWZ5kPqfnQZ9LC1i3sqmfhWIQpNfix2hviNthOiWkeyX5vFBUGLx3q9QKacJ-M-HnVwLw-xgVtdGNHNExdny_mX2Bk57o15tTYF9LaFHCY-HkSkKE5YC3m5XZRZiUJYnj6c7xjl2DAe7FFkjjGARb73gFQUEQmBVueJ8HVr88bqL2B6pB3l7VqD97XzQSg_vF9_EO91nu06Kn2Cf0zcp1gdB8frAAl-_fHGsdo1MInngXKWIRkC-M5j8i0EF4zpCjZaw4O1LQBrqXJdacl7r-p_JOGYyIy0eH5Mak84pwWphhUo1Hl0A2599unjkVV5zo0RLs6TE6UMx4093SNAhnFxGRiS8vvabcdsyOGuKUoe7fQgQc4LdNRHNGlCajNRrZSkUZw7cFbADG29tAyQzbkm1l2UO-yMAsi948Iw1muj0wHAmPNjG4CTP5lkiWHyPLy_SzIsr33CNILh_o95R1gTCiwNrVkD-Vm1E4nVJwytKuigxd_WmJyqPF6JmL_Hfq0ITOCSlgK76d3xajIr907-o2KgEHA2MtAlHaNa5RhotVXIiCZ7Iv4T2gVqQfL9klIf8EKFCMGNLioCqQDlKKN4k7Prr770s_mHGOTg-NgXVwT7O4ZmVmtpidbesNh7p1VNpEckIPKUwjcrlDM96a3uAJBt2sJgjKp0yt7rej8RshlZaki-ODnZnkakOvB1r7x9jvIDF0BOEA6Y9Gqhw8K0swAZWiSVQZbpxszhFmX_J52rCavTB3yU2qt3qFhpyut9vDk2gKvw761SR0pTZkqdMbvn_ndAJ2UErejh1TavIO2-Y8FsLS-UrXG0yzXydHcH0cS21mxprWKuo5dkh8mdbCC8a5foVxB-mNtb4pqGvA7CmeoSewfsSMUCmV9R0EzRdHMij0BOkm1ggOpfSErIDmgD1eXZfFmINwtzMGe_3lbod1obHXGW5mBeIguZb6CrZyvdWivg8RenO1BrzpsI3NcO0TLIKLxi67bT50WUrwDsLmnj2sXsJayp72iqmEiskCsdnN3_JcaJVcMVrDK1H23pPz6fytj_nOsV-DOcZ3o1lxeYPDWrrXU6GFRHx6sjBW1kUuC_bYObitqUSEeEM2xsDtl5GF1vmVLh7Nr54t9-k-zqCvcDL-H57MxXYkn55SsU4jyind184_0hvUeVw82Pq-VZVwC8LXU77BHXEtJIrP1ri1Pi9ubS9NQ07G-q-MqHuJo4CBRglnsGKKpJnW2cYKcAbBllK7eIScyb04BsCjbz7l_rj7gxs6zj5jktsHMdA4PIT4Rc0FjgQd_c1DermccYllrnhiUXFWuhNO7RDhOp608mSHWorrh-De6bKTpvnofL9eShcUsqh_7NnMr3mPlCKCQajUV3wkKUIdwcOcDUpGiFf4BG4GcJm3ciIjHapoN1cyLtG-g3cj6hV-w730sJGaKaRpLR8ANycatvvagpO70zDMT_6av-GGanaXU8sr4kg8c_JpYqZ0TOh4IJuV8BWHNwZVRbox3nPlxbyEXk8MpF5cXuB7BEI1alkHFzpztnRBKEObtmBsencSqCQylVtsHbTXpg-U2A2BITyNdeA0TT8PxWCMZ7lLAfL69rUNEdviYRsdA_sKZoIqsdHzwI_VQVl8Ixba7P8v6ictqUAeiwDb0JH108snhGDPIp14-8KwwJ4ERFe8rp_foITKS0pGFKHHVSIa8HBWkypmgq4fygs7Cb15KeKkpYU1dqw-OHa3y-WlEe3qUrrQUj_xwdLCrn5CCC4LWd7_1sG_Fwm-XP95tMCx1aM1KopkjeHAqAHGrr3YZiZO4JRP3bX64WOxxRzfNTDRd54ODj7SreoEaZL7sXCxJDShq9Y1Sz61y3dWdqAQybKqeuPH5FlHFCgh77NOQLBVQWfquFW8CnIl5maRP4eOOEh6HJEHzoUfMFjfNB2H-DwMNfwm8frxCgl0iUgCZ2Xx_E_WnlCCV-gAZaevI-aM3Wb9ysRWDJEQVEw0mPedNS8-L3N9qAO_KchEQ1P1FPsvtfK1C17tVJwOB4UClc5PKQs-WWD-kzbEzWEA2NTodBbD8TxsnxWVSb-RaDnrluoHz-Q3LpOHq6ysj0z6vehjxmahKN5qjCxj9_1z7gccmqmuWY4XQ1T8clQkbdsggLgjiTOgCiUppcfhTinoAX5Dle5DclGq35tmjczOoBVF6751nukDrG3-ROGVLrG9Rj89cD3g2-314IEI3ZlfrLO6-cDbCF_2O7WSEIyAUpzlIWJMEzqWFvhJpldIxlzP-YTjTwuTosDqkPv-yRFf6PYIcxH5AwpP89x1j10XmAbrYoc982HlTOm2MN1SV6yKwvAlqYsNAI2tlkK6MQ1XYkglT2SuKH2YVks7VkBHM-22fsVH0fYtCP&cid=CAQSOwAvHhf_f-6IouSAr0LLfNO-gpzDCRi08Rw_D2rWmjR4aPvIBNfE_j7iG1BYHPcWYCQI7ZgcLBWJlwuzGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdrd.com.br%2F&ds=l&xdt=1&iif=1&cor=11656722239500188000&adk=1033480540&idt=106&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTg1MjAzNDc2MDk0OQogIHNlcnZlcl9pcDogMTQ2NTIyMzgxCiAgcHJvY2Vzc19pZDogMjc2OTAyMjM2Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame A5AA 0
866 B 247ms
176ms Image
image/png 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTg1MjAzNDc2MDk0OQogIHNlcnZlcl9pcDogMTQ2NTIyMzgxCiAgcHJvY2Vzc19pZDogMjc2OTAyMjM2Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMzMwMDc5ODE0NTI5MDc3MDUyMQpkZWJ1Z19rZXk6IDU5NzcwMDcxOTg5MTk0MzI0MQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMjEiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NDg0MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA4NjM4CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xff11a8a4e2b353870000000000000000","13":"0x996c69c6999339a00000000000000000","14":"0x7b2baae6ac589f5a0000000000000000","15":"0x3400d7c247bf6af0000000000000000"},"debug_key":"597700719891943241","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"13300798145290770521"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame A5AA 11 KB
4 KB 44ms
13ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1705852034162721&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCTfLgjytZaH3CfSi7_UPhuOKmA2m5b2gaYWVnKfJD_AuEAEg1s63TmCVgoCAoAfIAQmpAp2Ka-hlSLI-qAMByAObBKoElAJP0HjTBxFwxQj8TaFisDC1HJXRzCj55YSdbemOE13fvrLqBCME6_nFFEG4Qn6d5L0Q0SchY9dyJSs_ynhw08pdgmfJ4dtew_XGLCvYbcz7xchI1TqVHY5d4MjtETabdc6t-Q5mXrot6A28YN2lnM4JwcUu4IaL2cg-dW8RBYHgdeYiFfbEuZoQQbEVAfOuirPXzL7PUGy8-nqBny2PsjfEKTPfZ3xpv4ApySGYDnhXCtBEvnfUG0wlAQCMLuZXi1DXe5A0GgA6SfDrHlSRQN-m3pW876pFxGqHWfFkbCcnjV37Yz78sHU7cm9ja4Y0Q3eraz7NUQv_FNYmO5E1Y-E5Q9HaHnViGW1ODSZh3sAIKORwpGnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYtbr4g-rugwOACgOYCwHICwGADAGqDQJEReINEwiP6_iD6u6DAxV00bsIHYaxAtOwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_f-6IouSAr0LLfNO-gpzDCRi08Rw_D2rWmjR4aPvIBNfE_j7iG1BYHPcWYCQI7ZgcLBWJlwuzGAE%26sig%3DAOD64_0yAXl-Ur5BTqbqrhYyIp-p0LyMUA%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-Bh5Uxki37hsPIV4FArsozG8OzY_Yg5KrPSe6GFl75b8H2V37wD0SCmmhCxV8QgxtE8UQPXNViP1CiryFwc1THK1Ps_d-yNfxiYMWmWDs6BPB2iJq5prGySDahG9uFT5sr7afvt0KQf8IWFT5wN-Bip3qlKn-7AsX5OBchYD4S8MjpqcH4%26cry%3D1%26dbm_d%3DAKAmf-CIEWyqD1pydJU2andmLe3Do7oyP1PMFtvcxCnjxf5JxG_m8mqTp6-dVDrAtubKvSv5eQy6W0jQ7AAFjQS2XywrlCdakezSk7RGbh37nQxubifTELxKHuPlwnL4S5UDxqVO6X7wmUD5MYnW6WVXE7qX-zM235d8Gh3hQ31lrRvmubluqRf3WA1tycKKMbii02OmyoxFP03cbWuCUmNz2KUg7-_tPVtkOGvc6df5nOpA2ioJi_L06Q2yj9Ft07SLRn0Nqc7v6Gbuaa0FrtAXuaSug3j0eWOjAIHncfd55If1zCWdmUlO_pwSM2kJhCwTT-vJYhM86Ect0dWCPw5swNs_ZWpsI3XS6ZQr6GTc4btdzW43BUQHbtJd3u8OrqX5g3F6Y1QDTNcnbEjC06Lk05JhEi4b-jCNDirOsX2w44NIXZeptqKfPi5fAhd-ugFmiGA6pL1BVLWD2t4JEuOXrSU_IK6Zt9EDpWwwK1JOKLUO18JDlHce7Juj7tXgvuBpjhi3n9y3vlnn_FQXJYIGrh0wDWwzQWlqZ81yGFaesRJYB_65LO4%26adurl%3D
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: f9e1439102603f478bf5a92a4180950c923d8529fe280f1ffcbfad842431e327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4196
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 container.html Show response
d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B2C1 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:47:13 GMT
expires: Mon, 20 Jan 2025 15:47:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 00CD 38 KB
13 KB 16ms
15ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 413586
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9E7B 624 B
248 B 53ms
52ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKS61YACMAE&v=APEucNXiAWnQtZBl8kiVXZ2rm-ck-_ynWp5LA66zhnKhTFaY1LY-XYoiXlB0E2trKkjearVD8gdxdTBuRVGyxsI85v9SbO19owZobsR4EUlvhc0ZljptYbRlP2N92rJPT86UONKGhUyJ-gPlszJFcBJEXa7nqS2d7s84WeEsgH0mODpw0sTAS9k

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:47:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B2C1 89 KB
31 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:47:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2C1 42 B
69 B 162ms
160ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AI5cNRWD89NPH1I2Kan60VsR0bj1hpJOXL6ExPPshYMb71xH25jHbzRBOj7WUE1Unn1DoteNjmk6G-4-W0FvM6Fb-xkLnrowGc4m_Boep6lzNYiX8

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B2C1 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 10:38:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B2C1 20 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B2C1 0
0 24ms
23ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqjLKs0X4XZyDqHMt7QT8ggtJ9kXNb2puo8pNVdeFlQrr9vpPGgsnzusa1qJReTIBWrsVQd5yxswUTvoJXiylaPwt-_Q
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B2C1 206 KB
65 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:47:14 GMT

GET
H/1.1

200
OK

request.php Show response
hal900020.redintelligence.net/ Frame A5AA
Redirect Chain

https://hal900020.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=081a6c0807&subid=&uid=f65d6693e9223d71&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900020.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=081a6c0807&subid=&uid=f65d6693e9223d71&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

100ms
77ms

Script
application/x-javascript

178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=081a6c0807&subid=&uid=f65d6693e9223d71&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=720x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCTfLgjytZaH3CfSi7_UPhuOKmA2m5b2gaYWVnKfJD_AuEAEg1s63TmCVgoCAoAfIAQmpAp2Ka-hlSLI-qAMByAObBKoElAJP0HjTBxFwxQj8TaFisDC1HJXRzCj55YSdbemOE13fvrLqBCME6_nFFEG4Qn6d5L0Q0SchY9dyJSs_ynhw08pdgmfJ4dtew_XGLCvYbcz7xchI1TqVHY5d4MjtETabdc6t-Q5mXrot6A28YN2lnM4JwcUu4IaL2cg-dW8RBYHgdeYiFfbEuZoQQbEVAfOuirPXzL7PUGy8-nqBny2PsjfEKTPfZ3xpv4ApySGYDnhXCtBEvnfUG0wlAQCMLuZXi1DXe5A0GgA6SfDrHlSRQN-m3pW876pFxGqHWfFkbCcnjV37Yz78sHU7cm9ja4Y0Q3eraz7NUQv_FNYmO5E1Y-E5Q9HaHnViGW1ODSZh3sAIKORwpGnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYtbr4g-rugwOACgOYCwHICwGADAGqDQJEReINEwiP6_iD6u6DAxV00bsIHYaxAtOwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_f-6IouSAr0LLfNO-gpzDCRi08Rw_D2rWmjR4aPvIBNfE_j7iG1BYHPcWYCQI7ZgcLBWJlwuzGAE%26sig%3DAOD64_0yAXl-Ur5BTqbqrhYyIp-p0LyMUA%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-Bh5Uxki37hsPIV4FArsozG8OzY_Yg5KrPSe6GFl75b8H2V37wD0SCmmhCxV8QgxtE8UQPXNViP1CiryFwc1THK1Ps_d-yNfxiYMWmWDs6BPB2iJq5prGySDahG9uFT5sr7afvt0KQf8IWFT5wN-Bip3qlKn-7AsX5OBchYD4S8MjpqcH4%26cry%3D1%26dbm_d%3DAKAmf-CIEWyqD1pydJU2andmLe3Do7oyP1PMFtvcxCnjxf5JxG_m8mqTp6-dVDrAtubKvSv5eQy6W0jQ7AAFjQS2XywrlCdakezSk7RGbh37nQxubifTELxKHuPlwnL4S5UDxqVO6X7wmUD5MYnW6WVXE7qX-zM235d8Gh3hQ31lrRvmubluqRf3WA1tycKKMbii02OmyoxFP03cbWuCUmNz2KUg7-_tPVtkOGvc6df5nOpA2ioJi_L06Q2yj9Ft07SLRn0Nqc7v6Gbuaa0FrtAXuaSug3j0eWOjAIHncfd55If1zCWdmUlO_pwSM2kJhCwTT-vJYhM86Ect0dWCPw5swNs_ZWpsI3XS6ZQr6GTc4btdzW43BUQHbtJd3u8OrqX5g3F6Y1QDTNcnbEjC06Lk05JhEi4b-jCNDirOsX2w44NIXZeptqKfPi5fAhd-ugFmiGA6pL1BVLWD2t4JEuOXrSU_IK6Zt9EDpWwwK1JOKLUO18JDlHce7Juj7tXgvuBpjhi3n9y3vlnn_FQXJYIGrh0wDWwzQWlqZ81yGFaesRJYB_65LO4%26adurl%3D&documentReferer=https%3A%2F%2Fdrd.com.br%2F&ancestorOrigins=https%3A%2F%2Fdrd.com.br&random=6840927307984&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 0913c168062fea89c5bc175fb0ff2cb55a4d46edcb22f2e7e01e62e38c0639b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 15:47:14 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 12715100096253504444550012576020
Connection: close
Content-Length: 1363
Expires: Sun, 21 Jan 2024 15:47:14 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 15:47:14 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=081a6c0807&subid=&uid=f65d6693e9223d71&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=720x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCTfLgjytZaH3CfSi7_UPhuOKmA2m5b2gaYWVnKfJD_AuEAEg1s63TmCVgoCAoAfIAQmpAp2Ka-hlSLI-qAMByAObBKoElAJP0HjTBxFwxQj8TaFisDC1HJXRzCj55YSdbemOE13fvrLqBCME6_nFFEG4Qn6d5L0Q0SchY9dyJSs_ynhw08pdgmfJ4dtew_XGLCvYbcz7xchI1TqVHY5d4MjtETabdc6t-Q5mXrot6A28YN2lnM4JwcUu4IaL2cg-dW8RBYHgdeYiFfbEuZoQQbEVAfOuirPXzL7PUGy8-nqBny2PsjfEKTPfZ3xpv4ApySGYDnhXCtBEvnfUG0wlAQCMLuZXi1DXe5A0GgA6SfDrHlSRQN-m3pW876pFxGqHWfFkbCcnjV37Yz78sHU7cm9ja4Y0Q3eraz7NUQv_FNYmO5E1Y-E5Q9HaHnViGW1ODSZh3sAIKORwpGnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYtbr4g-rugwOACgOYCwHICwGADAGqDQJEReINEwiP6_iD6u6DAxV00bsIHYaxAtOwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_f-6IouSAr0LLfNO-gpzDCRi08Rw_D2rWmjR4aPvIBNfE_j7iG1BYHPcWYCQI7ZgcLBWJlwuzGAE%26sig%3DAOD64_0yAXl-Ur5BTqbqrhYyIp-p0LyMUA%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-Bh5Uxki37hsPIV4FArsozG8OzY_Yg5KrPSe6GFl75b8H2V37wD0SCmmhCxV8QgxtE8UQPXNViP1CiryFwc1THK1Ps_d-yNfxiYMWmWDs6BPB2iJq5prGySDahG9uFT5sr7afvt0KQf8IWFT5wN-Bip3qlKn-7AsX5OBchYD4S8MjpqcH4%26cry%3D1%26dbm_d%3DAKAmf-CIEWyqD1pydJU2andmLe3Do7oyP1PMFtvcxCnjxf5JxG_m8mqTp6-dVDrAtubKvSv5eQy6W0jQ7AAFjQS2XywrlCdakezSk7RGbh37nQxubifTELxKHuPlwnL4S5UDxqVO6X7wmUD5MYnW6WVXE7qX-zM235d8Gh3hQ31lrRvmubluqRf3WA1tycKKMbii02OmyoxFP03cbWuCUmNz2KUg7-_tPVtkOGvc6df5nOpA2ioJi_L06Q2yj9Ft07SLRn0Nqc7v6Gbuaa0FrtAXuaSug3j0eWOjAIHncfd55If1zCWdmUlO_pwSM2kJhCwTT-vJYhM86Ect0dWCPw5swNs_ZWpsI3XS6ZQr6GTc4btdzW43BUQHbtJd3u8OrqX5g3F6Y1QDTNcnbEjC06Lk05JhEi4b-jCNDirOsX2w44NIXZeptqKfPi5fAhd-ugFmiGA6pL1BVLWD2t4JEuOXrSU_IK6Zt9EDpWwwK1JOKLUO18JDlHce7Juj7tXgvuBpjhi3n9y3vlnn_FQXJYIGrh0wDWwzQWlqZ81yGFaesRJYB_65LO4%26adurl%3D&documentReferer=https%3A%2F%2Fdrd.com.br%2F&ancestorOrigins=https%3A%2F%2Fdrd.com.br&random=6840927307984&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 21 Jan 2024 15:47:14 +0100

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame 00CD 50 KB
19 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:23:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 02:23:58 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9E7B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKpHFVG712kTlRRzjp7-z8g&google_cver=1

43 B
734 B

27ms
27ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKpHFVG712kTlRRzjp7-z8g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKS61YACMAE&v=APEucNXiAWnQtZBl8kiVXZ2rm-ck-_ynWp5LA66zhnKhTFaY1LY-XYoiXlB0E2trKkjearVD8gdxdTBuRVGyxsI85v9SbO19owZobsR4EUlvhc0ZljptYbRlP2N92rJPT86UONKGhUyJ-gPlszJFcBJEXa7nqS2d7s84WeEsgH0mODpw0sTAS9k
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuyXxgbj0BCgYq6opF0AyuP%2BkQJZsGWztuNPiwZ%2FE%2FYYU1DRn5zM6UM4hD069nCmM03RNysxLTET3pQg5sWQfRBzKKEC9LPuAgP2ytgacNYTDi%2BpHQTlZk5xJhEEJ4zTkcfF3gY6JPo6Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8490b1d2591e9231-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKpHFVG712kTlRRzjp7-z8g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9E7B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za08ggqMs65YwVkv8aYhPwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKpHFVG712kTlRRzjp7-z8g&google_cver=1

43 B
740 B

31ms
30ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKpHFVG712kTlRRzjp7-z8g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKS61YACMAE&v=APEucNXiAWnQtZBl8kiVXZ2rm-ck-_ynWp5LA66zhnKhTFaY1LY-XYoiXlB0E2trKkjearVD8gdxdTBuRVGyxsI85v9SbO19owZobsR4EUlvhc0ZljptYbRlP2N92rJPT86UONKGhUyJ-gPlszJFcBJEXa7nqS2d7s84WeEsgH0mODpw0sTAS9k
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyOSR9b6z2H15AFkofdDhLLMEDsyZGqL6v%2F85dx6TdqgPtVehY9XvKlOwM1z8wHW09%2BpXO%2BNJrM97RXnovxj0gYFvntNH77xfv5Wv9vRGNj8%2FQ%2B62js%2B1MosOvvIkJzSzPmxqZT%2FS6qQrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8490b1d2793d9231-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKpHFVG712kTlRRzjp7-z8g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9E7B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELe-wr-VkitEZJIhjNrTTbk&google_cver=1

43 B
1006 B

15ms
15ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELe-wr-VkitEZJIhjNrTTbk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKS61YACMAE&v=APEucNXiAWnQtZBl8kiVXZ2rm-ck-_ynWp5LA66zhnKhTFaY1LY-XYoiXlB0E2trKkjearVD8gdxdTBuRVGyxsI85v9SbO19owZobsR4EUlvhc0ZljptYbRlP2N92rJPT86UONKGhUyJ-gPlszJFcBJEXa7nqS2d7s84WeEsgH0mODpw0sTAS9k

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
an-x-request-uuid: c419fe68-625a-4200-a8c4-0c7192d3c5be
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELe-wr-VkitEZJIhjNrTTbk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E7B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D

170 B
188 B

26ms
25ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
an-x-request-uuid: b6ad4819-004c-4f15-80b6-eb3f760392a2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D
x-proxy-origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 404
Not Found media_w1969103430_17174.aac Show response
5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/ Frame 635A 0
397 B 95ms
94ms XHR
text/plain 135.148.100.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/media_w1969103430_17174.aac
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.148.100.137 , United States, ASN16276 (OVH, FR),
Reverse DNS: wz3.dnip.com.br
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.radiosnaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length, ETag
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2C1 0
25 B 161ms
160ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6428968500692&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2C1 0
25 B 160ms
160ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6428968500692&version=m202309260101&ct=76&x=1&cor=4485106650111903000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B2C1 110 KB
42 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQDhg4o2rNaw3d_FiB-XK7oO3UrYbxm59mxtCTYHEKOWYnS7F775X7uZHIIz8Ja9t3VeFfxzv5g8KxfF9MYSC5JIL3y13_Z8eAUQgxXaPVg0-y0H3_XZL8NQpWmOumzUg3aboi9pqBYoJnvmyrkUyos4glHA-uEWSeQhksZHScKw8X6oc&dbm_d=AKAmf-AJvBbNPaH-WcahEKiFgL58EZjqQZPOBLS8Qc8WMXDz6LyDOHxGLey8nckocMlSwXwVZB4-IYGfGFUYI8Io4J3pZAe4Bm6WHI4Mt-tAVQZKCxBx3zE34LHSQ7dGvUbT1SqaoTipCG-9xOznI82qXjveTeznO-978dv6NR1avVwcZxunbYlX8o_88kL2ox_YxVYUEbWfvOlrBbfT_dNJN1_QBOwUIpPksldgNXNnnLsNI4s05Y9jkFBy9R3NUqrE9wzlRKMaeGbO0IiCuw7iKez8epS22RrKP_3K9u7RpDxs2yaEeMcUv-buwV7nfExw26uuESgkB03qn2tRvkmkv3CFENTYM7HdNK6hjmtSiRXHRt9j6K_8G7enfz5zrjBXOpEQMKIE5yWmJkI7kMg48q5AGVuwFHzSKpcl_sH0VgVfsf-EyQubRzqflqsUFS3rjnJzO_4PJ3EHwO7m8IhgJGS-9EPnIKgLSfGs6p3YZrZ_UzVtiHCBrCUetugKC87x3VzTBdletCXXzLnMG3tCJnD4ypwO_xn_zMALRUE8zRX1NV7hbFcNGpimGC8QjFO-odr0vmtv7vqeDSg5xMQhaans46h4BK3tp-MrLCLCDI3BlOMQ6ZgSyy3q84pTDUsnwp8AG_JYnSVRvuLzCptL8AK1_WpGOql3X08-8P0u0cOKqqmUe3KYFG7N6n0N9Ot71hf5MTHdLPLXLKyTUXPfz_zkSq646Ap8bhgsUdkpWWbPGGohyeYRUpA3SFKfHdr-zN8pKBno__0Cqq2deWGYvdYS2NjhzuB4t3ASqz2ZR1F5vzixcejTMy3MEXLoTnVd_Zo23i1CaqZLjx62cjYepZmXxVVc6d_CKNsv2n2XNMwATHTultTg28jkJmEMuJFGXyVqXfYTszSgF9X1_c3NozbIwAhDB5n3N8zSRHe_sw0K7lFMd8Cn2a4KBSnCfaP1B8CUCbUjxHIFCmFi6kCzUlspdMK5Xy97yZFsb-a1naPipZ6CyzLijrxMOsvjV38sr83pUboSJ_jgP_LBYpfj3aj82FXeq5Tqz5YEkICJX5ELSzK56UXUhzlVPZ7ZYfIKoWyh1xWsRuBknEGb9fHoLrAhNRsOd2lRkyfVA-7EgOfBKXBp52rHIRs4e_uynNE6wJL4Etqht_XSNAFf3WILvDLtyejyiKpBRGPzEmBB3HVAFpUoMm_fqCydExs6gJL6DYUazItHTKQgH-xA_qtiv6TBTmG6aKnzZHy1ohkR-m4uIQD-CrlW81Fs_Nn7RerY8WxwYdTfDDq0hpZPepmmp3489rijnjcMRdzhxzUzO7b-1IB2vU4PJTv9kX-OLZXjY57woG73shrTOjf4X-yZcs69N7h7PkV5yUYrTYhl2jwr1DNShiXwM1kDq-Gh6OgpzEhepoSGmOgnd4y9fXPThJw4QhCXcw6DlV8fPtodt3J8C28w3DxwlfXVQF25aIhMYsT-HOx48D9zs4uk4GIG2ceMQgDdpboSHDrVQt5S3iFy9cr7GStmrYEwDYfC_tU01Pf6mHFdN4u6uhDGYkHZ_8cgI4pwZzN2awwwdrLeivr0jwvEy7wdj1yvPMo5rkU5oPAXADWGpmTKlIcXpphRoJMMTQdD2JD7Z3OCzNmjRis4GyVuJ5f776mhSSZqW5iUNJgzmP7vsUSahozi2bRQbQV0N57ly1oBDyEDfyMLqVXFJRTXhPGMt4-OSgzpQ9E8nf189FYdPLSrzQj9qLTHEM3_5U2f9d8GUAaRXbww52rbemKJOO-2FzNq8fCqhrLjlpBpYVDd8grHXYGULuqh0QEzCDhqoEaptefpPVWsV-3nuNAk_JzSlaTKMKAdOYUWmeBkEBEIPwUXdn4zYmoH8CVeScgjpi_5H1e96Y-VP-OtMmX_PC6i_wXrcrSV_9EHJCzsp7GCWMDX80_6S3qOLpznLYAtymW1ERXjPkZF1yHktdYDmiFuanLFC55VKl4owgRv16gYol2UZRN_DfN2S9ULJgqFCzERMBuyLpEYAKhDkBpf9wuX3h6OTaazGi07jG8vmnEpk9NtR6P6vzzmD8N28d9CBC0mDmc2fdr_qkzb21IEDldEGq3yqlC0--SWgUw416s6717lGoG1B6Qdv6Tcwo6Yi9clfzERbsKYm0bV8ZtP8dlQBeRG1f9l8iyhEsfbEgt_GlapJpuEy7BoobNBCtUqoTL6tI2C-zuK01kmffnk1nXs-p3RXO-wgqNoIJ3U-BDT4zfVtzzEvjEEtcDJ-p0XhVbrsqr_XxZ9o8p6jkrvqSqkhOYIPcUKlEuPeuciL7aMWccXcgsK1rdOqwdTPlq8bBx3fKRuajvH8BNlpMAfVNt5AdG6kLi2rmy3JUv7L1PQU_kqQU7zvzCds38uC-4285L71Tjhnf85qBfvXZl3uVEmwdsL7y6vOLt8bePQhgZETR-QYl4Rv1ojBfsbmKpoznSBQY1QizVj7OOsfwpdRzEwm2lJB9_IDgdMR66GGBtxroNVbfenFbCF1Udhdc8hoYDJROj0eswAkwmrwJh16QM0w-Fnpdjj30VShVKBWZWLjFQNMM4I_VKahRVKsaLSk9b2rChp6k-WcueG7PzeFbgF9iMtWKTaFYKLfMkzGyp5t4NIZiVh3rrXmoDIr27PTGszhh3CVUj1uFA-rxkVpOcRC_AO4K2N_bZCkMhHjJFjZsDMBITiflBytETOlJtSMOJcDJ12FXrx17tl6L3jkB7za_3aYUH5QKHpjcnAoC6hT5-vz-r_W1vEdEAR3ApwfUfwV-iEoEVOwkO1n31j7mN7NPjsJTL06VYizZXHi5QlQcbEuWghjT5tdgWq-YpNSEhcoNHCiquwaRAGOcX-psK4pG9M-hXMPgeWY9xDF_y-_yjAx3R0QHsyJs8rcih1NRB5-KGZdPZXAs1UouxZNwXXYg49phZZr3aeaOm5v9JmC9Dowl6W6tHchv4udoxx3rfK3IaYafV7ZIhJfZaW9IB_LwqfaPjlVaX9n6TqpG4C7BYmZKn6sYWgJRTYDgkWlxwm-3I4WW3BG-dL3cFT1dZ1frCM7g3G7hyFfSxlIQ5Ydbq4cLYsk0F8KP9JY61SucCdsi3tD_2nLt2ttFSP2dsKqMca8ZaCLLILa2IE7DumTADk8hR1_OOMYks-AE-ZJARPjj8Hi0WbeB5OUaMwS-aFcwOzJudDJyzy_9m_lmIQU8VVTSUoXvjrfWSVsaQJ4-F_gY4pQW6g1lzF9gzZWNBJwEPHAVNIWRZ9eoYBEi3FRUuXRxgdb6Fq-B44SDKVBDleR0aDPsWNRYCdmmfKdDXaMC5TjstV82HgqAE8LGpJdZWti9gnJDEzeHvOiHAdOicmYfpgN8JADSMlND-jvLNMRQJpcfXavOVsPatj3PbNMU0Mbe3Xr3IVt_t0n90VY7Y06dFcY4xA_8A3c3eaX1A-foCPdpZjkGKPYKL0bcDOXkG7I45XUuxeNzQ-zAHKoDkolpUWf-EEF69vFZ-ep_4UutGywzLrzMxDWL9AhOO2nR0tC7XRIuhTUHWqxpoRFPuN3NzLePewHNRdrGgpvGPVPVUeVAVHhjBt4qZxG9r5r_GLbLSCraTfodFrQYsUn0TrNSj3w9u1jNRhOGNn62MRb1edpgEUdYeyE_g21jyw5Gbuh_cj3BoP_tmyDUMIGwx3IZQRPQmD7Bv5qKHYxlO73spv0yM4h528JhzFznY5tC5WEZvJmYY3A7Je6gY-cVOqC5_uX2VY5-wUuo7L2mPfuxDJpZ4CVVqXg9KYQYh_1jRpgjw_SutFFNqLA4STclUxHfBE_UOdbpYBSnYqKK_6YbwiL7vFzc9qIAfUIUA0vlauA4Y9Q_Nc0LHpMkxxV22NvHQhp_yOKzIM39PwYA-Ls0y7-cG-TYsQwI-FJKvGFyOTXjusVGtGin8K8NnYXt_m4zQqKTDPsxtUx6FtUWTbhFuxtIJeN9XDieo4hAl3&cid=CAQSOwAvHhf_dKTRuof1iZ3n2nJ7rShIc1EvjMkzuf99jUMI1Bdw6aEOi-QnEzJV-wbZTcMRvwZLDJZ6VwhYGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdrd.com.br%2F&ds=l&xdt=1&iif=1&cor=4485106650111903000&adk=4188270524&idt=98&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f685909d2886b304307258a49759923840c3cd774e5da1ad5dd696a8ad79805b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42764
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1874223/77019492/ Frame B2C1 270 KB
79 KB 125ms
36ms Script
application/javascript 52.18.204.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1874223/77019492/skeleton.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2845463438153782&ias_chanId=1&ias_placementId=20843742424&bidurl=https://drd.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hTwsstpJhB9K6YR9fJuLWF
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.204.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-204-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8131cf6be817cc3c7494ef23eb6dc4ebfdf13c5f31a01e79d195c524ba6d5ac7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B2C1 111 KB
39 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Origin: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame B2C1 12 KB
4 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQDhg4o2rNaw3d_FiB-XK7oO3UrYbxm59mxtCTYHEKOWYnS7F775X7uZHIIz8Ja9t3VeFfxzv5g8KxfF9MYSC5JIL3y13_Z8eAUQgxXaPVg0-y0H3_XZL8NQpWmOumzUg3aboi9pqBYoJnvmyrkUyos4glHA-uEWSeQhksZHScKw8X6oc&dbm_d=AKAmf-AJvBbNPaH-WcahEKiFgL58EZjqQZPOBLS8Qc8WMXDz6LyDOHxGLey8nckocMlSwXwVZB4-IYGfGFUYI8Io4J3pZAe4Bm6WHI4Mt-tAVQZKCxBx3zE34LHSQ7dGvUbT1SqaoTipCG-9xOznI82qXjveTeznO-978dv6NR1avVwcZxunbYlX8o_88kL2ox_YxVYUEbWfvOlrBbfT_dNJN1_QBOwUIpPksldgNXNnnLsNI4s05Y9jkFBy9R3NUqrE9wzlRKMaeGbO0IiCuw7iKez8epS22RrKP_3K9u7RpDxs2yaEeMcUv-buwV7nfExw26uuESgkB03qn2tRvkmkv3CFENTYM7HdNK6hjmtSiRXHRt9j6K_8G7enfz5zrjBXOpEQMKIE5yWmJkI7kMg48q5AGVuwFHzSKpcl_sH0VgVfsf-EyQubRzqflqsUFS3rjnJzO_4PJ3EHwO7m8IhgJGS-9EPnIKgLSfGs6p3YZrZ_UzVtiHCBrCUetugKC87x3VzTBdletCXXzLnMG3tCJnD4ypwO_xn_zMALRUE8zRX1NV7hbFcNGpimGC8QjFO-odr0vmtv7vqeDSg5xMQhaans46h4BK3tp-MrLCLCDI3BlOMQ6ZgSyy3q84pTDUsnwp8AG_JYnSVRvuLzCptL8AK1_WpGOql3X08-8P0u0cOKqqmUe3KYFG7N6n0N9Ot71hf5MTHdLPLXLKyTUXPfz_zkSq646Ap8bhgsUdkpWWbPGGohyeYRUpA3SFKfHdr-zN8pKBno__0Cqq2deWGYvdYS2NjhzuB4t3ASqz2ZR1F5vzixcejTMy3MEXLoTnVd_Zo23i1CaqZLjx62cjYepZmXxVVc6d_CKNsv2n2XNMwATHTultTg28jkJmEMuJFGXyVqXfYTszSgF9X1_c3NozbIwAhDB5n3N8zSRHe_sw0K7lFMd8Cn2a4KBSnCfaP1B8CUCbUjxHIFCmFi6kCzUlspdMK5Xy97yZFsb-a1naPipZ6CyzLijrxMOsvjV38sr83pUboSJ_jgP_LBYpfj3aj82FXeq5Tqz5YEkICJX5ELSzK56UXUhzlVPZ7ZYfIKoWyh1xWsRuBknEGb9fHoLrAhNRsOd2lRkyfVA-7EgOfBKXBp52rHIRs4e_uynNE6wJL4Etqht_XSNAFf3WILvDLtyejyiKpBRGPzEmBB3HVAFpUoMm_fqCydExs6gJL6DYUazItHTKQgH-xA_qtiv6TBTmG6aKnzZHy1ohkR-m4uIQD-CrlW81Fs_Nn7RerY8WxwYdTfDDq0hpZPepmmp3489rijnjcMRdzhxzUzO7b-1IB2vU4PJTv9kX-OLZXjY57woG73shrTOjf4X-yZcs69N7h7PkV5yUYrTYhl2jwr1DNShiXwM1kDq-Gh6OgpzEhepoSGmOgnd4y9fXPThJw4QhCXcw6DlV8fPtodt3J8C28w3DxwlfXVQF25aIhMYsT-HOx48D9zs4uk4GIG2ceMQgDdpboSHDrVQt5S3iFy9cr7GStmrYEwDYfC_tU01Pf6mHFdN4u6uhDGYkHZ_8cgI4pwZzN2awwwdrLeivr0jwvEy7wdj1yvPMo5rkU5oPAXADWGpmTKlIcXpphRoJMMTQdD2JD7Z3OCzNmjRis4GyVuJ5f776mhSSZqW5iUNJgzmP7vsUSahozi2bRQbQV0N57ly1oBDyEDfyMLqVXFJRTXhPGMt4-OSgzpQ9E8nf189FYdPLSrzQj9qLTHEM3_5U2f9d8GUAaRXbww52rbemKJOO-2FzNq8fCqhrLjlpBpYVDd8grHXYGULuqh0QEzCDhqoEaptefpPVWsV-3nuNAk_JzSlaTKMKAdOYUWmeBkEBEIPwUXdn4zYmoH8CVeScgjpi_5H1e96Y-VP-OtMmX_PC6i_wXrcrSV_9EHJCzsp7GCWMDX80_6S3qOLpznLYAtymW1ERXjPkZF1yHktdYDmiFuanLFC55VKl4owgRv16gYol2UZRN_DfN2S9ULJgqFCzERMBuyLpEYAKhDkBpf9wuX3h6OTaazGi07jG8vmnEpk9NtR6P6vzzmD8N28d9CBC0mDmc2fdr_qkzb21IEDldEGq3yqlC0--SWgUw416s6717lGoG1B6Qdv6Tcwo6Yi9clfzERbsKYm0bV8ZtP8dlQBeRG1f9l8iyhEsfbEgt_GlapJpuEy7BoobNBCtUqoTL6tI2C-zuK01kmffnk1nXs-p3RXO-wgqNoIJ3U-BDT4zfVtzzEvjEEtcDJ-p0XhVbrsqr_XxZ9o8p6jkrvqSqkhOYIPcUKlEuPeuciL7aMWccXcgsK1rdOqwdTPlq8bBx3fKRuajvH8BNlpMAfVNt5AdG6kLi2rmy3JUv7L1PQU_kqQU7zvzCds38uC-4285L71Tjhnf85qBfvXZl3uVEmwdsL7y6vOLt8bePQhgZETR-QYl4Rv1ojBfsbmKpoznSBQY1QizVj7OOsfwpdRzEwm2lJB9_IDgdMR66GGBtxroNVbfenFbCF1Udhdc8hoYDJROj0eswAkwmrwJh16QM0w-Fnpdjj30VShVKBWZWLjFQNMM4I_VKahRVKsaLSk9b2rChp6k-WcueG7PzeFbgF9iMtWKTaFYKLfMkzGyp5t4NIZiVh3rrXmoDIr27PTGszhh3CVUj1uFA-rxkVpOcRC_AO4K2N_bZCkMhHjJFjZsDMBITiflBytETOlJtSMOJcDJ12FXrx17tl6L3jkB7za_3aYUH5QKHpjcnAoC6hT5-vz-r_W1vEdEAR3ApwfUfwV-iEoEVOwkO1n31j7mN7NPjsJTL06VYizZXHi5QlQcbEuWghjT5tdgWq-YpNSEhcoNHCiquwaRAGOcX-psK4pG9M-hXMPgeWY9xDF_y-_yjAx3R0QHsyJs8rcih1NRB5-KGZdPZXAs1UouxZNwXXYg49phZZr3aeaOm5v9JmC9Dowl6W6tHchv4udoxx3rfK3IaYafV7ZIhJfZaW9IB_LwqfaPjlVaX9n6TqpG4C7BYmZKn6sYWgJRTYDgkWlxwm-3I4WW3BG-dL3cFT1dZ1frCM7g3G7hyFfSxlIQ5Ydbq4cLYsk0F8KP9JY61SucCdsi3tD_2nLt2ttFSP2dsKqMca8ZaCLLILa2IE7DumTADk8hR1_OOMYks-AE-ZJARPjj8Hi0WbeB5OUaMwS-aFcwOzJudDJyzy_9m_lmIQU8VVTSUoXvjrfWSVsaQJ4-F_gY4pQW6g1lzF9gzZWNBJwEPHAVNIWRZ9eoYBEi3FRUuXRxgdb6Fq-B44SDKVBDleR0aDPsWNRYCdmmfKdDXaMC5TjstV82HgqAE8LGpJdZWti9gnJDEzeHvOiHAdOicmYfpgN8JADSMlND-jvLNMRQJpcfXavOVsPatj3PbNMU0Mbe3Xr3IVt_t0n90VY7Y06dFcY4xA_8A3c3eaX1A-foCPdpZjkGKPYKL0bcDOXkG7I45XUuxeNzQ-zAHKoDkolpUWf-EEF69vFZ-ep_4UutGywzLrzMxDWL9AhOO2nR0tC7XRIuhTUHWqxpoRFPuN3NzLePewHNRdrGgpvGPVPVUeVAVHhjBt4qZxG9r5r_GLbLSCraTfodFrQYsUn0TrNSj3w9u1jNRhOGNn62MRb1edpgEUdYeyE_g21jyw5Gbuh_cj3BoP_tmyDUMIGwx3IZQRPQmD7Bv5qKHYxlO73spv0yM4h528JhzFznY5tC5WEZvJmYY3A7Je6gY-cVOqC5_uX2VY5-wUuo7L2mPfuxDJpZ4CVVqXg9KYQYh_1jRpgjw_SutFFNqLA4STclUxHfBE_UOdbpYBSnYqKK_6YbwiL7vFzc9qIAfUIUA0vlauA4Y9Q_Nc0LHpMkxxV22NvHQhp_yOKzIM39PwYA-Ls0y7-cG-TYsQwI-FJKvGFyOTXjusVGtGin8K8NnYXt_m4zQqKTDPsxtUx6FtUWTbhFuxtIJeN9XDieo4hAl3&cid=CAQSOwAvHhf_dKTRuof1iZ3n2nJ7rShIc1EvjMkzuf99jUMI1Bdw6aEOi-QnEzJV-wbZTcMRvwZLDJZ6VwhYGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdrd.com.br%2F&ds=l&xdt=1&iif=1&cor=4485106650111903000&adk=4188270524&idt=98&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:30:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame B2C1 31 KB
12 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:30:09 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B2C1 41 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 02E6 1 KB
651 B 14ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sun, 21 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B2C1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bf01e21ade744b5eabb43fb28cc6289fc15e18cf5442369b65315ea027752bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
adv.office-partner.de/ Frame 061B 930 B
923 B 64ms
11ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=081a6c0807&subid=&uid=f65d6693e9223d71&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=720x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCTfLgjytZaH3CfSi7_UPhuOKmA2m5b2gaYWVnKfJD_AuEAEg1s63TmCVgoCAoAfIAQmpAp2Ka-hlSLI-qAMByAObBKoElAJP0HjTBxFwxQj8TaFisDC1HJXRzCj55YSdbemOE13fvrLqBCME6_nFFEG4Qn6d5L0Q0SchY9dyJSs_ynhw08pdgmfJ4dtew_XGLCvYbcz7xchI1TqVHY5d4MjtETabdc6t-Q5mXrot6A28YN2lnM4JwcUu4IaL2cg-dW8RBYHgdeYiFfbEuZoQQbEVAfOuirPXzL7PUGy8-nqBny2PsjfEKTPfZ3xpv4ApySGYDnhXCtBEvnfUG0wlAQCMLuZXi1DXe5A0GgA6SfDrHlSRQN-m3pW876pFxGqHWfFkbCcnjV37Yz78sHU7cm9ja4Y0Q3eraz7NUQv_FNYmO5E1Y-E5Q9HaHnViGW1ODSZh3sAIKORwpGnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYtbr4g-rugwOACgOYCwHICwGADAGqDQJEReINEwiP6_iD6u6DAxV00bsIHYaxAtOwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_f-6IouSAr0LLfNO-gpzDCRi08Rw_D2rWmjR4aPvIBNfE_j7iG1BYHPcWYCQI7ZgcLBWJlwuzGAE%26sig%3DAOD64_0yAXl-Ur5BTqbqrhYyIp-p0LyMUA%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-Bh5Uxki37hsPIV4FArsozG8OzY_Yg5KrPSe6GFl75b8H2V37wD0SCmmhCxV8QgxtE8UQPXNViP1CiryFwc1THK1Ps_d-yNfxiYMWmWDs6BPB2iJq5prGySDahG9uFT5sr7afvt0KQf8IWFT5wN-Bip3qlKn-7AsX5OBchYD4S8MjpqcH4%26cry%3D1%26dbm_d%3DAKAmf-CIEWyqD1pydJU2andmLe3Do7oyP1PMFtvcxCnjxf5JxG_m8mqTp6-dVDrAtubKvSv5eQy6W0jQ7AAFjQS2XywrlCdakezSk7RGbh37nQxubifTELxKHuPlwnL4S5UDxqVO6X7wmUD5MYnW6WVXE7qX-zM235d8Gh3hQ31lrRvmubluqRf3WA1tycKKMbii02OmyoxFP03cbWuCUmNz2KUg7-_tPVtkOGvc6df5nOpA2ioJi_L06Q2yj9Ft07SLRn0Nqc7v6Gbuaa0FrtAXuaSug3j0eWOjAIHncfd55If1zCWdmUlO_pwSM2kJhCwTT-vJYhM86Ect0dWCPw5swNs_ZWpsI3XS6ZQr6GTc4btdzW43BUQHbtJd3u8OrqX5g3F6Y1QDTNcnbEjC06Lk05JhEi4b-jCNDirOsX2w44NIXZeptqKfPi5fAhd-ugFmiGA6pL1BVLWD2t4JEuOXrSU_IK6Zt9EDpWwwK1JOKLUO18JDlHce7Juj7tXgvuBpjhi3n9y3vlnn_FQXJYIGrh0wDWwzQWlqZ81yGFaesRJYB_65LO4%26adurl%3D&documentReferer=https%3A%2F%2Fdrd.com.br%2F&ancestorOrigins=https%3A%2F%2Fdrd.com.br&random=6840927307984&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 21 Jan 2024 15:47:15 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 28 Jan 2024 15:47:15 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 6F15 0
327 B 88ms
20ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=12715100096253504444550012576020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=081a6c0807&subid=&uid=f65d6693e9223d71&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=720x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCTfLgjytZaH3CfSi7_UPhuOKmA2m5b2gaYWVnKfJD_AuEAEg1s63TmCVgoCAoAfIAQmpAp2Ka-hlSLI-qAMByAObBKoElAJP0HjTBxFwxQj8TaFisDC1HJXRzCj55YSdbemOE13fvrLqBCME6_nFFEG4Qn6d5L0Q0SchY9dyJSs_ynhw08pdgmfJ4dtew_XGLCvYbcz7xchI1TqVHY5d4MjtETabdc6t-Q5mXrot6A28YN2lnM4JwcUu4IaL2cg-dW8RBYHgdeYiFfbEuZoQQbEVAfOuirPXzL7PUGy8-nqBny2PsjfEKTPfZ3xpv4ApySGYDnhXCtBEvnfUG0wlAQCMLuZXi1DXe5A0GgA6SfDrHlSRQN-m3pW876pFxGqHWfFkbCcnjV37Yz78sHU7cm9ja4Y0Q3eraz7NUQv_FNYmO5E1Y-E5Q9HaHnViGW1ODSZh3sAIKORwpGnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYtbr4g-rugwOACgOYCwHICwGADAGqDQJEReINEwiP6_iD6u6DAxV00bsIHYaxAtOwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_f-6IouSAr0LLfNO-gpzDCRi08Rw_D2rWmjR4aPvIBNfE_j7iG1BYHPcWYCQI7ZgcLBWJlwuzGAE%26sig%3DAOD64_0yAXl-Ur5BTqbqrhYyIp-p0LyMUA%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-Bh5Uxki37hsPIV4FArsozG8OzY_Yg5KrPSe6GFl75b8H2V37wD0SCmmhCxV8QgxtE8UQPXNViP1CiryFwc1THK1Ps_d-yNfxiYMWmWDs6BPB2iJq5prGySDahG9uFT5sr7afvt0KQf8IWFT5wN-Bip3qlKn-7AsX5OBchYD4S8MjpqcH4%26cry%3D1%26dbm_d%3DAKAmf-CIEWyqD1pydJU2andmLe3Do7oyP1PMFtvcxCnjxf5JxG_m8mqTp6-dVDrAtubKvSv5eQy6W0jQ7AAFjQS2XywrlCdakezSk7RGbh37nQxubifTELxKHuPlwnL4S5UDxqVO6X7wmUD5MYnW6WVXE7qX-zM235d8Gh3hQ31lrRvmubluqRf3WA1tycKKMbii02OmyoxFP03cbWuCUmNz2KUg7-_tPVtkOGvc6df5nOpA2ioJi_L06Q2yj9Ft07SLRn0Nqc7v6Gbuaa0FrtAXuaSug3j0eWOjAIHncfd55If1zCWdmUlO_pwSM2kJhCwTT-vJYhM86Ect0dWCPw5swNs_ZWpsI3XS6ZQr6GTc4btdzW43BUQHbtJd3u8OrqX5g3F6Y1QDTNcnbEjC06Lk05JhEi4b-jCNDirOsX2w44NIXZeptqKfPi5fAhd-ugFmiGA6pL1BVLWD2t4JEuOXrSU_IK6Zt9EDpWwwK1JOKLUO18JDlHce7Juj7tXgvuBpjhi3n9y3vlnn_FQXJYIGrh0wDWwzQWlqZ81yGFaesRJYB_65LO4%26adurl%3D&documentReferer=https%3A%2F%2Fdrd.com.br%2F&ancestorOrigins=https%3A%2F%2Fdrd.com.br&random=6840927307984&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Sun, 21 Jan 2024 15:47:15 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 link.html Show response
track.webgains.com/ Frame A5AA 2 KB
2 KB 146ms
74ms Script
text/html 13.41.170.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=12715100096253504444550012576020&nw=1
Requested by: Host: drd.com.br
URL: https://drd.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.170.8 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-170-8.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: edc1ffb291557accf71f130ed2c2d2fc0a14f899c52e133995168afc0c581598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
last-modified: Sun, 21 Jan 2024 15:47:15 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 21 Jan 2024 15:48:15 GMT

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame A5AA 0
326 B 89ms
20ms Script
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=12715100096253504444550012576020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=081a6c0807&subid=&uid=f65d6693e9223d71&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=720x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCTfLgjytZaH3CfSi7_UPhuOKmA2m5b2gaYWVnKfJD_AuEAEg1s63TmCVgoCAoAfIAQmpAp2Ka-hlSLI-qAMByAObBKoElAJP0HjTBxFwxQj8TaFisDC1HJXRzCj55YSdbemOE13fvrLqBCME6_nFFEG4Qn6d5L0Q0SchY9dyJSs_ynhw08pdgmfJ4dtew_XGLCvYbcz7xchI1TqVHY5d4MjtETabdc6t-Q5mXrot6A28YN2lnM4JwcUu4IaL2cg-dW8RBYHgdeYiFfbEuZoQQbEVAfOuirPXzL7PUGy8-nqBny2PsjfEKTPfZ3xpv4ApySGYDnhXCtBEvnfUG0wlAQCMLuZXi1DXe5A0GgA6SfDrHlSRQN-m3pW876pFxGqHWfFkbCcnjV37Yz78sHU7cm9ja4Y0Q3eraz7NUQv_FNYmO5E1Y-E5Q9HaHnViGW1ODSZh3sAIKORwpGnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYtbr4g-rugwOACgOYCwHICwGADAGqDQJEReINEwiP6_iD6u6DAxV00bsIHYaxAtOwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_f-6IouSAr0LLfNO-gpzDCRi08Rw_D2rWmjR4aPvIBNfE_j7iG1BYHPcWYCQI7ZgcLBWJlwuzGAE%26sig%3DAOD64_0yAXl-Ur5BTqbqrhYyIp-p0LyMUA%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-Bh5Uxki37hsPIV4FArsozG8OzY_Yg5KrPSe6GFl75b8H2V37wD0SCmmhCxV8QgxtE8UQPXNViP1CiryFwc1THK1Ps_d-yNfxiYMWmWDs6BPB2iJq5prGySDahG9uFT5sr7afvt0KQf8IWFT5wN-Bip3qlKn-7AsX5OBchYD4S8MjpqcH4%26cry%3D1%26dbm_d%3DAKAmf-CIEWyqD1pydJU2andmLe3Do7oyP1PMFtvcxCnjxf5JxG_m8mqTp6-dVDrAtubKvSv5eQy6W0jQ7AAFjQS2XywrlCdakezSk7RGbh37nQxubifTELxKHuPlwnL4S5UDxqVO6X7wmUD5MYnW6WVXE7qX-zM235d8Gh3hQ31lrRvmubluqRf3WA1tycKKMbii02OmyoxFP03cbWuCUmNz2KUg7-_tPVtkOGvc6df5nOpA2ioJi_L06Q2yj9Ft07SLRn0Nqc7v6Gbuaa0FrtAXuaSug3j0eWOjAIHncfd55If1zCWdmUlO_pwSM2kJhCwTT-vJYhM86Ect0dWCPw5swNs_ZWpsI3XS6ZQr6GTc4btdzW43BUQHbtJd3u8OrqX5g3F6Y1QDTNcnbEjC06Lk05JhEi4b-jCNDirOsX2w44NIXZeptqKfPi5fAhd-ugFmiGA6pL1BVLWD2t4JEuOXrSU_IK6Zt9EDpWwwK1JOKLUO18JDlHce7Juj7tXgvuBpjhi3n9y3vlnn_FQXJYIGrh0wDWwzQWlqZ81yGFaesRJYB_65LO4%26adurl%3D&documentReferer=https%3A%2F%2Fdrd.com.br%2F&ancestorOrigins=https%3A%2F%2Fdrd.com.br&random=6840927307984&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame A5AA 43 B
360 B 89ms
21ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=12715100096253504444550012576020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=081a6c0807&subid=&uid=f65d6693e9223d71&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=720x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCTfLgjytZaH3CfSi7_UPhuOKmA2m5b2gaYWVnKfJD_AuEAEg1s63TmCVgoCAoAfIAQmpAp2Ka-hlSLI-qAMByAObBKoElAJP0HjTBxFwxQj8TaFisDC1HJXRzCj55YSdbemOE13fvrLqBCME6_nFFEG4Qn6d5L0Q0SchY9dyJSs_ynhw08pdgmfJ4dtew_XGLCvYbcz7xchI1TqVHY5d4MjtETabdc6t-Q5mXrot6A28YN2lnM4JwcUu4IaL2cg-dW8RBYHgdeYiFfbEuZoQQbEVAfOuirPXzL7PUGy8-nqBny2PsjfEKTPfZ3xpv4ApySGYDnhXCtBEvnfUG0wlAQCMLuZXi1DXe5A0GgA6SfDrHlSRQN-m3pW876pFxGqHWfFkbCcnjV37Yz78sHU7cm9ja4Y0Q3eraz7NUQv_FNYmO5E1Y-E5Q9HaHnViGW1ODSZh3sAIKORwpGnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYtbr4g-rugwOACgOYCwHICwGADAGqDQJEReINEwiP6_iD6u6DAxV00bsIHYaxAtOwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_f-6IouSAr0LLfNO-gpzDCRi08Rw_D2rWmjR4aPvIBNfE_j7iG1BYHPcWYCQI7ZgcLBWJlwuzGAE%26sig%3DAOD64_0yAXl-Ur5BTqbqrhYyIp-p0LyMUA%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-Bh5Uxki37hsPIV4FArsozG8OzY_Yg5KrPSe6GFl75b8H2V37wD0SCmmhCxV8QgxtE8UQPXNViP1CiryFwc1THK1Ps_d-yNfxiYMWmWDs6BPB2iJq5prGySDahG9uFT5sr7afvt0KQf8IWFT5wN-Bip3qlKn-7AsX5OBchYD4S8MjpqcH4%26cry%3D1%26dbm_d%3DAKAmf-CIEWyqD1pydJU2andmLe3Do7oyP1PMFtvcxCnjxf5JxG_m8mqTp6-dVDrAtubKvSv5eQy6W0jQ7AAFjQS2XywrlCdakezSk7RGbh37nQxubifTELxKHuPlwnL4S5UDxqVO6X7wmUD5MYnW6WVXE7qX-zM235d8Gh3hQ31lrRvmubluqRf3WA1tycKKMbii02OmyoxFP03cbWuCUmNz2KUg7-_tPVtkOGvc6df5nOpA2ioJi_L06Q2yj9Ft07SLRn0Nqc7v6Gbuaa0FrtAXuaSug3j0eWOjAIHncfd55If1zCWdmUlO_pwSM2kJhCwTT-vJYhM86Ect0dWCPw5swNs_ZWpsI3XS6ZQr6GTc4btdzW43BUQHbtJd3u8OrqX5g3F6Y1QDTNcnbEjC06Lk05JhEi4b-jCNDirOsX2w44NIXZeptqKfPi5fAhd-ugFmiGA6pL1BVLWD2t4JEuOXrSU_IK6Zt9EDpWwwK1JOKLUO18JDlHce7Juj7tXgvuBpjhi3n9y3vlnn_FQXJYIGrh0wDWwzQWlqZ81yGFaesRJYB_65LO4%26adurl%3D&documentReferer=https%3A%2F%2Fdrd.com.br%2F&ancestorOrigins=https%3A%2F%2Fdrd.com.br&random=6840927307984&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A5AA 43 B
702 B 114ms
55ms Image
image/gif 23.192.250.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=12715100096253504444550012576020&pv=1

Requested by

Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=081a6c0807&subid=&uid=f65d6693e9223d71&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=720x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCTfLgjytZaH3CfSi7_UPhuOKmA2m5b2gaYWVnKfJD_AuEAEg1s63TmCVgoCAoAfIAQmpAp2Ka-hlSLI-qAMByAObBKoElAJP0HjTBxFwxQj8TaFisDC1HJXRzCj55YSdbemOE13fvrLqBCME6_nFFEG4Qn6d5L0Q0SchY9dyJSs_ynhw08pdgmfJ4dtew_XGLCvYbcz7xchI1TqVHY5d4MjtETabdc6t-Q5mXrot6A28YN2lnM4JwcUu4IaL2cg-dW8RBYHgdeYiFfbEuZoQQbEVAfOuirPXzL7PUGy8-nqBny2PsjfEKTPfZ3xpv4ApySGYDnhXCtBEvnfUG0wlAQCMLuZXi1DXe5A0GgA6SfDrHlSRQN-m3pW876pFxGqHWfFkbCcnjV37Yz78sHU7cm9ja4Y0Q3eraz7NUQv_FNYmO5E1Y-E5Q9HaHnViGW1ODSZh3sAIKORwpGnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYtbr4g-rugwOACgOYCwHICwGADAGqDQJEReINEwiP6_iD6u6DAxV00bsIHYaxAtOwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_f-6IouSAr0LLfNO-gpzDCRi08Rw_D2rWmjR4aPvIBNfE_j7iG1BYHPcWYCQI7ZgcLBWJlwuzGAE%26sig%3DAOD64_0yAXl-Ur5BTqbqrhYyIp-p0LyMUA%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-Bh5Uxki37hsPIV4FArsozG8OzY_Yg5KrPSe6GFl75b8H2V37wD0SCmmhCxV8QgxtE8UQPXNViP1CiryFwc1THK1Ps_d-yNfxiYMWmWDs6BPB2iJq5prGySDahG9uFT5sr7afvt0KQf8IWFT5wN-Bip3qlKn-7AsX5OBchYD4S8MjpqcH4%26cry%3D1%26dbm_d%3DAKAmf-CIEWyqD1pydJU2andmLe3Do7oyP1PMFtvcxCnjxf5JxG_m8mqTp6-dVDrAtubKvSv5eQy6W0jQ7AAFjQS2XywrlCdakezSk7RGbh37nQxubifTELxKHuPlwnL4S5UDxqVO6X7wmUD5MYnW6WVXE7qX-zM235d8Gh3hQ31lrRvmubluqRf3WA1tycKKMbii02OmyoxFP03cbWuCUmNz2KUg7-_tPVtkOGvc6df5nOpA2ioJi_L06Q2yj9Ft07SLRn0Nqc7v6Gbuaa0FrtAXuaSug3j0eWOjAIHncfd55If1zCWdmUlO_pwSM2kJhCwTT-vJYhM86Ect0dWCPw5swNs_ZWpsI3XS6ZQr6GTc4btdzW43BUQHbtJd3u8OrqX5g3F6Y1QDTNcnbEjC06Lk05JhEi4b-jCNDirOsX2w44NIXZeptqKfPi5fAhd-ugFmiGA6pL1BVLWD2t4JEuOXrSU_IK6Zt9EDpWwwK1JOKLUO18JDlHce7Juj7tXgvuBpjhi3n9y3vlnn_FQXJYIGrh0wDWwzQWlqZ81yGFaesRJYB_65LO4%26adurl%3D&documentReferer=https%3A%2F%2Fdrd.com.br%2F&ancestorOrigins=https%3A%2F%2Fdrd.com.br&random=6840927307984&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.178 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 15:47:15 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 bridge3.613.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B606 753 KB
241 KB 17ms
16ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0fe83d875faf394978cd04227fb30838db2f4a9bd67e6862e6845c6eee1a09e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 393465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246576
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 02:29:30 GMT
expires: Thu, 16 Jan 2025 02:29:30 GMT
last-modified: Mon, 15 Jan 2024 20:36:05 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Jan 2024 15:47:15 GMT

GET
H2 200 volume_off.png
www.gstatic.com/dfp/native/ 3 KB
3 KB 16ms
15ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/volume_off.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 09:19:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
age: 368871
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2684
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Jan 2025 09:19:24 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0654 40 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 21 Jan 2024 16:02:01 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00CD 0
25 B 168ms
166ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BPpK3gjytZfW4Lo2C7_UPmtuvqAoAAAAAOAHgBAI&bg=!GxilGFfNAAZVxkGXdcY7ADQBe5WfOMw0V4oK7c9xQZlF0Jue3nvMwB8a0M40Nr0OP-uX2Zt5nrGCt2hPu9ZZGsDH7TT2AgAAAH9SAAAABmgBB5kDDWO07YJ0-rRYZed12mTzOjT9rn9HuYrtN37f3BNgcmd8WCc-W1gj9DuhInvAYRGrFyNpoVTEjV6dtQ5PdhmjF6rncoPwUYc-AKPhQ_xVGx1nHEbPGdwy7GtgZ7RQXpRonxfWzzK3NCFduX-6wJKtgKzjZLKAL7FZlNzL3KRCcOaB3jI-PGlWDqHDjV0CFYl7kHUCfJIYmCf9iGbLINsoGaNBjqhHNP7FPOxQRCvaZy26IjbfryTSuRDEWev8b3_SCVW6S4L5tv4ke1MAvZLRKlTwb_AGh8hW0s97s00Y6RN_0xY42ckBYkNAmPwKWsJzp3VwqitHopROIwD5WTfeubX7k3y7H0eI92Qw3a77_Ew4WrcipfIotQKXcPZeNdkg1hhoP_f0htWUsmIpqx6kv44NdCgo7RH3f67BUeqQIXlDrj0GEoWCM8ENtpYst1ps_eViWEAOUixisWXSZ47XWXju0s7UH5C8QXF_nkhV3FOKbN7GvDIhtpTgpbJy7cky55mx-4fdkX45t-M4yrJv16Eb-CwjLIk2LZlMLlUvcQSs6vHeV9yX--rzFrDyh5m4mwQuD6y_kIILNV5xNTyUi0rSL0usVfdzhkFBoXZ-csLBRQLntwgN9Fcbf_bPP2pOQZ9ABIfD9kFloM2nEgkRUznTlq3PGefcAIGQ_ZewE5OKcKvhm9GMHkvHUwwFZcQ6dfp5F7ZPPYVBj_D5ulMDlY_Cjmx0g5TpfWtC1kT5wOp3OwX_QkJQO0e-9faNrAlHhf2Oani5FZRDGCZQrJ2kG07xa6PWMMtzi2dwAdv1FSpDqzHGo4AuVfDC8Tm5j14-1Rs_qlSjkDXPIpmr6UISl1b9WJ2AJgZLn_tvYtfrke3R4QkUdhVsWLMrFAnWaX1d6VxJFpp5NSZ-ZI2MN3z1FplA3B4pLhVJ2pVamS9qJ18Zv57QpO8yC8MEmELpiSAL6tqDxwIleRf9jpN3L1737TcoJ_X5vUlttecDt9xDTXTG8Cy8_44Lyg1I8MIh3B8ZrdCk6NKjBOIuvBu2Xlc

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 02E6 35 B
464 B 67ms
14ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAgphxUhg-3Wz1Zwyx70uy0&google_cver=1&google_push=AXcoOmSUUecHZLZmLUacrgff2SRfrW59x4vG3xSWpAkH1Mg-_3rjmc7D-4UIrzuEKyIEwBpbFinkidQ-ZAVIMalCJdKOUbExL9vCiQ

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02E6
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGMFWWvuEaqIn_Kkid8Lfrg&google_cver=1&google_push=AXcoOmQTNGrBGxl_WOrXH_jEyNjH5wuf_JQjAus082sX9CGTN3_zL8NUZ0M4ER2IwqG2t8E2XPHmv7eH...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM1MDQ3MjAxMDkxOTMwOTIz&google_push=AXcoOmQTNGrBGxl_WOrXH_jEyNjH5wuf_JQjAus082sX9CGTN3_zL8NUZ0M4ER2IwqG2t8E2XPHmv7eH...

170 B
188 B

30ms
30ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM1MDQ3MjAxMDkxOTMwOTIz&google_push=AXcoOmQTNGrBGxl_WOrXH_jEyNjH5wuf_JQjAus082sX9CGTN3_zL8NUZ0M4ER2IwqG2t8E2XPHmv7eHgFHZimMy6NXxIwKlxwXRUQ

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM1MDQ3MjAxMDkxOTMwOTIz&google_push=AXcoOmQTNGrBGxl_WOrXH_jEyNjH5wuf_JQjAus082sX9CGTN3_zL8NUZ0M4ER2IwqG2t8E2XPHmv7eHgFHZimMy6NXxIwKlxwXRUQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 ebda
match.360yield.com/match/ Frame 02E6 43 B
199 B 151ms
29ms Image
image/gif 54.220.183.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESENvgE3-MBqQJvEo_ISeqcOs&google_cver=1&google_push=AXcoOmQqqmX9uxgHqmbb8FC5tuIuIFR9OCptjPdJ3eb4n5xFsgN26bPDaAIzDr2K8x9xKgQD6E_UbWbtNaSP20XKoTSaUJIHvvDxsw
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.220.183.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-183-228.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 15:47:15 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02E6
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN4DcNgHtKl0yd7Kk-WlOu4&google_cver=1&google_push=AXcoOmRWzPwY9ZpS9FExJ_x_leDgSHLj3oxtnB-FJ3J24W7sK6XNUO_qF_-fOnzO2gPUZh4f6oeYnkFNIqLhg5-2NeTqiE7Ouh...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRWzPwY9ZpS9FExJ_x_leDgSHLj3oxtnB-FJ3J24W7sK6XNUO_qF_-fOnzO2gPUZh4f6oeYnkFNIqLhg5-2NeTqiE7OuhA...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI0OTAzOTczOTY1NTQ3NzczNjM2Ng%3D%3D&google_push=AXcoOmRWzPwY9ZpS9FExJ_x_leDgSHLj3oxtnB-FJ3J24W7sK6XNUO_q...

170 B
188 B

36ms
36ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI0OTAzOTczOTY1NTQ3NzczNjM2Ng%3D%3D&google_push=AXcoOmRWzPwY9ZpS9FExJ_x_leDgSHLj3oxtnB-FJ3J24W7sK6XNUO_qF_-fOnzO2gPUZh4f6oeYnkFNIqLhg5-2NeTqiE7OuhAL1A

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI0OTAzOTczOTY1NTQ3NzczNjM2Ng%3D%3D&google_push=AXcoOmRWzPwY9ZpS9FExJ_x_leDgSHLj3oxtnB-FJ3J24W7sK6XNUO_qF_-fOnzO2gPUZh4f6oeYnkFNIqLhg5-2NeTqiE7OuhAL1A
date: Sun, 21 Jan 2024 15:47:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 02E6 0
44 B 1005ms
21ms Image
text/plain 5.196.111.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMGLr8lPYe1qTGmoCo7IqOo&google_cver=1&google_push=AXcoOmQK8k_qKAaPI1re5Jvl9FfmkERFz2BUHO4DU4tDQRG3kF0yqLn9a0PUCw5-7m34I0Gg64WaWdaOxTnGUE6dicV2zKZS9pUw
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.69 Lille, France, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 02E6
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH5q3RYZ78uTdCE0FVuQWFU&google_cver=1&google_push=AXcoOmT428Hu-U6PTSAYA6WqbYH1MpY0Hzpg2KQoN9xsQsLHMXucHAJth8tpyDB7L74eZ5e7_HFkTG-2ugq...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT428Hu-U6PTSAYA6WqbYH1MpY0Hzpg2KQoN9xsQsLHMXucHAJth8tpyDB7L74eZ5e7_HFkTG-2ugqw1hxRhSp4HlAAlIIGVYM
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

10ms
9ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 02E6
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKGTDZrvBghx...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSWSQFH-buhwRRMM9RgbX1PX-soRD3IkohOmbdoZpuCaYXspYNzsD-qKFR4UhNjrI4ob8qXivvSh_JxVOIR8nqfEkdYqiY0Jig
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

31ms
30ms

Image
image/gif

2.19.85.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2.19.85.30 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-30.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 21 Jan 2024 15:47:15 GMT
pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 02E6 0
12 B 22ms
22ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Itd6svNpnJvpb7SE25k4MZzmZcu1JyZaIYNRV1p_WaerYpvTEfFiX6uH_AOraZpWFYN7XLZjY

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7CEC 38 KB
13 KB 14ms
13ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 413587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10479265507807087626/ Frame F402 8 KB
2 KB 16ms
16ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2218f4accb7ba3b0d1bd3eb3dc3c41b50816d3970ff6e2cf558e2c44bb3fabdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 574762
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2338
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 00:07:53 GMT
expires: Tue, 14 Jan 2025 00:07:53 GMT
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B2C1 0
0 109ms
56ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6bTQF_OVnXPg9BhlyEzf5tCmIf2KdbaVpHHi4W5QFfIa9Cc39xN2kU4tIS94RfXycCh8fCPrBmuDhEeBE9c1Tt43xB1C1Hqze7Nn92MT_esWNa1yxC0hHvO9rAo6GcKFrT_wdbEd-6W8rRh8EDgVLGVadeFrxnIj11n4QYMy8hLvMCcT8VsXyFhCh0TFjhWyL1lJ_H5z_FTVELqwbz_C3MchAk5MdpoJLdyu3-Gk-p9Wve3eEkPzro24YhZHTSfB5i1O2ceGnmrNubQCz9lgRAHElHo6Od3X0wOuVAJhvmpsfG_5h9vCggB4-TENyDSg-0cpQn95glGBXHVIr2MzM24tZVcDNtGlUhh0TKG1QgCL69MEbUXCwQegLRW4fYrWXSpp6oviv2p1ikmI6cayvl0CCO41NmFYH397Wm8p4cE4q24faPXfewf9xOE_ZbRxakd9yoQWeyFeG1Tf0qK_Nj-womfuxYVO6n_0VUdqfr-zEOEdvsVYNBszCiST7G6XFuugqEZgjRTt1cVkhA6xhkfoDK8MsfE-T-iNfdHNEguale3zvqPzWgMsd_DWkvsme1csRnUamo9zGagDVVsOhsMyhNGvxm_cf1SNlwZyjNVbU2yoUG8xehxTUGX6wLYyVMeOQxJOnYXTGpB6Fxzt1ZyE8oCEJRkXrqrqmkuS4Ap7iNDTXCv9KsCn6kAhBLejPTIx08CHfyClaMehNG9-UKT-2IIqLReHDixHL25gDapZR-TVRCmv8dGALDFXmuyZIddI2v5oaPu7HoeUfasciDLR1lOoCkxRFqKCLMicELdaOo6aY_WBhoJBT2RHqlFo9JcsniwJOBKfeAbACF6AOLXBahC0GCerFLGKI6kK1xEpJz6f-RR0ilIiMsBsGzqHj0GZ9KMcNZFOXfLZb8sh_m2xMuNgzQsVzT-Tn46MVxoVdAUuuAxi6Vo9YP_obUHheEcLpELPrPMvK2bazsNmcFVbioSWrp-1r04KjnV-cWPpRWKC3D6RkGCkfs4DDYbsNwom_jG8VCdQSZqv8iBwYAzHATROr3pKnNhYDYg70LmmDM-SSbnXXUq_CTSE1IqVvvA2AU76cHblhAa6c40ZZLG3a0jiuVq9fC3OT1epf-dlLrLKZbhn4NRX2ifYOY87g9FwFnvdG6ujWK1etR-oNEaXR9s4-cLXv3aT35td_x-ODuDF4OOLuTENhYlOpnsxUB4Hk3GvcnDedFAXEmyhEhTisJzXrAtTOWytmFVKwgas_y-wuOw-nzv0iOR9bUlQIEOy9jCboscufj0jJGtRfUsSwtLwsQvg2UZWUgO3RX_ZOzGpmaqBP1VXXTY2oPXSEjzleqLnDHRBbJHLOqL6Wge-ijpQxGCiRzihMtcrZD83okdgxwxyRIUE6c0Mm&sai=AMfl-YQGSGfdjL-Fl1mhBIaCbLbzWYTCQ_g3o3qZJDOAdtuUpHnseu1KmCwpX6cWDUem_--i7rLeEA1dy4NmYlVAghDt3R8X8GGUJtRApXalhUtrctUAdLdPs_dN_qthQ_mRJB1D9RsGsQ3bmqfCAAfvYHTorNu4R5PZHfHYmGECnJLfG2RR-4m96uajQVSCGbVTnlYC-Z4hi_csXjksblxbzbgYFUGGLfI1efLJkxPW3KkxU522KZ5P1u3xgAZlTC5xUy34&sig=Cg0ArKJSzFasY23EhSjvEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=179&cbvp=1&cstd=175&cisv=r20240118.62007&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 Jan 2024 15:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 061B 179 KB
64 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e174144a938509bc98a8ceacc8ccefb03a64d02279fcc953d8728cd6a7f8f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65197
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Jan 2024 15:47:15 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/10479265507807087626/css/ Frame F402 6 KB
2 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 00:07:54 GMT
date: Mon, 15 Jan 2024 00:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame F402 70 KB
25 KB 61ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4532461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ani%2FmMhmCt0SlrFyiDSpMZOZk9ontEx2e1baE2U5Hf2ZqtpN%2FZ%2F8%2FC%2B09gyEoI0V%2BXPK2Zc6G%2BgcBpvpdshTGJjS9dzVZZmma%2BU6OG1yJU%2BJ0Jjsnk75tOncQ9fad2tFVkKF0v3ThrcfdOiEjQ9dYQI%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8490b1d4ffeb2bf1-FRA
expires: Fri, 10 Jan 2025 15:47:15 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame F402 7 KB
4 KB 62ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 921126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 09 Jan 2024 01:44:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "659c96f9-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIhlOPv1hJLXfpNaBeo50VRCyePraQjijoIIyzr%2Bd%2FX5j0aO70Qr9xZ5KhB634mgfBHLJiT0XrWumyHlZ7U21McpVmvXMz4KNCA6xxJroBwNgXr6gwSmbI07bxIVL9El2uxg5IwuYX48DxRndrREqpJM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8490b1d4ffea2bf1-FRA
expires: Fri, 10 Jan 2025 15:47:15 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame F402 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 02:29:32 GMT
date: Wed, 17 Jan 2024 02:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame F402 2 KB
801 B 16ms
15ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 09:41:03 GMT
date: Wed, 17 Jan 2024 09:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame F402 429 B
350 B 14ms
13ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 02:26:05 GMT
date: Wed, 17 Jan 2024 02:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393670
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 dyson-v15s-submarine.svg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame F402 25 KB
8 KB 14ms
14ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/dyson-v15s-submarine.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 00:07:54 GMT
date: Mon, 15 Jan 2024 00:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8356
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame F402 33 KB
33 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 02:12:49 GMT
date: Wed, 17 Jan 2024 02:12:49 GMT
x-content-type-options: nosniff
age: 394466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33567
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame F402 33 KB
33 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 22:25:55 GMT
date: Tue, 16 Jan 2024 22:25:55 GMT
x-content-type-options: nosniff
age: 408080
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33601
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame F402 25 KB
25 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 17 Jan 2025 15:28:05 GMT
date: Thu, 18 Jan 2024 15:28:05 GMT
x-content-type-options: nosniff
age: 260350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25911
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame F402 9 KB
9 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 16:12:54 GMT
date: Tue, 16 Jan 2024 16:12:54 GMT
x-content-type-options: nosniff
age: 430461
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8971
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 5-min.jpg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame F402 12 KB
12 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/5-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 17 Jan 2025 18:16:04 GMT
date: Thu, 18 Jan 2024 18:16:04 GMT
x-content-type-options: nosniff
age: 250271
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12054
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/10479265507807087626/script/ Frame F402 4 KB
960 B 14ms
13ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Mon, 20 Jan 2025 00:49:43 GMT
date: Sun, 21 Jan 2024 00:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53852
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 930
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame B2C1
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1874223/77019492/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2845463438153782&ias_chanId=1&ias_placementId=20843742424&bidurl=https://drd.com.br/&ias_...
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_gjytZdmnO6CWx_AP966o0A0&cbFunctionName=goog_wrapCb_gjytZdmnO6CWx_AP966o0A0&true_pb=

1 KB
1 KB

8ms
8ms

Script
application/javascript

2600:9000:223f:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_gjytZdmnO6CWx_AP966o0A0&cbFunctionName=goog_wrapCb_gjytZdmnO6CWx_AP966o0A0&true_pb=
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: chJzWGuhkrqyagXtH_ztVZhv7KoeCC.y
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 21:47:27 GMT
x-amz-cf-pop: FRA56-P5
age: 237589
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 11 Jan 2024 21:47:25 GMT
server: AmazonS3
etag: W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 3x5Lc52IULFL0FaJhT0V7E6fwyKjcVZ-oTUImXPgEtTCC8JMhPqnhw==

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: nginx
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_gjytZdmnO6CWx_AP966o0A0&cbFunctionName=goog_wrapCb_gjytZdmnO6CWx_AP966o0A0&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 7AA3 91 KB
23 KB 46ms
8ms Script
application/javascript 2600:9000:223f:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10597085
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: OvRwIrbeVsU3aoxJz_Q2Jcl4Unb6-vfeaS377OhLdtFumWzrH50hug==

GET
H2

200

activityi;dc_pre=CKPO_oTq7oMDFZzt9QIdNe8JmQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8767509871324.919 Show response
8019191.fls.doubleclick.net/ Frame F74F
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8767509871324.919?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKPO_oTq7oMDFZzt9QIdNe8JmQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8767509871324.919?

2 KB
1019 B

150ms
146ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CKPO_oTq7oMDFZzt9QIdNe8JmQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8767509871324.919?

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

039329540d821356dd2c6691e0b09f267630808ae1ccb1eccfec53cb14e039c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 909
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:47:15 GMT
expires: Sun, 21 Jan 2024 15:47:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:47:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKPO_oTq7oMDFZzt9QIdNe8JmQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8767509871324.919?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900020.redintelligence.net/ Frame 828B 7 KB
2 KB 36ms
13ms Document
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request_content.php?s=12715100096253504444550012576020&a=f812538b
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 36a09c506c816f7277a623b6cc5acb263cf51089d6493b98148e739980a8e478

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2069
Content-Type: text/html; charset=utf-8
Date: Sun, 21 Jan 2024 15:47:15 GMT
Expires: Sun, 21 Jan 2024 15:47:15 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2315 1 KB
651 B 14ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sun, 21 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A5AA 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bde0d46acb13c6d82af2b8b8c03b917cb71c554b4da86d5dbf3dbf3527084c08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CD44 6 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:47:13 GMT
expires: Mon, 20 Jan 2025 15:47:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B2C1 43 B
215 B 331ms
102ms Image
image/gif 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=adf13e6d-42d5-1e33-d7f9-21ee6e9779b1&tv=%7Bc:1X25Mp,pingTime:-3,time:180,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:52%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:180,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B171~0%5D,as:%5B171~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u20RipH+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1874223-77019492%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g1%7C1g2,idMap:1e*,rmeas:1,rend:0,renddet:na,siq:54%7D&br=c
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B2C1 43 B
215 B 328ms
102ms Image
image/gif 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=adf13e6d-42d5-1e33-d7f9-21ee6e9779b1&tv=%7Bc:1X25Mx,pingTime:-6,time:188,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B179~0%5D,as:%5B179~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u20RipH+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1874223-77019492%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g1%7C1g2,idMap:1e*,rmeas:1,rend:0,renddet:na,siq:54%7D&tpiLookup=ao:drd.com.br*&br=c
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame A5AA 54 KB
19 KB 55ms
9ms Script
application/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=12715100096253504444550012576020&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:23:26 GMT
content-encoding: gzip
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:01:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 37430
x-amz-server-side-encryption: AES256
etag: W/"1885e2f5560c2347761a6db4984ea717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: NrnEf_37GoxK5mH_JoEP5dK98oWtj3oelJhx20ovG0JhnELDa5tkAQ==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame A5AA 3 KB
3 KB 67ms
10ms Image
image/png 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1705852335&Signature=n4wCnI-iWe1cxMr~9ENU4DsIid3g5TznCXqYOZd78evzEfoBXjQ5wdXnAi8Eu8RtVCWUyq60M~ErTN8YH2IyXCl9fr~iKy8p6F3H9S6z0izsEnpjujd71pYMaz0NDA5R55i5W-nK2j3x2~j4WzELRiW49Y~QRQ0r6JHJlQEy3JcM7H9yFk6Vw0g2mGyBogB4jGI6zErSC7SnR9XIGzofmmz57ZCVZJAiywjdA0i-zfSPjqQ0YWUZFngpQuliSuI-c8d5Q8kWUIBYX4oQ8hC9a1wIBaEN~P-taAeRU3g0PWTkY96EaGuK3jIyhFB0hHvjvOckbqkWUBd8eY7DLavgIA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 21 Jan 2024 07:22:47 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 30271
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: Y415T12_fRN-nwqK191YiL--4WDwLXfB-B7kAcPrMG3_RReUrC6uSw==

GET
H3 200 css
fonts.googleapis.com/ Frame 828B 2 KB
434 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=12715100096253504444550012576020&a=f812538b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 15:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 13:54:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 15:47:15 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 828B 16 KB
16 KB 36ms
13ms Image
image/png 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=12715100096253504444550012576020&a=f812538b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 2abeb5026179c00580defbed40c6189eb88ccd2a0cc072f8e016164df18024d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16515
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 828B 17 KB
17 KB 37ms
13ms Image
image/png 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=12715100096253504444550012576020&a=f812538b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 2a22f2bdc718f846e14a0e7653e0b8e948c15a1e31f3f493901ee176b6ce2ea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16983
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 828B 11 KB
11 KB 37ms
14ms Image
image/png 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=12715100096253504444550012576020&a=f812538b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 686ec2d10f8d73807e1c52fc2eb04a64e929d89139c0d8882429ee6d4c7723dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10941
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CEC 50 KB
19 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:23:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 02:23:58 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B2C1 43 B
216 B 254ms
101ms Image
image/gif 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=adf13e6d-42d5-1e33-d7f9-21ee6e9779b1&tv=%7Bc:1X25NJ,pingTime:-2,time:262,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:542,beZ:544,mfA:547,cmA:549,inA:549,inZ:554,prA:554,prZ:587,si:595,poA:597,poZ:625,cmZ:625,mfZ:625,loA:730,loZ:733,ltA:803,ltZ:803%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:52%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:262,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B253~0%5D,as:%5B253~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u20RipH+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1874223-77019492%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g1%7C1g2,idMap:1e*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:54,sinceFw:205,readyFired:true%7D&br=c
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B606 129 KB
25 KB 3813ms
3734ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21622511100%2C22339781885%2Fdrd_multisize&description_url=https%3A%2F%2Fdrd.com.br%2F&tfcd=0&npa=0&sz=480x360&cust_params=Version%3D1.02%26place%3Dslider-video&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2775957206251260&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=google%2Fcodepen-demo-&mpv=1.0.0&sdki=445&ptt=20&adk=3891524929&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=7A3394A9-C684-4155-8994-5903A74078E7&nel=0&eid=44772139%2C44777649%2C44781409%2C44785453%2C44804291%2C44809548&url=https%3A%2F%2Fdrd.com.br%2F&dt=1705852035629&cookie=ID%3D326ab81127862f67%3AT%3D1705852033%3ART%3D1705852033%3AS%3DALNI_MYBI-3UVMgPsED0-AINo-MKYn-sWg&gpic=UID%3D00000d45b9dc54e6%3AT%3D1705852033%3ART%3D1705852033%3AS%3DALNI_MbB95rxvD2Dqvgcyj6a1kaCRG_nDA&scor=1634933180092996&ged=ve4_td6_tt0_pd6_la6000_er6981.632.7137.932_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb25408fece1ca5234dd9849c524da831ee276af37ca11f332c2b68bf5a0dfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24807
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0AC9 624 B
247 B 53ms
53ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUtccUN3rtuGRgD_-sZL2eGaU3LoFZhryL0U1b6s2NIc6Qo0o0Q5IdjFUNdYd-dMzVmhK3xLaez5MTo_9fSj5X2a1c_Go3njFXJ_cYQoUdoJ31mqbfDMinugJoWXP2yuobcpRWB6rXoYWv_avNQUi4ptv5RLVdNOj-6L5Pp7pD6enBQbWs

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:47:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame CD44 111 KB
39 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Origin: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame CD44 8 KB
3 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:37:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:37:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame CD44 23 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:32:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:32:08 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame CD44 41 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame CD44 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 10:38:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C4C7 1 KB
651 B 23ms
22ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sun, 21 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame CD44 20 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD44 42 B
68 B 161ms
161ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1VN41szaTDnhUi_Xm3KvXnu5i92omQLV4WBLMq842-o9Epm_IbjDonCk24C4ZyBCMd7chdaZ6X4q15gBzDOSDoJjWrOcoZqmgXcOpm36FRW9a9-U

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CD44 0
0 29ms
26ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKBL4R2GJxT6ZfRR4D3PivKdRpsiwwRqyzqDB99lvI4XtAwH-sszV4UPlL1fqqJvUHu9OlQG9zHcS-Y6yjkaXpngNdpQ
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD44 206 KB
65 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:47:15 GMT

GET
H3 200 dysonfutura-book.woff
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame F402 8 KB
8 KB 22ms
21ms Font
font/woff 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/dysonfutura-book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 00:07:54 GMT
date: Mon, 15 Jan 2024 00:07:54 GMT
x-content-type-options: nosniff
age: 574761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7928
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2315 0
104 B 123ms
37ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEMhrw7bAQfQjjsQBM4rnGM&google_cver=1&google_push=AXcoOmS3SNCVX2tIAsOI6lSlBfzdTUyuc6L1CueYEjrvqZpmqf11JVhicCk0d6AVUmEdiWBG4rps_ff8oDSXjruG7g1NPpwBGdo
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2315
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJT4cw971oQHqtnobKOZaqo&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJT4cw971oQHqtnobKOZaqo&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a0JWUHoyRTgxUnJBMnY1&google_gid=CAESEJT4cw971oQHqtnobKOZaqo&google_cver=1&google_push=AXcoOmTWYWGAv_lcxHldysTuq4DscffG_i12spgLZlnMDXt...

170 B
188 B

30ms
29ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a0JWUHoyRTgxUnJBMnY1&google_gid=CAESEJT4cw971oQHqtnobKOZaqo&google_cver=1&google_push=AXcoOmTWYWGAv_lcxHldysTuq4DscffG_i12spgLZlnMDXttZkVsmBIX8XoZtpwTweWglbDKtfVTTJqEmzMKgT-bknwMssQQofH4

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 15:47:14 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-0414fa71e87322d9a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a0JWUHoyRTgxUnJBMnY1&google_gid=CAESEJT4cw971oQHqtnobKOZaqo&google_cver=1&google_push=AXcoOmTWYWGAv_lcxHldysTuq4DscffG_i12spgLZlnMDXttZkVsmBIX8XoZtpwTweWglbDKtfVTTJqEmzMKgT-bknwMssQQofH4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2315 0
187 B 90ms
19ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOFEX5_uJw-zX5af_yh-ufs&google_cver=1&google_push=AXcoOmTVsFC55KVGGQONhrn-Rq4II5GWREFztNNB_XuGROPxA90a87oWOJ-flL_F1aCoqHtLREeNw0QF78ZGBKJsTX1hzIDlB_wE
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2315
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEF-QV8TOlw7EHDaaIZtGePw&google_cver=1&google_push=AXcoOmTyjHfUaCTsBEOHMDvqwXep2kBsVT97IVQ4eRyqq18gAGy0Owziw4MQy4yYNO4UUQgArBmc9ZNT-W6...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTyjHfUaCTsBEOHMDvqwXep2kBsVT97IVQ4eRyqq18gAGy0Owziw4MQy4yYNO4UUQgArBmc9ZNT-W6pEzkduwzwj7ZEdXUK&google_hm=2KAWuBwQRsOIj6meCO1qn_g

170 B
188 B

25ms
24ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTyjHfUaCTsBEOHMDvqwXep2kBsVT97IVQ4eRyqq18gAGy0Owziw4MQy4yYNO4UUQgArBmc9ZNT-W6pEzkduwzwj7ZEdXUK&google_hm=2KAWuBwQRsOIj6meCO1qn_g

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTyjHfUaCTsBEOHMDvqwXep2kBsVT97IVQ4eRyqq18gAGy0Owziw4MQy4yYNO4UUQgArBmc9ZNT-W6pEzkduwzwj7ZEdXUK&google_hm=2KAWuBwQRsOIj6meCO1qn_g
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2315
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMWAofKcdorajWg60gy8bgo&google_cver=1&google_push=AXcoOmS2cPhJPwjV_l5x3_kHYyLHHR7d6aJXOGrHASISFS1jDdL16fH--Mun20UUzCdJy4FWtlb3W6bWPM0Mbdls...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=G9Nryq7hRJwYNJ0Bjbplkw&google_push=AXcoOmS2cPhJPwjV_l5x3_kHYyLHHR7d6aJXOGrHASISFS1jDdL16fH--Mun20UUzCdJy4FWtlb3W6bWPM0MbdlsFFjGkNga6fzI

170 B
188 B

29ms
28ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=G9Nryq7hRJwYNJ0Bjbplkw&google_push=AXcoOmS2cPhJPwjV_l5x3_kHYyLHHR7d6aJXOGrHASISFS1jDdL16fH--Mun20UUzCdJy4FWtlb3W6bWPM0MbdlsFFjGkNga6fzI

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 15:47:15 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=G9Nryq7hRJwYNJ0Bjbplkw&google_push=AXcoOmS2cPhJPwjV_l5x3_kHYyLHHR7d6aJXOGrHASISFS1jDdL16fH--Mun20UUzCdJy4FWtlb3W6bWPM0MbdlsFFjGkNga6fzI
x-host: tde-deliveryengine-production-5db7bf8975-l85ll
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2315
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBh5p8hQro5PxYAGj1hTS8Q&google_cver=1&google_push=AXcoOmTniiKYeBTF01XzNtGXlPVR5jcqa9hF_iV47Q9w5bdKTJC6RM-3ZwLNVpRPtRm9AnClxEDGmWGfkKL7j6HNT...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBh5p8hQro5PxYAGj1hTS8Q&google_cver=1&google_push=AXcoOmTniiKYeBTF01XzNtGXlPVR5jcqa9hF_iV47Q9w5bdKTJC6RM-3ZwLNVpRPtRm9AnClxEDGmWGfkKL7j6HNT...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTniiKYeBTF01XzNtGXlPVR5jcqa9hF_iV47Q9w5bdKTJC6RM-3ZwLNVpRPtRm9AnClxEDGmWGfkKL7j6HNTH7F6nkiA1YU&google_hm=IB3TqGZHGmva9lx3QKKxyjfv

170 B
188 B

25ms
24ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTniiKYeBTF01XzNtGXlPVR5jcqa9hF_iV47Q9w5bdKTJC6RM-3ZwLNVpRPtRm9AnClxEDGmWGfkKL7j6HNTH7F6nkiA1YU&google_hm=IB3TqGZHGmva9lx3QKKxyjfv

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 21 Jan 2024 15:47:15 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTniiKYeBTF01XzNtGXlPVR5jcqa9hF_iV47Q9w5bdKTJC6RM-3ZwLNVpRPtRm9AnClxEDGmWGfkKL7j6HNTH7F6nkiA1YU&google_hm=IB3TqGZHGmva9lx3QKKxyjfv
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2315
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ace0fe0d-94ce-492d-99fd-4244e6f87686&google_cver=1&google_gid=CAESEG8UrU84oJzw4PXdgCRnKGY&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

25ms
25ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ace0fe0d-94ce-492d-99fd-4244e6f87686&google_cver=1&google_gid=CAESEG8UrU84oJzw4PXdgCRnKGY&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmS3TcA5DHS2Pdi1SLGkyOKJjvl-rhV9PlLZS_nNtmmV64XqmfGe-FXXaAjHc6PW2ujoXW9z7oHKrz0EeYx4xR50ecpO_BWUvw&gdpr=${GDPR}

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ace0fe0d-94ce-492d-99fd-4244e6f87686&google_cver=1&google_gid=CAESEG8UrU84oJzw4PXdgCRnKGY&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmS3TcA5DHS2Pdi1SLGkyOKJjvl-rhV9PlLZS_nNtmmV64XqmfGe-FXXaAjHc6PW2ujoXW9z7oHKrz0EeYx4xR50ecpO_BWUvw&gdpr=${GDPR}
date: Sun, 21 Jan 2024 15:47:15 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2315 0
12 B 27ms
21ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9pRmk4x396pXHNQiB3iMtOWrUG14aMKYNIu9QT-bSckbjkxd9qV7Sq0Bzm-AHwZLLuKl8eQ

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 061B 276 KB
91 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

394efc1c2670690e65342b4a5435d8e5af40e0532277095971e1cb3e97197855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93265
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jan 2024 15:47:15 GMT

GET
H/1.1 200
OK viewability Show response
hal900020.redintelligence.net/ Frame 828B 0
150 B 47ms
24ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/viewability?s=12715100096253504444550012576020&a=3884cea9&vb=m
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=12715100096253504444550012576020&a=f812538b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/request_content.php?s=12715100096253504444550012576020&a=f812538b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 15:47:15 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B2C1 0
0 48ms
47ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6bTQF_OVnXPg9BhlyEzf5tCmIf2KdbaVpHHi4W5QFfIa9Cc39xN2kU4tIS94RfXycCh8fCPrBmuDhEeBE9c1Tt43xB1C1Hqze7Nn92MT_esWNa1yxC0hHvO9rAo6GcKFrT_wdbEd-6W8rRh8EDgVLGVadeFrxnIj11n4QYMy8hLvMCcT8VsXyFhCh0TFjhWyL1lJ_H5z_FTVELqwbz_C3MchAk5MdpoJLdyu3-Gk-p9Wve3eEkPzro24YhZHTSfB5i1O2ceGnmrNubQCz9lgRAHElHo6Od3X0wOuVAJhvmpsfG_5h9vCggB4-TENyDSg-0cpQn95glGBXHVIr2MzM24tZVcDNtGlUhh0TKG1QgCL69MEbUXCwQegLRW4fYrWXSpp6oviv2p1ikmI6cayvl0CCO41NmFYH397Wm8p4cE4q24faPXfewf9xOE_ZbRxakd9yoQWeyFeG1Tf0qK_Nj-womfuxYVO6n_0VUdqfr-zEOEdvsVYNBszCiST7G6XFuugqEZgjRTt1cVkhA6xhkfoDK8MsfE-T-iNfdHNEguale3zvqPzWgMsd_DWkvsme1csRnUamo9zGagDVVsOhsMyhNGvxm_cf1SNlwZyjNVbU2yoUG8xehxTUGX6wLYyVMeOQxJOnYXTGpB6Fxzt1ZyE8oCEJRkXrqrqmkuS4Ap7iNDTXCv9KsCn6kAhBLejPTIx08CHfyClaMehNG9-UKT-2IIqLReHDixHL25gDapZR-TVRCmv8dGALDFXmuyZIddI2v5oaPu7HoeUfasciDLR1lOoCkxRFqKCLMicELdaOo6aY_WBhoJBT2RHqlFo9JcsniwJOBKfeAbACF6AOLXBahC0GCerFLGKI6kK1xEpJz6f-RR0ilIiMsBsGzqHj0GZ9KMcNZFOXfLZb8sh_m2xMuNgzQsVzT-Tn46MVxoVdAUuuAxi6Vo9YP_obUHheEcLpELPrPMvK2bazsNmcFVbioSWrp-1r04KjnV-cWPpRWKC3D6RkGCkfs4DDYbsNwom_jG8VCdQSZqv8iBwYAzHATROr3pKnNhYDYg70LmmDM-SSbnXXUq_CTSE1IqVvvA2AU76cHblhAa6c40ZZLG3a0jiuVq9fC3OT1epf-dlLrLKZbhn4NRX2ifYOY87g9FwFnvdG6ujWK1etR-oNEaXR9s4-cLXv3aT35td_x-ODuDF4OOLuTENhYlOpnsxUB4Hk3GvcnDedFAXEmyhEhTisJzXrAtTOWytmFVKwgas_y-wuOw-nzv0iOR9bUlQIEOy9jCboscufj0jJGtRfUsSwtLwsQvg2UZWUgO3RX_ZOzGpmaqBP1VXXTY2oPXSEjzleqLnDHRBbJHLOqL6Wge-ijpQxGCiRzihMtcrZD83okdgxwxyRIUE6c0Mm&sai=AMfl-YQGSGfdjL-Fl1mhBIaCbLbzWYTCQ_g3o3qZJDOAdtuUpHnseu1KmCwpX6cWDUem_--i7rLeEA1dy4NmYlVAghDt3R8X8GGUJtRApXalhUtrctUAdLdPs_dN_qthQ_mRJB1D9RsGsQ3bmqfCAAfvYHTorNu4R5PZHfHYmGECnJLfG2RR-4m96uajQVSCGbVTnlYC-Z4hi_csXjksblxbzbgYFUGGLfI1efLJkxPW3KkxU522KZ5P1u3xgAZlTC5xUy34&sig=Cg0ArKJSzFasY23EhSjvEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=695&vt=11&dtpt=516&dett=3&cstd=175&cisv=r20240118.62007&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0AC9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlKZeDJbezBzEn2Man0Q0s&google_cver=1

43 B
736 B

25ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlKZeDJbezBzEn2Man0Q0s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUtccUN3rtuGRgD_-sZL2eGaU3LoFZhryL0U1b6s2NIc6Qo0o0Q5IdjFUNdYd-dMzVmhK3xLaez5MTo_9fSj5X2a1c_Go3njFXJ_cYQoUdoJ31mqbfDMinugJoWXP2yuobcpRWB6rXoYWv_avNQUi4ptv5RLVdNOj-6L5Pp7pD6enBQbWs
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5o2fb1X%2F1SPwBSQ28pY%2B1e7wynbnBAoSvnoLqQlN2QNlOa1t%2BUcR%2BEg9KndHNStqTzhja7dnGmnqmS8W6mQ3MxgaB%2Ffr%2FFRtnUfrJbT6oBSVNSI9%2B18y4LsQYRoOes346AMYXEaK8b745w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8490b1d7bac69231-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlKZeDJbezBzEn2Man0Q0s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0AC9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za08ggqMs65YwVkv8aYhPwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlKZeDJbezBzEn2Man0Q0s&google_cver=1

43 B
739 B

23ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlKZeDJbezBzEn2Man0Q0s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUtccUN3rtuGRgD_-sZL2eGaU3LoFZhryL0U1b6s2NIc6Qo0o0Q5IdjFUNdYd-dMzVmhK3xLaez5MTo_9fSj5X2a1c_Go3njFXJ_cYQoUdoJ31mqbfDMinugJoWXP2yuobcpRWB6rXoYWv_avNQUi4ptv5RLVdNOj-6L5Pp7pD6enBQbWs
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvYhWAxjgYmD8f%2BH7cfbwJChUWX0U3b7cpPbBBjnye5Zb2BC9nkyG2%2BmLNnD2MQWiNau9%2BGIkDDTzEI%2F%2BuU%2F8vC8GJYTkEh9HCA0C3E%2FC987vrGru%2F1DiAi5fapG8XcCra9RyAeKuYRQVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8490b1d85b5b9231-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlKZeDJbezBzEn2Man0Q0s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0AC9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENfMFJiJ_fkt3SvJJzj0XjY&google_cver=1

43 B
1007 B

15ms
14ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENfMFJiJ_fkt3SvJJzj0XjY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUtccUN3rtuGRgD_-sZL2eGaU3LoFZhryL0U1b6s2NIc6Qo0o0Q5IdjFUNdYd-dMzVmhK3xLaez5MTo_9fSj5X2a1c_Go3njFXJ_cYQoUdoJ31mqbfDMinugJoWXP2yuobcpRWB6rXoYWv_avNQUi4ptv5RLVdNOj-6L5Pp7pD6enBQbWs

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
an-x-request-uuid: 9b5b4be5-59f0-45b6-9c5f-370e90f3a2fc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENfMFJiJ_fkt3SvJJzj0XjY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0AC9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D

170 B
188 B

25ms
24ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
an-x-request-uuid: 992a4609-a08c-4c62-866b-bb5fe8604ff0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D
x-proxy-origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/915966008651415552/ Frame ABB2 87 KB
18 KB 15ms
15ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e86f0a0524c3fb3e98d533eb9e2f80e1239344aebaa34565a2f42a47332e0b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 159585
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18594
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 19:27:30 GMT
expires: Sat, 18 Jan 2025 19:27:30 GMT
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame CD44 0
0 57ms
55ms Fetch
image/gif 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjste1vlTqkUjRRh3IH2V6-d8ioCWdgFAsXAyohi6azLEehQcnUr-BhR3r1p6rbChFUgtP61lTbWEMGGRyElHtWegUjq89uUsNQEeZeJX7_G8-yiPuU42-YJCTpLx8-yZRmh_ovOdpb_HsXwy7Z0vL-zms0D42L6xL1EiCsgWqlF7QfKuTnrgbB7ZH_fc1ELYMiWBZ7medj4woSOe8XisZo1w32qhfTxhW0zlmh8ebHweeliA9UR7XAjRrmgEKLDHCxbVcNTaYUJKTpM0Mb4LFh1GKapnT-mPsD4F4bzd3wuK2NOSMKc5uyOqAnyiXjJRordmufRTbSuvSiOlCB-FCgJHT-SiT_kYcKhv1H4Yml5uAAd13cg0ety2HeOaEur3QudbvvYJGHMOX6jleqSnly6sazgENwtZWD-h4g_KlMUuxCeO4Zlu66OWMIvdsmaldfaHnIgxLjTjnH-jQEff8DDppA5lkMDpJxDvbi_9j2I-d9aOh8Cf85QZzcmjm4YIcrbohwd0Xc9ycqoEA6uy3nmCij2j84Ae60LfgkoCEYpiynOPZgdWxCltAs1Zsq1MiuVgVFGPPJFZWAfySZ6DL96UwBdwvHM83dtv4LZLqHdK4gwox1YrByUWigrft_A7zptGade2ecxZkt0DjjHOEaSlQ_3dNnM0Ei2P-OIuouWnfL1_xsXczzOOWjReoJCqOWOqe7xpCP4y730tEQyuM4QqFZexez8uj8usvczs-x3N79v-BNpqiUmanpM0y58H7zYieNvJAnsYFobr5sbVbEOFHMO881XKZ3t-lN-Wy3k6X7a98HxAdTkaHySX85FpW8vgZCUbKbgFRIgDCL_8GiuLDzPENQZl7gzt6sZVO6SRhqj6taI2Kg92z_rwH-ZT_MR6H5dbew3cBxYIspBY8dSuW9LkfoUnJZVx4ITXQvPT3HOD5K49csMnG8c3DHdha3AwCEZ6q0nCWSKMw_Pg8Q-36rEld3oXSenrU2ezWehC3enrzhmKSYNujKeVzexXTEqUwdhQdJ_P8FsuIEz6GQbEUI1FNLrTk8IxVqnqIBsGatcnbGRfLJU4We88I2BKXkh7wbEkzk2R4L4zfsCnPNoO2NOcomVz6xCeGPpK7wx5cLfBW7wCoogYfZERI3LuSJdp3O3ls4dX-0mKBNOgTSyKfnttQk1DDsSmwamw5ZFZZGWl6NNvVX8x4TdAceoRY1TM00N3TuACUWrAq5sNPC98Q16nQBuKs0EdMURD6OcS8bXb5VG6zDQkjb_BFuqjilG3isapF0S94oPGonbzVQ-0pXuA7lfdiPnNx_MJeG2LkHq_YiaQZ0YuNMaXayCF8E_apT99xmVMRDtD8HGU3TUS1DFoK-0yKqmTtBRIH0xQJmEpYeuWCS6kJfLNcxmUdhw&sai=AMfl-YS2R0RCAwys1lSkHyDz3tkr8O7m4MB7gKppC3R7pZ4K7LHMOECO1RoC8gA6fLe-57VjiJdm25C5PebqQoGvMH8-e3IuAj2fM2aULojuhZTyw4gsR2McO4KNp4WPe1R6741q1oe9s_aT-qliH_Vd6qwCqEyi-2izrtp5F76woCaBFX6FkA-FHpENDLGMklX0scUoD4qwURdftVyHmgNmLXGKY1__2BoD7zpCtr3nTPY8q9Hw-V-narQQdUDHUMMr-2FGa4GMnA-NOL9C0hWVa3Ow-l4xpExEg5QicEaKc37XHtkE9meK782Ql3hp9iXzEudShwVW0DEeOiTtMv1MALXq4zqU_eqqBDyrWoBx906KHySGeG_gs4LvlzZ1NKXov0KaE4kU4Ifjvj8e4YcMo6o3O3hXLxSeb0o0cxO8PxAZ&sig=Cg0ArKJSzCG_2M5VHGAKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=125&cbvp=1&cstd=124&cisv=r20240118.66332&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 Jan 2024 15:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame C4C7 0
103 B 34ms
31ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC0CPeXN7ORjZytXFvr-aBo&google_cver=1&google_push=AXcoOmTLDGMPpvvILyAYQiuQbqJ2KmVSNGDCeg4a2Xe-UmGIVbQMYlHvnR6yX6ZT31A4MTyRREqizjypetzZyuRa8HRJNVrJxeQe
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C4C7 0
166 B 91ms
21ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOupjgVa9_3wabA0xB-oA58&google_cver=1&google_push=AXcoOmT1X3wCrKwczi3goZejdeiXNssl3J_p5VEjQZhJsxXy8SWYti1vDc3OlGr1K5MPeLrRycOtIlQ_5dlIvWEPXV6aMTG-gHYheg
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 21 Jan 2024 15:47:14 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4C7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFHuunQS87xJ-OQbZq4tSEs&google_cver=1&google_push=AXcoOmTWUMZjAHffP-GZ-zaJXnwvxevDQxUfU1hVeB2Lt5FGOW2aCRuwgnktwAKG1dXMpbgqqg1...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJOTzlBVU0tMUotNkM2MA==&google_push=AXcoOmTWUMZjAHffP-GZ-zaJXnwvxevDQxUfU1hVeB2Lt5FGOW2aCRuwgnktwAKG1dXMpbgqqg1EkU0mYjq9SZIyPGjJ-zzwdWQXTg

170 B
188 B

25ms
24ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJOTzlBVU0tMUotNkM2MA==&google_push=AXcoOmTWUMZjAHffP-GZ-zaJXnwvxevDQxUfU1hVeB2Lt5FGOW2aCRuwgnktwAKG1dXMpbgqqg1EkU0mYjq9SZIyPGjJ-zzwdWQXTg

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJOTzlBVU0tMUotNkM2MA==&google_push=AXcoOmTWUMZjAHffP-GZ-zaJXnwvxevDQxUfU1hVeB2Lt5FGOW2aCRuwgnktwAKG1dXMpbgqqg1EkU0mYjq9SZIyPGjJ-zzwdWQXTg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame C4C7 43 B
198 B 32ms
30ms Image
image/gif 54.220.183.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEAeVBp47X_BRSKSCYVneyQk&google_cver=1&google_push=AXcoOmRDCTUEOT5j9C9kAtK-mUL2pRmTcJK-23we7yeBcXCDUs8xUlxD2b3Zgn_v0x6P82wWVAq5CdBosw18dsXDq3rTNXGMqSFYyg
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.220.183.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-183-228.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 15:47:15 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame C4C7 0
45 B 397ms
20ms Image
text/plain 5.196.111.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPJsi8CP8CZ9I9BhIv7Q5sY&google_cver=1&google_push=AXcoOmRQ7BY_ux235t4ung9MxhM8ZRoIQ4UMdeIe8-R3ZzdBbhXOTOaryndj-P1PvelyN2CAQ-Zmyzq1gGMdpd11bnpnfM4_eCI_CA
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.69 Lille, France, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4C7
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFkX5xqn4RouyGOawFB4xBU&google_cver=1&google_push=AXcoOmQxxpu4nVjDa...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D&google_gid=CAESEFkX5xqn4RouyGOawFB4xBU&google_cver=1&google_push=AXcoOmQxxpu4nVjDaQangIbyCAEmmm3eve...

170 B
188 B

26ms
26ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D&google_gid=CAESEFkX5xqn4RouyGOawFB4xBU&google_cver=1&google_push=AXcoOmQxxpu4nVjDaQangIbyCAEmmm3eve305p8tVAidMjFTeq6EoXYFw-4snL3y2wSLXubJYFl9UegoyZFYPfr1NbLTzZvNJOFUVqk

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:15 GMT
an-x-request-uuid: bad8c269-9c28-428e-a594-b175260c1c7a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTUxNTU5MTA4MDMzNjI5MDU4NA%3D%3D&google_gid=CAESEFkX5xqn4RouyGOawFB4xBU&google_cver=1&google_push=AXcoOmQxxpu4nVjDaQangIbyCAEmmm3eve305p8tVAidMjFTeq6EoXYFw-4snL3y2wSLXubJYFl9UegoyZFYPfr1NbLTzZvNJOFUVqk
x-proxy-origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame C4C7 43 B
146 B 434ms
10ms Image
image/gif 3.124.237.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEH04OZSNZV9mSZOWVPZvQGo&google_cver=1&google_push=AXcoOmTYh6IOeCF7OZGwYH7nNZI3QX_0E9qNYM6d5NRw19uEYDk9dStJobQZ4BZ2wlJv32x8UAYfIMnQMrGfm3t-evtmrkiJ5lYd-g
Requested by: Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.237.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-237-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C4C7 0
12 B 22ms
22ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lraqtc4OlYdCU6Rm7kxgG6NkAj06ZXUvIUShQm5wma0kwMx9d4_GhXL7LxL9nfd4kMiEi1w54

Requested by

Host: d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
URL: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame CD44 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9e56c24b9e99da56047a6edadd88241d6923a6d7122ee75a080fc30536f58fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6917 38 KB
13 KB 15ms
14ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 413587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CKPO_oTq7oMDFZzt9QIdNe8JmQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8767509871324.919
adservice.google.com/ddm/fls/z/ Frame F74F 42 B
401 B 217ms
169ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKPO_oTq7oMDFZzt9QIdNe8JmQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8767509871324.919

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKPO_oTq7oMDFZzt9QIdNe8JmQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8767509871324.919?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04K...
ad.doubleclick.net/ddm/activity/ Frame F74F 0
22 B 166ms
166ms Image
image/png 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiAyNDgwMjQzODI2ODcyNzA1ODgxCmN0Y19jb252ZXJzaW9uX2J1Y2tldDogMQphcmNoZXR5cGVfaWQ6IDEKYXJjaGV0eXBlX2lkOiAzCmFyY2hldHlwZV9pZDogNAphcmNoZXR5cGVfaWQ6IDUKYXJjaGV0eXBlX2lkOiA2CmFyY2hldHlwZV9pZDogNwphcmNoZXR5cGVfaWQ6IDgKYXJjaGV0eXBlX2lkOiA5CmFyY2hldHlwZV9pZDogMTAKYXJjaGV0eXBlX2lkOiAxMQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFyY2hldHlwZV9pZDogMTYKYXJjaGV0eXBlX2lkOiAxNwphcmNoZXR5cGVfaWQ6IDE4CmFyY2hldHlwZV9pZDogMTkKYXJjaGV0eXBlX2lkOiAyMAphcmNoZXR5cGVfaWQ6IDIxCmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQUNUSVZJVFlfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDYwMzkwMDEKICB9Cn0KY29udmVyc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogQ09OVkVSU0lPTl9ESU1FTlNJT05fQ09OVkVSU0lPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMjEiCiAgfQp9CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA1NzA0MjUzNDQKZ2NsaWQ6ICIiCnRyaWdnZXJfZGVkdXBsaWNhdGlvbl9rZXk6IDE1NDEzNjEyMTQzMjcxMzcwOTk3Cg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:16 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"15413612143271370997"}],"aggregatable_trigger_data":[{"filters":{"14":["6039001"]},"key_piece":"0x5905389b71f24d3d","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xa902bc25dee0c017","not_filters":{"14":["6039001"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6039001"]},"key_piece":"0xd57a20a6d237f0ea","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x145ddd970ea7b7eb","not_filters":{"14":["6039001"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"2480243826872705881","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15413612143271370997","filters":{"14":["6039001"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"15413612143271370997","filters":{"14":["6039001"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"15413612143271370997","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"15413612143271370997","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8019191"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame ABB2 70 KB
25 KB 29ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4451234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25280
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-62c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BW6p9Z4uEZY%2FtQlzZh805kv2%2F1JxEImiqVKgqhRrLo%2BxhnFGcoStOJ7JW0hfE3WJCerrq0kRap%2BaeYlshf630xJmNX2kpKiSe1mODmJxeRnToJ2cQyqwr954HVzRLiV8Vnin7Vy52aYPWdAFeiWZW%2BL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8490b1d8eb8d30ed-FRA
expires: Fri, 10 Jan 2025 15:47:15 GMT

GET
H3 200 CSSRulePlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame ABB2 2 KB
1 KB 39ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3365880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 821
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmX5a48CISlF0ceBUvKBArgHWmjZZ4k6vht8y8fOs1gjnwW6wa6zY9cR09mC7hXJGJCx%2BODD0VnfvwKpecpdfi40HwtyEkgnAeaV5u4oCnc7XOhPHnX2BFE2M8Zo1PkYAG02u40S8WvWOgN5h0gewt0H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8490b1d8eb9330ed-FRA
expires: Fri, 10 Jan 2025 15:47:16 GMT

GET
H3 200 13dc9848.svg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 669 B
435 B 14ms
13ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/13dc9848.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:00:08 GMT
date: Wed, 17 Jan 2024 06:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4d968df7.jpg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 36 KB
36 KB 20ms
16ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/4d968df7.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67da98923e0202fdb1531f6d788ff4c85b696db4e87fbc1711769a2fdd79c071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:00:08 GMT
date: Wed, 17 Jan 2024 06:00:08 GMT
x-content-type-options: nosniff
age: 380827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36931
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 925934db.jpg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 25 KB
25 KB 24ms
19ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/925934db.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e1c4c7350feb68bef34a3bfe27712366db8ced582e51b85f934568d87848826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 20:42:54 GMT
date: Tue, 16 Jan 2024 20:42:54 GMT
x-content-type-options: nosniff
age: 414261
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25536
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 d357c4fb.jpg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 42 KB
42 KB 34ms
30ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/d357c4fb.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc14bcc45ee7406a2aa6a28f7158443230ec0d48d3bc6b1d6707e98ea68204a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:00:08 GMT
date: Wed, 17 Jan 2024 06:00:08 GMT
x-content-type-options: nosniff
age: 380827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42994
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4332eb45.svg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 5 KB
2 KB 38ms
34ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/4332eb45.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:00:08 GMT
date: Wed, 17 Jan 2024 06:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2343
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 f378cfc5.svg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 5 KB
2 KB 31ms
28ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/f378cfc5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:00:08 GMT
date: Wed, 17 Jan 2024 06:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2433
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 31152810.svg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 302 B
273 B 37ms
34ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/31152810.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:00:08 GMT
date: Wed, 17 Jan 2024 06:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 aef85528.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 2 KB
3 KB 33ms
29ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/aef85528.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6e3fd75e470cd50759b897eab984da9b5cafeda028be8eba2e779e41df6d818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:00:08 GMT
date: Wed, 17 Jan 2024 06:00:08 GMT
x-content-type-options: nosniff
age: 380827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2559
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 083066d0.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 4 KB
4 KB 30ms
26ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/083066d0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

185ee6c604469276f38fddfd5ec30d536bc7d1ec539289d947184abc8e6226b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 17:43:37 GMT
date: Tue, 16 Jan 2024 17:43:37 GMT
x-content-type-options: nosniff
age: 425018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4267
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 e8339025.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 2 KB
2 KB 32ms
28ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/e8339025.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

544d408eda70d8e8e0fd9a5545da5cd334699f0dc0323df9433d2fba23abdb02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 17 Jan 2025 11:17:36 GMT
date: Thu, 18 Jan 2024 11:17:36 GMT
x-content-type-options: nosniff
age: 275379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1890
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 41374161.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 3 KB
3 KB 27ms
24ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/41374161.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

206efabc5087f2c77692b82b7be8c386d62d4030e6274934b97158d2e0fc3d2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 20:30:27 GMT
date: Tue, 16 Jan 2024 20:30:27 GMT
x-content-type-options: nosniff
age: 415008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3284
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 5e0da0d6.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 2 KB
2 KB 37ms
34ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/5e0da0d6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f26944bb0a49105870ed138904641479bf78b09126c60f19be224f02c07eb89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:00:08 GMT
date: Wed, 17 Jan 2024 06:00:08 GMT
x-content-type-options: nosniff
age: 380828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1579
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 a32ff691.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 3 KB
3 KB 28ms
25ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/a32ff691.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053fc6fcd14cf8117c1262ce3601b7922eab00187ee6a3ad05cf77ced1e144bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 20:06:30 GMT
date: Wed, 17 Jan 2024 20:06:30 GMT
x-content-type-options: nosniff
age: 330045
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3153
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 d3ce6798.svg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 820 B
507 B 26ms
23ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/d3ce6798.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:00:08 GMT
date: Wed, 17 Jan 2024 06:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 470
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1147abdf.svg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 769 B
441 B 42ms
39ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/1147abdf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:00:08 GMT
date: Wed, 17 Jan 2024 06:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 0f373144.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 1 KB
1 KB 42ms
40ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/0f373144.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 16:24:51 GMT
date: Wed, 17 Jan 2024 16:24:51 GMT
x-content-type-options: nosniff
age: 343345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c8840ccb.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 3 KB
3 KB 43ms
40ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/c8840ccb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 13:34:24 GMT
date: Wed, 17 Jan 2024 13:34:24 GMT
x-content-type-options: nosniff
age: 353572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 04c2b1b2.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 3 KB
3 KB 37ms
34ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/04c2b1b2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4537461f441a3efc94cd109d0778ec4167ab27d45ae7b3b3a16ca6bd1f8a5d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 17:43:37 GMT
date: Tue, 16 Jan 2024 17:43:37 GMT
x-content-type-options: nosniff
age: 425019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3118
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 03ff1f4d.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 5 KB
5 KB 41ms
38ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/03ff1f4d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f9559aa325d9cd7b03b11455ab23d2c0a40cc8bcc9a587db57dc967bb90ab52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 06:00:08 GMT
date: Wed, 17 Jan 2024 06:00:08 GMT
x-content-type-options: nosniff
age: 380828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5559
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4e2e399c.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 15 KB
15 KB 39ms
36ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/4e2e399c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7206b90765eb10db48bbf9957d0ac0bc36b251354b5d196af83bd1a766713124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 17:27:36 GMT
date: Tue, 16 Jan 2024 17:27:36 GMT
x-content-type-options: nosniff
age: 425980
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15167
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6b6f69c1.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame ABB2 32 KB
32 KB 37ms
34ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/915966008651415552/images/6b6f69c1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69b0bfc7061b97ed7930edb3b4fbc57da801322b7e62eb7f595c128d052edd46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 19:27:32 GMT
date: Fri, 19 Jan 2024 19:27:32 GMT
x-content-type-options: nosniff
age: 159584
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32884
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B2C1 43 B
215 B 102ms
102ms Image
image/gif 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=adf13e6d-42d5-1e33-d7f9-21ee6e9779b1&tv=%7Bc:1X25VV,pingTime:-10,time:770,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705852036123%7C%7C3c1842402b2b88bb5b7bb3baccab2b33%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C49259e95907fbe3ddadabff4fa6a78c9%7C%7C89722580e7bc6d2262298da4505b8152%7C%7C079af46cd1fdfcf27cbef84e9c8bb8ce%7C%7C6453408e81f67849e04d0283224a4b56%7C%7C999d96cd40e11cb8e48ee8f19a8e37bd%7C%7C1663701684,im:%7Bpci:%7Btdr:333%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:16 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6917 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 12:30:21 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B2C1 42 B
174 B 172ms
171ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssukV1f1_ZQYCaPdbj7nRS5SiOqR68tqW1KNeozswgpHSwkyLNXq8BhlFXIC4FUWnh8B_3O9FSuG9SLu6hw1noL8Aw4RtpJlhUy8-BjU6vV6e2sd1LveTZUWiUlhpe9Qr5v29YxKIWzAZzqHQJEp2m5-kdf&sai=AMfl-YQOIe25uEJlfIX1BmRYMtKZPgyfK7VoaZmeWi2i-O-acroKiIcVJr3Q1TeDaFi6FLa3m7o2WmTpunD-hdPbV6cp2MRFBcgcPKxbKpWnwPv8c1AwTZmmHaS6i78&sig=Cg0ArKJSzEhFCYR-j6_NEAE&cid=CAQSOwAvHhf_dKTRuof1iZ3n2nJ7rShIc1EvjMkzuf99jUMI1Bdw6aEOi-QnEzJV-wbZTcMRvwZLDJZ6VwhYGAE&id=lidar2&mcvt=1040&p=1110,436,1200,1164&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=271554863&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705852034811&rpt=268&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame CD44 0
0 49ms
49ms Fetch
image/gif 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjste1vlTqkUjRRh3IH2V6-d8ioCWdgFAsXAyohi6azLEehQcnUr-BhR3r1p6rbChFUgtP61lTbWEMGGRyElHtWegUjq89uUsNQEeZeJX7_G8-yiPuU42-YJCTpLx8-yZRmh_ovOdpb_HsXwy7Z0vL-zms0D42L6xL1EiCsgWqlF7QfKuTnrgbB7ZH_fc1ELYMiWBZ7medj4woSOe8XisZo1w32qhfTxhW0zlmh8ebHweeliA9UR7XAjRrmgEKLDHCxbVcNTaYUJKTpM0Mb4LFh1GKapnT-mPsD4F4bzd3wuK2NOSMKc5uyOqAnyiXjJRordmufRTbSuvSiOlCB-FCgJHT-SiT_kYcKhv1H4Yml5uAAd13cg0ety2HeOaEur3QudbvvYJGHMOX6jleqSnly6sazgENwtZWD-h4g_KlMUuxCeO4Zlu66OWMIvdsmaldfaHnIgxLjTjnH-jQEff8DDppA5lkMDpJxDvbi_9j2I-d9aOh8Cf85QZzcmjm4YIcrbohwd0Xc9ycqoEA6uy3nmCij2j84Ae60LfgkoCEYpiynOPZgdWxCltAs1Zsq1MiuVgVFGPPJFZWAfySZ6DL96UwBdwvHM83dtv4LZLqHdK4gwox1YrByUWigrft_A7zptGade2ecxZkt0DjjHOEaSlQ_3dNnM0Ei2P-OIuouWnfL1_xsXczzOOWjReoJCqOWOqe7xpCP4y730tEQyuM4QqFZexez8uj8usvczs-x3N79v-BNpqiUmanpM0y58H7zYieNvJAnsYFobr5sbVbEOFHMO881XKZ3t-lN-Wy3k6X7a98HxAdTkaHySX85FpW8vgZCUbKbgFRIgDCL_8GiuLDzPENQZl7gzt6sZVO6SRhqj6taI2Kg92z_rwH-ZT_MR6H5dbew3cBxYIspBY8dSuW9LkfoUnJZVx4ITXQvPT3HOD5K49csMnG8c3DHdha3AwCEZ6q0nCWSKMw_Pg8Q-36rEld3oXSenrU2ezWehC3enrzhmKSYNujKeVzexXTEqUwdhQdJ_P8FsuIEz6GQbEUI1FNLrTk8IxVqnqIBsGatcnbGRfLJU4We88I2BKXkh7wbEkzk2R4L4zfsCnPNoO2NOcomVz6xCeGPpK7wx5cLfBW7wCoogYfZERI3LuSJdp3O3ls4dX-0mKBNOgTSyKfnttQk1DDsSmwamw5ZFZZGWl6NNvVX8x4TdAceoRY1TM00N3TuACUWrAq5sNPC98Q16nQBuKs0EdMURD6OcS8bXb5VG6zDQkjb_BFuqjilG3isapF0S94oPGonbzVQ-0pXuA7lfdiPnNx_MJeG2LkHq_YiaQZ0YuNMaXayCF8E_apT99xmVMRDtD8HGU3TUS1DFoK-0yKqmTtBRIH0xQJmEpYeuWCS6kJfLNcxmUdhw&sai=AMfl-YS2R0RCAwys1lSkHyDz3tkr8O7m4MB7gKppC3R7pZ4K7LHMOECO1RoC8gA6fLe-57VjiJdm25C5PebqQoGvMH8-e3IuAj2fM2aULojuhZTyw4gsR2McO4KNp4WPe1R6741q1oe9s_aT-qliH_Vd6qwCqEyi-2izrtp5F76woCaBFX6FkA-FHpENDLGMklX0scUoD4qwURdftVyHmgNmLXGKY1__2BoD7zpCtr3nTPY8q9Hw-V-narQQdUDHUMMr-2FGa4GMnA-NOL9C0hWVa3Ow-l4xpExEg5QicEaKc37XHtkE9meK782Ql3hp9iXzEudShwVW0DEeOiTtMv1MALXq4zqU_eqqBDyrWoBx906KHySGeG_gs4LvlzZ1NKXov0KaE4kU4Ifjvj8e4YcMo6o3O3hXLxSeb0o0cxO8PxAZ&sig=Cg0ArKJSzCG_2M5VHGAKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=485&vt=11&dtpt=360&dett=3&cstd=124&cisv=r20240118.66332&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: drd.com.br
URL: https://drd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:47:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CEC 0
25 B 165ms
164ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bv-lJgjytZdmnO6CWx_AP966o0A0AAAAAOAHgBAI&bg=!CAulC0TNAAZVxkGXdcY7ADQBe5WfOCZSf0qa6ZcoiRV_LB2Gvn6__ODA8PHLxtvraGV4tefcK83sa5FN8cutjuOBM80SAgAAAgFSAAAABWgBB5kDB6LS142VWq2Y0NKp5zVeYcguWBmiEfJQ8sey8HwPd9tOHU5wkAe-nUqNLFwUvlUcSzJ6QMxkZwZAZkWHUYXh6NJb9WgvIsKvgjlJ0BRYwS1k-RCroBNEQgGSU4qz3yBKKxOJMbYOZ-Acbcx_B2M6y0WxAMisZFiYScoysumKmRWzqBHzJX7u7CHvzgHluAr5hpNZ58ae8BkS0JRcmEIqs2E98RMN013QnIGGu8Szi7MJa2fzO2qFUOqeT-CzNqw6tiWMGsCnLUwddwyXV77FeZCIsiXZCltNFBuPDAZAuFhHOXE700Qge6kAhWus1md1pFCQuzD8yWGTgRNuM8p7i2-XMbtFYC4rXAfb0-N-OIQO2kqBqkJ_fwDxafWybn_5ntFJzkedR9X9lfD7u9QbjSgEpvDefnfPJxXuLM-MNtpbb7VRTvNXUhhR1bufYbOP0EsfzmVhzUlmgrsKRwGFbYZsqIBMKATvAPOSOnb2FtnmDXiVNRJDn21IoNTAU_TghyCel_wg8PI-7uMA78y9Rpy5FkZGtoC66KGf99q9I17JMkoz6Yi7-L2WK4t7CGprHeU55vH7yMdSZNotY1btoRUrQv8p3aGnKg6tuFIm5DFbHCeA5Bft9cWsYpxhmqke7FR4M-e7PugzSp8XY8UFJeWZ3CU5y6Dq6G-_7a_ZNJ_ZPR5ntv7jKU0NtVdA6xmbUXKCqyeqWD5um2HfQ7NPWHPFyyN-OW4bBbfmwoDkbNbEYyJmbRcQfqU61Te36PgA8Co6Bajcl4xzSI5_9bfJxvQbqQ5Ca7UUTj8u7q_x_-V-nkNskNiIzyxr3ECDO5BWHMUDhYb1H3nTpZ12ygzlu42IOq25afxPJK9Y6lMjJKXytTnbT9HQnCB0LOy44ep5MJAQM6l55GdAwrcGRwX4bcntZnE-AwZI3-vUa6uZmdAWePQu0j16XRu74TQMAFxIj9B9TaFm1uugHwXkSky-B2CkejqFp4My-4fb1LSPXECG_8t9tUjV5ivzFu_DAuTVYUJWCGN0zf0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A5AA 16 B
209 B 70ms
69ms Fetch
application/json 18.171.41.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.171.41.162 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-171-41-162.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Jan 2024 15:47:16 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 90ms
22ms Preflight 18.171.41.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.171.41.162 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-171-41-162.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 21 Jan 2024 15:47:16 GMT
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6917 0
25 B 165ms
165ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZwClgjytZYP9L6KC7_UP_o6noAwAAAAAOAHgBAI&bg=!fn2lfTLNAAa8BdJLnAU7ADQBe5WfOEloUUACG9AaNmCFd_eVT5ZPOxh1wx6m9NBvH4ccxl4Tx2EB8Vs-I18G2OcfFTAIAgAAATFSAAAABGgBB5kDFPmeGQvQAhBNktjFJNTyIGInVBFTxnZk8FZjIcO0V8_s_ZG8dqaM0FfiP7zJEmYQhwAX1Bd-awACQXJGuMwnmGsZSgDngmvgeIpIE-9JYTuKXGTBrV1HU0JiHnf_prHiyCbTAZiZ9-HKMdMZpwIMn8E05Y_C8VdZnO-Sy6ggYTdi6thQrtdy0KGjQ_u2cH_zZSiaYJ2OTs2WI623gL_5qZgOZN5YUjhfH-_bXOuzbY8mKwJCp76MKWxbjQdjDJhHpOT6SbBB1oqZG9EXj8NoiTdldiaZPkGoD1sG1frjB4X514_fN0KkL8fXhJnQixcQKvIVehX_twsmlemSzmzGz2dsrKcpRnY-qFYWP0gDnFZL9qPcFRLJmc9YdhZA7vlKMl6licpUo-d2K8P_uv3HRaCRFZXYMom4bEl78h3J7j8LmfTFHwfbTtKbz_J8_UgESDNDNcN6aXfDqmLWRDEItvTos3Hcnj4TJ4meIdviPvzmCNy5KCay8TkU2IA4qzfjw0UXve_6WJO8uz4Jg4NJxfNoFB54Y0lKY5kqgtGbQKm1sqPU7Rn0bwLrCvzSSVn6DxHYui_OjGJMOHGKJpJXAJH3f2BFMoKppjKhiwIdhCdOhWjJScuRTMsLpeRL1_QQ4PftEyYRptZask4wAt4yrE09Ir0iu_TXCfftzVRPSfebcnqJcFgI-Nr_JhevSPkC3OIgQtNFi-cNVlKZLg9utOUoVFx3Emf3Q5ncICmaf2nhWkqFh11ifxvSe81GEuzmyziwf4oqW82ijX7dVa0zqVOI0mdoil_Zec2Cwodj3ePm2rPKYHMZcRIlwOZqZH10EvJ8t96O6tLOwXo6D6AEyXXTrAQh8L0UgArUMrA77duL3koTz3HrFpqflroIX3E-Lg3YwYIe1LYmTP2jcUvAxb1AgmSXxTVBNmMLqvLo4KZt_0gHMGGqKX9bZBuCyRnVeScMjM5fEXP_x4YNw8uz2nmHg-tRKOT6G0ree-rdNx7zf35zc6CbL4IxDR2zUgtKXnp8Bf9iWCFouBMrd78d3B9TC2B0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CD44 42 B
64 B 188ms
188ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqNwhlFqXYHdu4OFlLqfmNNMq7BHz2v0Vs64fRfrm2fYIS4tvapd7yTVLr3u00Lf0oHIK6OGRlRUkTppOcR9vsVOpue2zdYQnkQnwdONj7P86597m6reY-leMPj2KFcI-4u8Kn_8lcVL6WRr3eUrC8G9Cd&sai=AMfl-YScAu3LftBAo_XjDyLJAVHe835Dq3gyjN9WWYXrFXbEx88Tp9qbx9Bb7x27qJOKRZBTVC5Mw8RXlJFxgh3qcheHT9xPlxL1QTpGDI3MtcHtAhOkDyfJsu664OMt&sig=Cg0ArKJSzF5OMMJUAU8TEAE&cid=CAQSPAAvHhf_tIcwaN4JTq0BRLIkPi6N2CB0iBo-TMh4RkRT6urGoOLN4aP5Y-2Efp4_11_srno3Wto1fM6joxgB&id=lidar2&mcvt=1001&p=16,436,106,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2512169060&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705852035516&rpt=368&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2C1 0
25 B 161ms
160ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6428968500692&version=m202309260101&ct=76&x=1&cor=4485106650111903000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A5AA 0
25 B 2266ms
2265ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=596362938382&version=m202309260101&ct=77&x=1&cor=11656722239500188000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found media_w1969103430_17174.aac Show response
5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/ Frame 635A 0
397 B 2202ms
2202ms XHR
text/plain 135.148.100.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/media_w1969103430_17174.aac
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.148.100.137 , United States, ASN16276 (OVH, FR),
Reverse DNS: wz3.dnip.com.br
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fb.radiosnaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length, ETag
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B2C1 43 B
215 B 1891ms
1890ms Image
image/gif 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=adf13e6d-42d5-1e33-d7f9-21ee6e9779b1&tv=%7Bc:1X26ke,pingTime:1,time:2277,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:52%7D,%7Bpiv:100,vs:i,r:,t:1270%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1007,o:1270,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1261~0,0~100%5D,as:%5B1261~728.90%5D%7D%7D,%7Bsl:i,t:1270,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1007~100%5D,as:%5B1007~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:126,fm:u20RipH+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1874223-77019492%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g1%7C1g2,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:54,sis:374%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B2C1 43 B
215 B 1891ms
1891ms Image
image/gif 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=adf13e6d-42d5-1e33-d7f9-21ee6e9779b1&tv=%7Bc:1X26kf,pingTime:1,time:2278,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:52%7D,%7Bpiv:100,vs:i,r:,t:1270%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1008,o:1270,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1261~0,0~100%5D,as:%5B1261~728.90%5D%7D%7D,%7Bsl:i,t:1270,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1008~100%5D,as:%5B1008~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:126,fm:u20RipH+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1874223-77019492%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g1%7C1g2,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:54,sis:374%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 csi
csi.gstatic.com/ Frame B606 0
225 B 499ms
162ms Ping
image/gif 2607:f8b0:400e:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lrno9ads&c=2709051146242&slotId=1354525573121&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=gZ11zKVsc6c&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400e:c07::5e The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B606 0
45 B 472ms
162ms Ping
image/gif 2607:f8b0:400e:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lrno9dly&c=2709051146242&slotId=1354525573121&qqid=CO-whYXq7oMDFQ4GVQgdMz8PVA&gqid=gzytZeSKLILM1PIPpe-S-AU&fb=ima_html5-lima&sdkv=h.3.613.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&ghmsh_eids=44772139%2C44777649%2C44781409%2C44785453%2C44804291%2C44809548&met.4=ghmsh_s.lrno9dm3~ghmsh_s.lrno9dm6&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=SHhH9SlwKftaxMju
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400e:c07::5e The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B606 0
0 166ms
165ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.613.0&e=44772139%2C44777649%2C44781409%2C44785453%2C44804291%2C44809548&id=ima_html5&c=152131041607658&domain=drd.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame B606 453 B
478 B 15ms
14ms Image
image/png 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-2845463438153782

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:23:13 GMT
x-content-type-options: nosniff
age: 1446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 16:13:13 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame B606 42 B
68 B 53ms
52ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CelfvgzytZa_jLY6M1PIPs_68oAXrtdOddcztlpaPErCQHxABIMGvsn8oAmCVgoCAoAegAf3_jPYCyAEF4AIAqAMBmAQAqgSpAk_QoWv-viAvbfaTLFkRFUcQH_7sC2VmqdhFzBiRC_hZp_prLc0ihMSZ30wtlpBuCU7nKyEmjC7CGtpJKqlUa_9B4EK_HprtpjAVrwAFghFfrYdV_KDXegrFw19NzxCBIMipSOcpzWEfawdDYj6Qo74T-TBFax-wH3_SJ5Ix2AeyvY9CBTAKbsv4GQI3bZQY1b-765bAZBmQd0kiU7VrqwCM8R9fXhwPtpzEAyjG14eOYj6uqxU0BHFn373JRRXRjdtl4rqnbEZJk5g39b6w2M-Uv89tXRiHNuevnIKqykoS7DDc8ko6gUKT0K76ZSOxuKeNV16Bd6wgcthpJ6iQNdLF05wHjw7_PWJkvENfH1o4RvSNBs66hTktDmAFuFHWSkzO9wz3Rg7dKMAE8sakmogE4AQBiAXrkbvYR6AGVIAH6__yiQGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMCChIXq7oMDsQnX_V0MjqIQEIAKA5gLAcgLAdALDtoMEQoLEMDgtP2gleWM_AESAgEDmg0BDqoNAkRFyA0B4g0TCIa1hIXq7oMDFQ4GVQgdMz8PVNgTDIgUBNAVAeIWAggB-BYBgBcBshgEEgLxTg&sigh=dqfghoFC1zw&label=show_ad&sdkv=h.3.613.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYyMjU0ODMzNDI4NDIMNjc3ODA4MjQ5ODM5QOwdUiMQDyUAAHBBKAE6C2daMTF6S1ZzYzZjQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
pubads.g.doubleclick.net/pagead/ Frame B606 0
0 53ms
52ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CRQ3TgzytZa_jLY6M1PIPs_68oAXrtdOddcztlpaPErCQHxABIMGvsn8oAmCVgoCAoAegAf3_jPYCyAEF4AIAqAMBmAQAqgSmAk_QoWv-viAvbfaTLFkRFUcQH_7sC2VmqdhFzBiRC_hZp_prLc0ihMSZ30wtlpBuCU7nKyEmjC7CGtpJKqlUa_9B4EK_HprtpjAVrwAFghFfrYdV_KDXegrFw19NzxCBIMipSOcpzWEfawdDYj6Qo74T-TBFax-wH3_SJ5Ix2AeyvY9CBTAKbsv4GQI3bZQY1b-765bAZBmQd0kiU7VrqwCM8R9fXhwPtpzEAyjG14eOYj6uqxU0BHFn373JRRXRjdtl4rqnbEZJk5g39b6w2M-Uv89tXRiHNuevnIKqykoS7DDc8ko6gUKT0K76ZSOxuKeNV16Bd6wgcthpJ_CRrydWQcqVQLUqdOmxqMuDK-bMRtGHosSUnamyylS5RvX5ZlQDacG-zcAE8sakmogE4AQBiAXrkbvYR5IFEQgSEAUYDzCn57GryrndzoEBoAZUgAfr__KJAagH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQrLkTqAgB0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljAgoSF6u6DA5oJRGh0dHA6Ly9kZS5maXZlcnIuY29tL2NhdGVnb3JpZXMvcHJvZ3JhbW1pbmctdGVjaC9lY29tbWVyY2Utc2VydmljZXM_gAoDyAsB4g0TCIa1hIXq7oMDFQ4GVQgdMz8PVMITJgoeGJql6stIIgoIAxABGAEgAFABIgoIAxACGAEgAFABGP3_jPYC2BMMiBQE0BUB4hYCCAGAFwGyFx4KHAgAEhRwdWItNTgyMjI0MzYxMDg4MDU4MxjP1GmyGAQSAvFO&sigh=xs-wv5k106s&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSOwAvHhf_S-bqlYlytZwahy98d3Au6wUb6EXpt9jFUL_VlEUs9yzyxnaTHMTno3zDWTCzUH638-brU5v8GAE&vt=10&sdkv=h.3.613.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYyMjU0ODMzNDI4NDIMNjc3ODA4MjQ5ODM5QOwdUiMQDyUAAHBBKAE6C2daMTF6S1ZzYzZjQglnb29nbGVhZHNQABgB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ 0
45 B 436ms
163ms Ping
image/gif 2607:f8b0:400e:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lrno98yd&c=2709051146242&slotId=1354525573121&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400e:c07::5e The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr5---sn-4g5edndr.googlevideo.com/ 1 MB
1 MB 75ms
17ms Media
video/mp4 2a00:1450:4001:24::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5edndr.googlevideo.com/videoplayback?expire=1705880838&ei=hjytZe7TM_j5vdIP2NCGeA&ip=2a00:c98:2030:a004:1::5&id=819d75cca56c73a7&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=1b&mm=31&mn=sn-4g5edndr&ms=au&mv=m&mvi=5&pl=63&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1699486091799804&mt=1705851687&cpn=SHhH9SlwKftaxMju&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRQIhAMeOnJmZkJw1HZorVlnY0Lya_QjBT6yyyrstj23NDIcZAiArZ_1vfSRC54EJlzg_y0NeIES5GIgL2wLZXTIaAUWcQw==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRQIgNxQL4LNxEL0MokKipHXMyhuN83ikeg5ISKo34zsRr4ECIQC7-OB8dzZr74DWVp6xDUj7DaPKr49-KVrQTOPbiraOdg==

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:24::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

904088b287bcaefa6d2f45a2af87e16485c4865da9bdc6c2843696d233256ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drd.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 21 Jan 2024 15:47:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Nov 2023 23:28:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1398160/1398161
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1398161
Expires: Sun, 21 Jan 2024 15:47:19 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame B606 42 B
68 B 50ms
50ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CelfvgzytZa_jLY6M1PIPs_68oAXrtdOddcztlpaPErCQHxABIMGvsn8oAmCVgoCAoAegAf3_jPYCyAEF4AIAqAMBmAQAqgSpAk_QoWv-viAvbfaTLFkRFUcQH_7sC2VmqdhFzBiRC_hZp_prLc0ihMSZ30wtlpBuCU7nKyEmjC7CGtpJKqlUa_9B4EK_HprtpjAVrwAFghFfrYdV_KDXegrFw19NzxCBIMipSOcpzWEfawdDYj6Qo74T-TBFax-wH3_SJ5Ix2AeyvY9CBTAKbsv4GQI3bZQY1b-765bAZBmQd0kiU7VrqwCM8R9fXhwPtpzEAyjG14eOYj6uqxU0BHFn373JRRXRjdtl4rqnbEZJk5g39b6w2M-Uv89tXRiHNuevnIKqykoS7DDc8ko6gUKT0K76ZSOxuKeNV16Bd6wgcthpJ6iQNdLF05wHjw7_PWJkvENfH1o4RvSNBs66hTktDmAFuFHWSkzO9wz3Rg7dKMAE8sakmogE4AQBiAXrkbvYR6AGVIAH6__yiQGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMCChIXq7oMDsQnX_V0MjqIQEIAKA5gLAcgLAdALDtoMEQoLEMDgtP2gleWM_AESAgEDmg0BDqoNAkRFyA0B4g0TCIa1hIXq7oMDFQ4GVQgdMz8PVNgTDIgUBNAVAeIWAggB-BYBgBcBshgEEgLxTg&sigh=dqfghoFC1zw&label=video_ad_loaded&sdkv=h.3.613.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYyMjU0ODMzNDI4NDIMNjc3ODA4MjQ5ODM5QOwdUiMQDyUAAKBBKAE6C2daMTF6S1ZzYzZjQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

B21801157.379227102;dc_pre=CITN94bq7oMDFf2JgwcdO1UK5A;dc_trk_aid=428992661;dc_trk_cid=107145939;ord=3660488226;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_e... Show response
ad.doubleclick.net/ddm/trackimp/N343201.127733GOOGLE-YOUTUBE/ Frame B606
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N343201.127733GOOGLE-YOUTUBE/B21801157.379227102;dc_trk_aid=428992661;dc_trk_cid=107145939;ord=3660488226;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;...
https://ad.doubleclick.net/ddm/trackimp/N343201.127733GOOGLE-YOUTUBE/B21801157.379227102;dc_pre=CITN94bq7oMDFf2JgwcdO1UK5A;dc_trk_aid=428992661;dc_trk_cid=107145939;ord=3660488226;dc_lat=;dc_rdid=;...

42 B
65 B

35ms
34ms

Fetch
image/gif

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N343201.127733GOOGLE-YOUTUBE/B21801157.379227102;dc_pre=CITN94bq7oMDFf2JgwcdO1UK5A;dc_trk_aid=428992661;dc_trk_cid=107145939;ord=3660488226;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_exteid=1453024930394108447;dc_av=520;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23;tpsrc=ima?

Protocol

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N343201.127733GOOGLE-YOUTUBE/B21801157.379227102;dc_pre=CITN94bq7oMDFf2JgwcdO1UK5A;dc_trk_aid=428992661;dc_trk_cid=107145939;ord=3660488226;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_exteid=1453024930394108447;dc_av=520;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23;tpsrc=ima?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame B606 0
0 94ms
59ms Fetch
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CRQ3TgzytZa_jLY6M1PIPs_68oAXrtdOddcztlpaPErCQHxABIMGvsn8oAmCVgoCAoAegAf3_jPYCyAEF4AIAqAMBmAQAqgSmAk_QoWv-viAvbfaTLFkRFUcQH_7sC2VmqdhFzBiRC_hZp_prLc0ihMSZ30wtlpBuCU7nKyEmjC7CGtpJKqlUa_9B4EK_HprtpjAVrwAFghFfrYdV_KDXegrFw19NzxCBIMipSOcpzWEfawdDYj6Qo74T-TBFax-wH3_SJ5Ix2AeyvY9CBTAKbsv4GQI3bZQY1b-765bAZBmQd0kiU7VrqwCM8R9fXhwPtpzEAyjG14eOYj6uqxU0BHFn373JRRXRjdtl4rqnbEZJk5g39b6w2M-Uv89tXRiHNuevnIKqykoS7DDc8ko6gUKT0K76ZSOxuKeNV16Bd6wgcthpJ_CRrydWQcqVQLUqdOmxqMuDK-bMRtGHosSUnamyylS5RvX5ZlQDacG-zcAE8sakmogE4AQBiAXrkbvYR5IFEQgSEAUYDzCn57GryrndzoEBoAZUgAfr__KJAagH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQrLkTqAgB0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljAgoSF6u6DA5oJRGh0dHA6Ly9kZS5maXZlcnIuY29tL2NhdGVnb3JpZXMvcHJvZ3JhbW1pbmctdGVjaC9lY29tbWVyY2Utc2VydmljZXM_gAoDyAsB4g0TCIa1hIXq7oMDFQ4GVQgdMz8PVMITJgoeGJql6stIIgoIAxABGAEgAFABIgoIAxACGAEgAFABGP3_jPYC2BMMiBQE0BUB4hYCCAGAFwGyFx4KHAgAEhRwdWItNTgyMjI0MzYxMDg4MDU4MxjP1GmyGAQSAvFO&sigh=xs-wv5k106s&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSOwAvHhf_S-bqlYlytZwahy98d3Au6wUb6EXpt9jFUL_VlEUs9yzyxnaTHMTno3zDWTCzUH638-brU5v8GAE&sdkv=h.3.613.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame B606 41 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 19:49:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B606 0
0 160ms
159ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.613.0&e=44772139%2C44777649%2C44781409%2C44785453%2C44804291%2C44809548&id=ima_html5&c=152131041607658&domain=drd.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame B606 42 B
68 B 55ms
54ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CySCAgzytZa_jLY6M1PIPs_68oAXrtdOddcztlpaPErCQHxABIMGvsn8oAmCVgoCAoAegAf3_jPYCyAEF4AIAqAMBmAQAqgSmAk_QoWv-viAvbfaTLFkRFUcQH_7sC2VmqdhFzBiRC_hZp_prLc0ihMSZ30wtlpBuCU7nKyEmjC7CGtpJKqlUa_9B4EK_HprtpjAVrwAFghFfrYdV_KDXegrFw19NzxCBIMipSOcpzWEfawdDYj6Qo74T-TBFax-wH3_SJ5Ix2AeyvY9CBTAKbsv4GQI3bZQY1b-765bAZBmQd0kiU7VrqwCM8R9fXhwPtpzEAyjG14eOYj6uqxU0BHFn373JRRXRjdtl4rqnbEZJk5g39b6w2M-Uv89tXRiHNuevnIKqykoS7DDc8ko6gUKT0K76ZSOxuKeNV16Bd6wgcthpJ_CRrydWQcqVQLUqdOmxqMuDK-bMRtGHosSUnamyylS5RvX5ZlQDacG-zcAE8sakmogE4AQBiAXrkbvYR6AGVIAH6__yiQGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMCChIXq7oMDgAoDyAsB2gwRCgsQwOC0_aCV5Yz8ARICAQOqDQJEReINEwiGtYSF6u6DAxUOBlUIHTM_D1TYEwyIFATQFQHiFgIIAfgWAYAXAbIYBBIC8U4&sigh=xwlwS82wZgA&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D960%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D6981,632,7161,952%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26is%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D4263%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D854387697%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1705852033430%26ptlt%3D1705852039676%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1705852039502&sdkv=h.3.613.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYyMjU0ODMzNDI4NDIMNjc3ODA4MjQ5ODM5QOwdUiYQDyUAAKBBKAE6C2daMTF6S1ZzYzZjQglnb29nbGVhZHNIqgFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B606 42 B
69 B 169ms
167ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXBqem5yjxDeACQteML14B7sXztqioKIWnPgl3Wxrx3vN6Vm3LFSq0qH8SG8zkm4KxxYFIzZPTYxMifmhu4oxnWwdeihDtBwUpPOl1gGaQAgb7mYHVg-taZnH1SyY28LyZv2dx7abQYUFmyNXSo7wMyIVLRCIA5p6wbTaO4r8XkQvepmLxLS4&sai=AMfl-YTrI___BW9qCf1MkZAILWWw03XdQrs8F7HnpN-sQJs_iwcpqktdpx6boEq-OsxaqE_Wc0Jk4VojWUIfRbcz9L76JWTR8xDahc2_VmQaVihAcFMyzf1_LKHGppg&sig=Cg0ArKJSzIAVwLsmLiFrEAE&cid=CAQSOwAvHhf_S-bqlYlytZwahy98d3Au6wUb6EXpt9jFUL_VlEUs9yzyxnaTHMTno3zDWTCzUH638-brU5v8GAE&id=lidarv&acvw=sv%3D960%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D6981,632,7161,952%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D4263%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D854387697%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1705852033430%26ptlt%3D1705852039678%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705852039502&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview_ext
pagead2.googlesyndication.com/ Frame B606 42 B
69 B 25ms
22ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=1453024930394108447&acvw=sv%3D960%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D6981,632,7161,952%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D4263%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D854387697%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1705852033430%26ptlt%3D1705852039678%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705852039502&dc_eps=AHas8cA-ym1SS6FIZDBk7wgi24Ld8sDMw6P-oCc34yA7_tU1j_ZA2iwmu38Ivb6oeblOHzQQpupCRE0&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame B606 42 B
68 B 55ms
53ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CySCAgzytZa_jLY6M1PIPs_68oAXrtdOddcztlpaPErCQHxABIMGvsn8oAmCVgoCAoAegAf3_jPYCyAEF4AIAqAMBmAQAqgSmAk_QoWv-viAvbfaTLFkRFUcQH_7sC2VmqdhFzBiRC_hZp_prLc0ihMSZ30wtlpBuCU7nKyEmjC7CGtpJKqlUa_9B4EK_HprtpjAVrwAFghFfrYdV_KDXegrFw19NzxCBIMipSOcpzWEfawdDYj6Qo74T-TBFax-wH3_SJ5Ix2AeyvY9CBTAKbsv4GQI3bZQY1b-765bAZBmQd0kiU7VrqwCM8R9fXhwPtpzEAyjG14eOYj6uqxU0BHFn373JRRXRjdtl4rqnbEZJk5g39b6w2M-Uv89tXRiHNuevnIKqykoS7DDc8ko6gUKT0K76ZSOxuKeNV16Bd6wgcthpJ_CRrydWQcqVQLUqdOmxqMuDK-bMRtGHosSUnamyylS5RvX5ZlQDacG-zcAE8sakmogE4AQBiAXrkbvYR6AGVIAH6__yiQGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMCChIXq7oMDgAoDyAsB2gwRCgsQwOC0_aCV5Yz8ARICAQOqDQJEReINEwiGtYSF6u6DAxUOBlUIHTM_D1TYEwyIFATQFQHiFgIIAfgWAYAXAbIYBBIC8U4&sigh=xwlwS82wZgA&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D960%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D6981,632,7161,952%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D4263%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D854387697%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1705852033430%26ptlt%3D1705852039680%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705852039502&sdkv=h.3.613.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYyMjU0ODMzNDI4NDIMNjc3ODA4MjQ5ODM5QOwdUiYQDyUAAKBBKAE6C2daMTF6S1ZzYzZjQglnb29nbGVhZHNIqgFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=1453024930394108447;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D960%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D6981,632,7161,952%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame B606 42 B
401 B 242ms
169ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=1453024930394108447;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D960%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D6981,632,7161,952%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D4263%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D854387697%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1705852033430%26ptlt%3D1705852039680%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705852039502;dc_eps=AHas8cA-ym1SS6FIZDBk7wgi24Ld8sDMw6P-oCc34yA7_tU1j_ZA2iwmu38Ivb6oeblOHzQQpupCRE0?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame B606 42 B
68 B 55ms
54ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CySCAgzytZa_jLY6M1PIPs_68oAXrtdOddcztlpaPErCQHxABIMGvsn8oAmCVgoCAoAegAf3_jPYCyAEF4AIAqAMBmAQAqgSmAk_QoWv-viAvbfaTLFkRFUcQH_7sC2VmqdhFzBiRC_hZp_prLc0ihMSZ30wtlpBuCU7nKyEmjC7CGtpJKqlUa_9B4EK_HprtpjAVrwAFghFfrYdV_KDXegrFw19NzxCBIMipSOcpzWEfawdDYj6Qo74T-TBFax-wH3_SJ5Ix2AeyvY9CBTAKbsv4GQI3bZQY1b-765bAZBmQd0kiU7VrqwCM8R9fXhwPtpzEAyjG14eOYj6uqxU0BHFn373JRRXRjdtl4rqnbEZJk5g39b6w2M-Uv89tXRiHNuevnIKqykoS7DDc8ko6gUKT0K76ZSOxuKeNV16Bd6wgcthpJ_CRrydWQcqVQLUqdOmxqMuDK-bMRtGHosSUnamyylS5RvX5ZlQDacG-zcAE8sakmogE4AQBiAXrkbvYR6AGVIAH6__yiQGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMCChIXq7oMDgAoDyAsB2gwRCgsQwOC0_aCV5Yz8ARICAQOqDQJEReINEwiGtYSF6u6DAxUOBlUIHTM_D1TYEwyIFATQFQHiFgIIAfgWAYAXAbIYBBIC8U4&sigh=xwlwS82wZgA&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=admute&ad_mt=0&acvw=sv%3D960%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D6981,632,7161,952%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D13%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D13%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D13%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D4263%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D854387697%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1705852033430%26ptlt%3D1705852039684%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705852039502&sdkv=h.3.613.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYyMjU0ODMzNDI4NDIMNjc3ODA4MjQ5ODM5QOwdUiYQDyUAAKBBKAE6C2daMTF6S1ZzYzZjQglnb29nbGVhZHNIqgFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=1453024930394108447;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D960%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D6981,632,7161,952%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0...
ade.googlesyndication.com/ddm/activity_ext/ Frame B606 42 B
107 B 242ms
169ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=1453024930394108447;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D960%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D6981,632,7161,952%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D13%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D13%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D13%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D4263%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D854387697%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1705852033430%26ptlt%3D1705852039684%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705852039502;dc_eps=AHas8cA-ym1SS6FIZDBk7wgi24Ld8sDMw6P-oCc34yA7_tU1j_ZA2iwmu38Ivb6oeblOHzQQpupCRE0?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame FB10 23 KB
9 KB 17ms
16ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 418797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:27:22 GMT
expires: Wed, 15 Jan 2025 19:27:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame FB10 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 12:30:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB10 0
25 B 164ms
164ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.613.0&bgai=BOCELgzytZa_jLY6M1PIPs_68oAUAAAAAOAG6BRMIpNiDherugwMVAiZVCB2ltwRf&bg=!MDOlM3zNAAa8BdJLnAU7ADQBe5WfOI87LLrtRimCL6GuvpySLekw2jtob7gStHLoyF2mhdee-hkynOR9mHS7-l1CulivAgAAAHhSAAAABGgBBwoAzvl9rquLwpNM0Z8fVZCb8aDBD00nc0XoA-5mVPuWBonOyv6-nMa6kTYkfA-HntP3drNQtuK2Oe2Devj1G4x6mrmTt934OU3pITY3HAFZDXx17M8cdl2W5Gza7JJ3xbmaQYGSq35pdFxygjil-3FmEfO07wfKBXP4c4Rp0TVGVTYG-jpMw5i8Uyu6fGtG525v8hjRovPGK0h8_jqO8ySeXv6HSbfpsqMjVJhjX5cKVvmPi0IXUp1XbUCYeVgsvNmZkdHvp5pjYw42EgyOyEA6mQIxHNP2knF-4Kc7VusGrKV8xb0TrHJkdkF7HxXOkd-ViIKLV44OPKxr1yZsiBXeylQEOZ2OztJNj6S8lrr4WrmboYmXBMyokFYADE_m0jBxlwLSsdiCQbHpwpwHbPbTBE3pIvVq1J9fGOqCWDMR8SoddEciesKvo493z1ioy72t3cOb0V8VFDF5o7ZzrsFG4DaKgPvmUriBKPpSQFSpAqJXP3IvwJTExMhireGhI6mCc1Sig490kBsXy08ZF_W7-tKBU6RRIKPynAFWM8igNkKQd_ORA_rGH-hTAQtY0rRBzvGLeBM_9EN_mHWsKYlvNN47F9jgw-mBhVD6l_OC-nGFFaJsWtCTc3DuXETbke6nECnerqcdolr7mUpZefke9Gwq_3XDpfwyd-UqkWUmm3aFlBxMHBgO4GTmSJDHIhiKi21cNqIJre6u7V0eqdnZLlVhpTp1yUK_PaQzEU-gz7yCxolnI_DFNBs8HJf3664dzFfHvUGf9Cd_8xM7Mw2T6A-mb3DAP0sAtbNRyj6lbrcss6bXVDaT6rTkgCKwMMIpyLkXdsc2cH4K9IQGMkN0bZPjjtanH0ETabcYyi4tUw-c55o1_2CvitehB31fVxNvGQUSGCK6LYJCv3Io8vlT6a94Rvw5G6gB43N4uKvmGNwZ-3hu_DXVbYo4JcGGoOyaU0JNMXc9Ja1italUrqKTuLxSqK1ETeTDns7KBcSi88ZObZTd6RXkAk5S16ntfE2yGJyt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B2C1 43 B
215 B 139ms
99ms Image
image/gif 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=adf13e6d-42d5-1e33-d7f9-21ee6e9779b1&tv=%7Bc:1X27mL,pingTime:5,time:6278,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:52%7D,%7Bpiv:100,vs:i,r:,t:1270%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5008,o:1270,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1261~0,0~100%5D,as:%5B1261~728.90%5D%7D%7D,%7Bsl:i,t:1270,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5008~100%5D,as:%5B5008~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1910,fm:u20RipH+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1874223-77019492%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g1%7C1g2,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:54,sis:374%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:21 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B2C1 43 B
215 B 138ms
99ms Image
image/gif 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=adf13e6d-42d5-1e33-d7f9-21ee6e9779b1&tv=%7Bc:1X27mM,pingTime:5,time:6279,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:52%7D,%7Bpiv:100,vs:i,r:,t:1270%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5009,o:1270,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1261~0,0~100%5D,as:%5B1261~728.90%5D%7D%7D,%7Bsl:i,t:1270,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5009~100%5D,as:%5B5009~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1910,fm:u20RipH+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1874223-77019492%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g1%7C1g2,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:54,sis:374%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:f841:7c27:a30e:1a7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 15:47:21 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

74 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
drd.com.br/	1970-01-20 18:34:04	Name: weather_location Value: Governador%20Valadares%2C%20Brazil
.drd.com.br/	1970-01-21 03:26:52	Name: _ga_RWKQ2CRHK1 Value: GS1.1.1705852031.1.0.1705852031.60.0.0
.drd.com.br/	1970-01-20 20:00:28	Name: _gcl_au Value: 1.1.1278253825.1705852032
.drd.com.br/	1970-01-20 17:52:18	Name: _gid Value: GA1.3.1549473837.1705852032
.drd.com.br/	1970-01-20 17:50:52	Name: _gat_UA-138887033-1 Value: 1
.drd.com.br/	1970-01-20 20:00:28	Name: _fbp Value: fb.2.1705852032412.1700649980
.drd.com.br/	1970-01-21 02:36:28	Name: _hjSessionUser_1624119 Value: eyJpZCI6ImJhNjMxMzE0LTdjMmUtNTNlMS1hYmZjLTBhY2Y2M2Y0ZjUyYSIsImNyZWF0ZWQiOjE3MDU4NTIwMzI4OTMsImV4aXN0aW5nIjpmYWxzZX0=
.drd.com.br/	1970-01-20 17:50:53	Name: _hjIncludedInSessionSample_1624119 Value: 0
.drd.com.br/	1970-01-20 17:50:53	Name: _hjSession_1624119 Value: eyJpZCI6ImU5YTM4NzIwLWQ4MjYtNDkxNy1hNTY0LWU5NzZlYmM2YjdmZSIsImMiOjE3MDU4NTIwMzI4OTQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.drd.com.br/	1970-01-20 17:50:52	Name: _gat_gtag_UA_175164381_18 Value: 1
.drd.com.br/	1970-01-21 03:26:52	Name: _ga_0L1TDGNZ5X Value: GS1.1.1705852033.1.0.1705852033.0.0.0
.drd.com.br/	1970-01-21 03:26:52	Name: _ga Value: GA1.1.1561389508.1705852031
.drd.com.br/	1970-01-21 03:26:52	Name: _ga_1XMM1N28QX Value: GS1.1.1705852033.1.0.1705852033.0.0.0
.drd.com.br/	1970-01-20 22:10:04	Name: __hstc Value: 104920860.2cca1dc1946aaeec938d2443bb7e10e8.1705852033692.1705852033692.1705852033692.1
.drd.com.br/	1970-01-20 22:10:04	Name: hubspotutk Value: 2cca1dc1946aaeec938d2443bb7e10e8
.drd.com.br/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.drd.com.br/	1970-01-20 17:50:53	Name: __hssc Value: 104920860.1.1705852033693
drd.com.br/	1970-01-20 17:50:53	Name: tt_c_vmt Value: 1705852034
drd.com.br/	1970-01-20 17:50:53	Name: tt_c_c Value: direct
drd.com.br/	1970-01-20 17:50:53	Name: tt_c_s Value: direct
drd.com.br/	1970-01-20 17:50:53	Name: tt_c_m Value: direct
drd.com.br/	1970-01-21 03:26:52	Name: _ttuu.s Value: 1705852033856
.hubspot.com/	1970-01-20 17:50:53	Name: __cf_bm Value: sPX.yxC_REOM.yw7eMkvo_T_WcTKrTPRfOjJmeOEvBo-1705852033-1-AYMb1v/MoY6E44YU42TZ8FmU52fzamSRgM9p+J2mzISyB+pRJnWdnQo+Hjhj9Mld8NmCsd4arhzCjFfcIRNWCOo=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: btbnkGWItX5ELH8Id0po600mGneo8L_J_6dstaB6wkk-1705852033878-0-604800000
.t.tailtarget.com/	1970-01-21 02:36:28	Name: u Value: fwAAAWWtPIG1IQaCTAYGAgB=
.t.tailtarget.com/	1970-01-20 17:53:44	Name: _ssc Value: y
drd.com.br/	1970-01-21 02:36:28	Name: tt.u Value: 0100007F813CAD65820621B50206064C
.doubleclick.net/	1970-01-20 17:50:55	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:10:04	Name: APC Value: AfxxVi4jaf6kqmgvs895wzS5yTFs2VegdPL-ZL21jelETGjX7S4W6A
.t.tailtarget.com/	1970-01-20 18:34:04	Name: ttbprf Value: ___de_1705852034160_624573176
.t.tailtarget.com/	1970-01-20 17:50:53	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 18:34:04	Name: ttnprf Value:
drd.com.br/	1970-01-20 17:52:18	Name: tt.nprf Value:
.tt-11382-4.seg.t.tailtarget.com/	1970-01-20 17:50:55	Name: ttca Value: _1705852034
.drd.com.br/	1970-01-21 02:36:28	Name: FCNEC Value: %5B%5B%22AKsRol-yvzkz1HRqHj1rV0f83iIOdkK1LDlbjrt9PwC7nDBdbENX9NN2zNxsko-6r_o7qQAPehEIUmUb0SoWbT3_5xiFbzExiUoGI0D4OqtIyJqeS5dofag0pMoEq9s4Vtw5ID5T0CWqwv1PdozFf7fDUzvAWDQUaw%3D%3D%22%5D%5D
.drd.com.br/	1970-01-20 17:50:55	Name: _ttdmp Value: \|LS:
.t.tailtarget.com/	1970-01-20 18:34:04	Name: n Value: 1705852034
.yahoo.com/	1970-01-21 02:36:49	Name: A3 Value: d=AQABBII8rWUCEDP__KsKe5mqs4BEgQaSDmAFEgEBAQGOrmW3ZQAAAAAA_eMAAA&S=AQAAAkTef-FDuxymPJg0ZrvlF2o
.adform.net/	1970-01-20 18:35:30	Name: C Value: 1
.casalemedia.com/	1970-01-20 20:00:28	Name: CMPS Value: 2170
.adform.net/	1970-01-20 19:17:16	Name: uid Value: 735047201091930923
.casalemedia.com/	1970-01-21 02:36:28	Name: CMID Value: Za08ggqMs65YwVkv8aYhPwAA
.casalemedia.com/	1970-01-20 20:00:28	Name: CMPRO Value: 2131
.e.dlx.addthis.com/	1970-01-21 03:21:06	Name: na_tc Value: Y
.adnxs.com/	1970-01-20 20:00:28	Name: uuid2 Value: 1515591080336290584
.redintelligence.net/	1970-01-20 20:00:28	Name: 8lcfmzhxc8d6_uid Value: 3a7cda999c7cab0d
.addthis.com/	1970-01-21 03:21:06	Name: na_id Value: 2024012115471400013013043246
.addthis.com/	1970-01-21 03:21:06	Name: na_tc Value: Y
.addthis.com/	1970-01-21 03:21:06	Name: uid Value: 65ad3c8296285dd8
.addthis.com/	1970-01-21 03:21:06	Name: ouid Value: 65ad3c8200012b21ff01928a7e5b14a9cf1f25a3acc253d5c781
.dlx.addthis.com/	1970-01-20 18:34:04	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 18:34:04	Name: na_sr Value: 20240121
.dlx.addthis.com/	1970-01-20 17:50:52	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 18:34:04	Name: na_sc_e Value: 0
.doubleclick.net/	1970-01-20 18:34:04	Name: ar_debug Value: 1
.awin1.com/	1970-01-20 18:00:56	Name: awpv11601 Value: 113440\|1705852035\|597a52d0-b874-11ee-9c4b-223173d2bc6e
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.3lift.com/	1970-01-20 20:00:28	Name: tluid Value: 1249039739655477736366
.quantserve.com/	1970-01-20 20:00:28	Name: d Value: EEgBCQH6KoEA
.quantserve.com/	1970-01-21 03:21:06	Name: mc Value: 65ad3c83-3e7da-79a05-ee977
.doubleclick.net/	1970-01-21 03:12:28	Name: IDE Value: AHWqTUllIQOedxjtL9u4abQSVHv1qalwmPjrg-oQABvArU6a-OcHqbvyQ2cM0XUub8w
.drd.com.br/	1970-01-21 03:12:28	Name: __gads Value: ID=87d0adbdae0a5a01:T=1705852033:RT=1705852033:S=ALNI_Mb7P4E2gEM1NolPXaF3beoW7cf3dQ
.drd.com.br/	1970-01-21 03:12:28	Name: __gpi Value: UID=00000d45b90f4548:T=1705852033:RT=1705852033:S=ALNI_MYR_TX2wuJfL-KAz_9TltgVy3WAmA
.office-partner.de/	1970-01-21 03:26:52	Name: source Value: {"webgains_webgains":{"timestamp":1705852035713,"clickCookie":false}}
.ctnsnet.com/	1970-01-21 02:36:28	Name: cid_d8a016b81c1046c3888fa99e08ed6a9f Value: 1
.ctnsnet.com/	1970-01-21 02:36:28	Name: gid_CAESEF-QV8TOlw7EHDaaIZtGePw Value: 1
.w55c.net/	1970-01-21 03:22:32	Name: wfivefivec Value: kBVPz2E81RrA2v5
.w55c.net/	1970-01-20 18:34:04	Name: matchgoogle Value: 5
.travelaudience.com/	1970-01-21 03:22:32	Name: _tracker Value: %7B%22UUID%22%3A%221BD36BCA-AEE1-449C-1834-9D018DBA6593%22%7D
.csync.loopme.me/	1970-01-20 20:01:54	Name: viewer_token Value: ace0fe0d-94ce-492d-99fd-4244e6f87686
.lijit.com/	1970-01-21 02:36:28	Name: ljt_reader Value: IB3TqGZHGmva9lx3QKKxyjfv
pixel.rubiconproject.com/	1970-01-20 20:00:28	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:26:52	Name: XANDR_PANID Value: MtX_LuzLB6E4mQKpnOX7icjJ6eqxHyyoyaPv3QHJlJnOAIt0sEJ9qefadlw7X1O2x_6M0F1aIlDD8dd1UYeTcNzVILHBHnUifGGW-AOvzFE.
.adnxs.com/	1970-01-20 20:00:28	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hbzq2fO@!A#FA(<j<dINiYhTyXnfi8FW/3Cw.s29#72aEvaaFR0x1f(v^1tR(=pIeQq(j#iP(Md+>)fyWda])l

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://drd.com.br/wp-content/themes/jnews/dist/theme.js?ver=6.4.2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://drd.com.br/wp-content/themes/jnews-child/jnews-modules/weather/assets/js/plugin.js?ver=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/media_w1969103430_17174.aac Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQ1BDZen8t8w2TvOnxKDEHYjgWmcQwAmIk6759LYsKiz2QNDdK95NgZJl07UK1dLrStaaDSl1tWpL-2XXfeYm7M5wdcn2oacff6&google_gid=CAESEM8V1uoS1atLqowyL-KMVc0&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/media_w1969103430_17174.aac Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 507) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://5a2b083e9f360.streamlock.net/ibiturunafm/ibiturunafm.stream/media_w1969103430_17174.aac Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://5a2b083e9f360.streamlock.net/imparsomhd/imparsomhd.stream/chunklist_w962735063.m3u8 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5a2b083e9f360.streamlock.net
8019191.fls.doubleclick.net
ad.doubleclick.net
ade.googlesyndication.com
ads.travelaudience.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
b.t.tailtarget.com
c1.adform.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.responsivevoice.org
connect.facebook.net
csi.gstatic.com
csync.loopme.me
d.tailtarget.com
d6534acd9a7bb8e8ff478f8d1beb976f.safeframe.googlesyndication.com
dclk-match.dotomi.com
dis.criteo.com
drd.com.br
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
eb2.3lift.com
fb.radiosnaweb.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900020.redintelligence.net
i0.wp.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
match.360yield.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
pv.medialead.de
region1.analytics.google.com
region1.google-analytics.com
rr5---sn-4g5edndr.googlevideo.com
s0.2mdn.net
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.hotjar.com
stats.g.doubleclick.net
sync.teads.tv
t.tailtarget.com
tags.denakop.com
tags.juicebarads.com
tags.t.tailtarget.com
tpc.googlesyndication.com
track.hubspot.com
track.webgains.com
tt-11382-4.seg.t.tailtarget.com
widget.horoscopovirtual.com.br
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
13.32.27.54
13.41.170.8
135.148.100.137
142.250.185.166
142.250.185.226
142.250.185.98
142.250.186.38
142.250.186.66
159.69.70.9
170.81.43.202
172.64.151.101
177.153.49.228
178.250.1.9
178.63.52.121
18.171.41.162
18.66.147.120
185.64.190.78
185.89.210.153
190.89.238.88
192.0.77.2
2.19.85.30
2001:4860:4802:34::36
2001:4860:4802:38::178
216.52.2.6
216.58.206.34
23.192.250.178
2600:1f18:1aca:4282:f841:7c27:a30e:1a7c
2600:9000:223f:c400:8:48e:53c0:93a1
2606:4700:20::681a:de0
2606:4700:4400::ac40:991b
2606:4700::6810:4fba
2606:4700::6810:5914
2606:4700::6810:bf59
2606:4700::6811:180e
2606:4700::6811:599a
2606:4700::6812:160e
2606:4700::6812:b07d
2606:4700::6813:9a53
2607:f8b0:400e:c07::5e
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:24::a
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::2006
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9b
2a02:fa8:8806:13::1400
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:d29:3601:3295:f713:9e96:927c
2a06:98c1:3121::3
2a0b:4d07:101::1
3.124.237.235
34.102.185.99
35.186.193.173
35.190.0.66
35.201.123.184
35.214.184.99
35.244.174.68
37.157.6.243
5.196.111.69
51.75.86.98
52.18.204.174
52.222.139.110
52.57.164.72
54.220.183.228
69.173.144.139
72.246.169.24
76.223.111.18
91.121.248.44
98.98.134.243
99.86.4.94
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
039329540d821356dd2c6691e0b09f267630808ae1ccb1eccfec53cb14e039c5
03f014fecb14c0348ad274dc6100756d4eeae1cd4cc3d05a8c3d3406e69ee5b4
0445a4b98a570af2253cd291c241a2e716e4105ffeec79628e058a8fe77aaedd
0518986d737ac1fb67cd0692504fe8196dc8927aefe37a95c720bbbd33b48aca
053fc6fcd14cf8117c1262ce3601b7922eab00187ee6a3ad05cf77ced1e144bc
0627b25fc29a7eb51b5c68ff6764010a723984ab0cc6be97b30a407e00bb897c
062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686
0913c168062fea89c5bc175fb0ff2cb55a4d46edcb22f2e7e01e62e38c0639b5
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9fbbeae7506b37c6abb44c909a18d4c444ce9ea7ad6967a1da8133cda6857b
11f4b1f8b5d55dedafdc32acc6a4c56f7c5b3c631654d5d028578c3db77eb009
128759092dde19c09b25293c1fe8d84fc9c4ea86b81c213d465b235521486402
1320975328f7fbae15798e2467ac7c151c798548f6288bdc8539a64f7573805c
13aeab1a9428e836ba301e52fba70d550acded1922af4b2c0d81613e869b846a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
181a3764950b2ebdbfd908b695b77eb5f82b4737f072e90700cebaecf1f7ddc0
185ee6c604469276f38fddfd5ec30d536bc7d1ec539289d947184abc8e6226b9
1a2e0d044c5b50f16f7599e52b5a93d85c557939e6fab62e0a253a378d06695f
1b9ede9b5664a2a5cc12104c719d7d32b7b93752c5060ee2bd7e6bd989cb0f23
1bf01e21ade744b5eabb43fb28cc6289fc15e18cf5442369b65315ea027752bb
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
1e570353ec6fe853c5c07d703916b489554f9548d27b77c24a2075ca5e6d7ed8
206efabc5087f2c77692b82b7be8c386d62d4030e6274934b97158d2e0fc3d2f
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21a84ffcbfae9b003ec89c79331ddfcd8f3572435d7be4cf445fc09e28b9759f
2218f4accb7ba3b0d1bd3eb3dc3c41b50816d3970ff6e2cf558e2c44bb3fabdc
22f37927ee66be77b99b929683f16baad30db8c1015da51990ca213737ab0a11
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23575acd7d1fc434f43c4a26cd5c2bf21e8178357b1e6ba52a785ef8df2676b2
23e596df288f0be8c6d113969f6b2f8d36e74ae938caebe6e2b6edb9fbfdc7b5
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
2a22f2bdc718f846e14a0e7653e0b8e948c15a1e31f3f493901ee176b6ce2ea8
2ab5e5702e60b7c87702434c7516b8faa6282bf0c7aea5fecbc02e883139acf3
2abeb5026179c00580defbed40c6189eb88ccd2a0cc072f8e016164df18024d7
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dc104b7388a9d1d184b265b9a3597fd9f1fc749fd8c056cb170ceff39900caa
2dfdbfb1fa6600f2adf294665934ea65796e1a29a29d1f567b7a0b4ef30cc99f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e174144a938509bc98a8ceacc8ccefb03a64d02279fcc953d8728cd6a7f8f0a
2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437
2f92716194f78bc2b3ac23ed75b3f93428e39dc8e5a957682da7e0b0477397db
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ad90c829e669ba81e6d1cd4bb129fb5fc348b5e4742de6c613475a0a19871f
349ce1d6298968da4005c2980db3a334c2449aa0fb82541f42ba3f256477f9a3
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f
36a09c506c816f7277a623b6cc5acb263cf51089d6493b98148e739980a8e478
36c437a693ce78a0183d692d383e2d9947eed4d951d38e2e7b4e2a1a36136f80
38105aac42d1610743fba1feb58227a93739e52333b57597bd988ae71dad6353
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
394efc1c2670690e65342b4a5435d8e5af40e0532277095971e1cb3e97197855
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b903fb9e277701d1aed32bcd887e2484aaa4c17fd0e4ce5e474b32a7618ef66
3e0289d8845b02eab20372883d292c8d4131bb9375703119cb9106a7f4f12558
3f85c1f9b870d68e5a458f570ec2cec565b5b0383244633e207a4195db3ac136
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425cc740654fe88a06cd65756aa78d83315b79c6e28617e20474b8bf458ab80c
4265d3f5cd80199dad39e5e2fadef16e4da2d44616a6cb7aafa89ccd62ca4a32
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42edd24b19f0d9cccb55e0fedf06df3e6d63bc3c748db99ae20bc109b74d0cc3
431745ec2ed2a48951fea7b82eb55b503627f3bfe461599baeadc97582f5af9b
432438d097f89d910b1a48efe9edb09d36366c6ef52ac68f18bbbaabe6aab770
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
43ce19144ccef54b64290e1f425ae045181d32455e99a45aec1e729466a6b606
440cda1cb3357859ca4c70dc18b249747514be2f5e0852bc0de4b209315e6032
4537461f441a3efc94cd109d0778ec4167ab27d45ae7b3b3a16ca6bd1f8a5d3f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4698729152ca0e9d1076e44c473d3868a0977a5dd1552a544106d5c5efeba49d
46b6bc9e7a6f163d7f2089c50ef5a7f5d8d10237bb3746f8f2b26df5b2739697
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7105c9b1fc02a2f6a3819b984764a514caaedc29d84a5f989c7a6ac840c82a
4c9ae7fc0d03bb486ac6c6cb515307e0f05700036c4343d79955bb3b8ec18f31
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2713a7b8cde9ab68c5068b013f146e6eac5ec75c6af6766aa3fcd135831c51
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9559aa325d9cd7b03b11455ab23d2c0a40cc8bcc9a587db57dc967bb90ab52
503f20b8f6709c55f119a78910163881b3b3ac32d9b6283a914be20107111f3b
50ee26ef6918a74e5070ed95196b33568b1beaff690411c84f2a3673e500a779
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
525c11557eaa192f684c9eb0c67fdb0131ed4bdadf3f458a0b6e6cd756cda597
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
527814145b197b95138659954e68096559b3f0a403531cda679231adbd651c39
5343e20370d6c0cf887cc958f4dba759b230c41a7aff4dbbfb8215d40284df41
539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
544d408eda70d8e8e0fd9a5545da5cd334699f0dc0323df9433d2fba23abdb02
547de90e40a2bfef11e5fa9659b1d5e4f0db7d038f1d66ebb9365b6eb3debf4e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
54c5adcf3a31b0a17008ee0749b8fa04a48d7b026248e420ff9125d1af9f64cf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fc78862b569321b8708c43056f7ca920b796208ea120f40ff1bb4875294997
586d3f9bb43a51e438aef34b4bb61e7ce9d4bb0dd8b85c5f31e2e2fd069f0358
5b5faa93319b6d575b766834cf3c4a10cb969be3e07842f247b6171bc97c58d5
5bdaa2d2fac01a05dee8737ec7b70ad184651961d3a3998c1efa7cf147ae1ba1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
5e163822018c84b39a126870ff4ad791e558465481682d6c47321a4703c8c36b
5ee18020b5dcd2478220a9a3ac2f21b95149cda25a35e37b39bd90a79b60b365
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
5fb45b0299dfc444ae41e8ea4ecd2058be49d4660526880c4fe972548a879221
6185ba49010eb97fc478fff12e1dc138c5328a56b7381dd8fa637c8f67154282
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6223565c36aab19351d435b950c432671cf3e465df310fc29fdabfc320d37a6f
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0
669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0
67c9b6793bce65f57dd2df058a4e06f68d4cffee9970177cc2adbf83be98e109
67da98923e0202fdb1531f6d788ff4c85b696db4e87fbc1711769a2fdd79c071
686ec2d10f8d73807e1c52fc2eb04a64e929d89139c0d8882429ee6d4c7723dd
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
69b0bfc7061b97ed7930edb3b4fbc57da801322b7e62eb7f595c128d052edd46
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
6a913b9a7eb52e7c126b52b973e073b34422b1180d55b3043bd2cccc128c7974
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca4dd44c578646ca6723ad641fa6400f4e4850c6bb3cbe4e312388996a3c9fe
6d17654eafb95536cef25a35518272e4257eaad6bdbc6166d3d939ff32c56773
6d4795746480f55e7c38653ed6f7b7a859886253508473608d4a7fda54196e87
6e1c4c7350feb68bef34a3bfe27712366db8ced582e51b85f934568d87848826
6f664b0fb3c81465f75b580bdad1257ed8c8b4d5557c58f135f5a234f8dee8ab
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc
7206b90765eb10db48bbf9957d0ac0bc36b251354b5d196af83bd1a766713124
7275579cae6c93512a73f3a929764eda9e88331f6bc4c44021229276c23775fe
73f21482958d69c7fb4481ea9f7741fe64be178081ef506805bd7bbd67cbff70
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
75ea400c96249d6ef5fe2256943b5639110c7703dae9243a094078a9299e52c8
76a41c3aad9f0671bea786393c8925e79276361c222acd0a89ae82d56edad9ca
76e3e93e2e121b0893c8cd1f83ac26c72771602810889b74a5b22d56605541bd
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d
7c360bcd0e400c002d3c26c250ef279510a268eb75e7aa2a03205c063e8e6a54
7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08
7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527
8014daa1862fbea1f376f7759cf1e05debe7b277a2f767f5cece54a106524c00
80be6b743dc602a53fa769ab4661a65895d5d6a41b1b443d2272eaf8d61aacd5
80caf902cadae7f866cf371353de606a62513b1e0f0884aacd41dbd3398144c1
8131cf6be817cc3c7494ef23eb6dc4ebfdf13c5f31a01e79d195c524ba6d5ac7
81ea53485f80aedba2a0578404835ba9a7d955cccfeb7e095654493d66c3e981
8410e522fabec7c478a8e174e93aa8229802bb16790741266e2ddba771cc8643
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
8507b350d2d43e812321b6d9e8eda7ca7208ff0a1cf8d7c4212ead0a85514da4
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527
8925d5639db25fdc14101ff529500121b1b88ad7057a0361e65dfddbee17f4e2
8936a6938f2dc15cb1bab8b433e906b86cb94cdc559de5a580e6eb434749b79e
8a32eeb2e141a6de6ae1b228c3c088bf05fa5ffcb88aecd94cdcbf3802b185dc
8cae2ca17fa417df329ce23a9053c4087bff82f9ed6f88793fb4c8222f3b820d
8db4ef9d018b386c500ab2f5686555ec7bebe09e10d82dd9bedd387790dc11b1
8e701168e653ce9232ac71665e86bd1fac354728c10b1d34809108f386d4d707
8e86f0a0524c3fb3e98d533eb9e2f80e1239344aebaa34565a2f42a47332e0b4
8eb063dd5efc39b1b3492ea35f77a7fa157fbdbd8ef1dcbeb885d9349066f3c4
8ee4793fcd9fa41e3edd4013ff27f7986b296e019a2a2de4f629294d126cd77f
8f26944bb0a49105870ed138904641479bf78b09126c60f19be224f02c07eb89
904088b287bcaefa6d2f45a2af87e16485c4865da9bdc6c2843696d233256ffa
90b7489f8e4208906622929ac8af43e3a202e7e9cdd9cfcaea6d47bf497e0553
90e6b772ad9489432d6ed49bc5a46e9f8050a4fd78310cb52483b9be968872e4
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
9240ffa48a0793a624221e13063c5c91d2e3d0098aeb15843f8204f90d74807b
92a80608054c3f8fd26021753e2c005e96ffff298f238f9e7540072036fe996a
932e7a757b52f63e3a789f3f2a3b63e3cbe1ceb32961181602d8464b11c0d8a6
93b90f4f183719d7249ae84874e32c857152c4c96adc1f0c10077b477119facd
947ef7ae722a99c0973ead4076d447c13b8a0d4b80e1b206cd3ef846429f1dbb
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
99a653bbfe7705e3d28ff644cc45899479833653a865191ce288e39cc7146196
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c4cd77916dbcef806e3e18bda2cd8ca168e2c04629e94ba96823d4fcaddbf96
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e3e46e6b9bbc7db57a93d2f8973582a55edd18a2a00bd995502532863e6fd28
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a086774cdbb0466139fc032561f0338bb9d678dac4304d9e81d7eb6cd147badd
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0dd3e6170ead1903730e7fe649a6e9c6d3e322b1bade315806f530ded11ffc2
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
a1d16f157706b46739c782f88a93ccd2148d58974215c02d9adb88298ef19305
a37119e40021bb2f4bca35bfbc1c0c49468313ae60c22d963db823d6098e9b19
a4e6c297997f7a0d940c4cb30e37938934ea37799db090fafb2d282318ad3931
a6f6e47d1fde592f3bb81e7cb4f0782434d50371d9b9116773f7ddb7f56fdb4b
a7856eff924fd772c659bde422dc801f76b030e0fef18601169a15cb61ac0c73
a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54
a9e26b439580ad8452ffdc882d161e927706705bc7189c75a68d8ed5ed31df74
a9e56c24b9e99da56047a6edadd88241d6923a6d7122ee75a080fc30536f58fb
abe0f4b5d093ea88cac5ca9c8eecc60d1239b9d4a6096a6ed81227fbe9a06bb1
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
ad0511ff7ece05b25d40c90d00e5fb1cc692676cabcd8e02d43d52f2e728ed73
ae35600988e41a9a61eb01be47f2f1929c69dfad4b519211feaea08a9a0f9d1c
aea57c116a67a7005d3cc45037fafa78981bde9fc0939488c4d14381f3dcb04c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af57756214ff8464e4689626e7772e144f0b68284ee17d71a9dc1ea70f392120
af784df309613b3f0aeceef5d8277d6507a22a4fe56e5ba81cd79749861a856e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0aa1401fddc51091658c40c3f4f97f2fb3dc485e5f4d7d48dbffd62ea6cfa83
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b197be9f7e01b66185d803a6621583ef198bba6596cc028dd17677c82d8a0233
b1ce3ef4b578cabb1706503e9c24ec7ab37f20fee9056e96165d8171172a134e
b2b94e355f3d14d9c617e5dd96f47aaa06a103286c5f0863d279f166b9601d20
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
b7191e2857596a8ae0c05b26cae94b5f9604ba73bcd685d45897aa3578b27746
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
b89d4bbd003edf2dea330ce59f45f18ada605d4b61d571ae9ee8839e71c14727
b8ba952cc43ebb948172545abeab28d53e1a79be90f1261a305226357048f6de
b8cc0ee8d4d768fc7bd68a0d95e5cba1663934cf3918447a10aca06d2dc20e6b
b8ee4ffbf13817a67eb512bbba6cb23e1bc2873661942e70fb0bccb1f2bd8fba
b965d4255ad1afd629cc1ccfdfc67a33bcb956c5b5eec0a311c48b0a007eeac0
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bde0d46acb13c6d82af2b8b8c03b917cb71c554b4da86d5dbf3dbf3527084c08
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c2a9f5b83818cd82df292eb504ed5520cffc368581c7a0b1ec120b5d94215bbb
c2e2fa34ebb3b1fc1d96e5b0cbbeb847743b618e81b8b7159d677b99749d0cb2
c3a87de4c18e1a374d97c070deef50ec2583dfe0a8086bba138568e9cc5d29f7
c3f1709af38abfbd404fa764c730190cf055b517d05a212f9b379e48e0b994ea
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c47c793cc273eb613b66cf9dcc1df1ed9920e17896e0918a582b593cb548043f
c5da4d86ddc25c7f02351d98321339664a6e9120bfb940c4edda52404e00a41b
c616bad8e4a425c2be2a59c297a4b7630982535042dfe418cb4fc9dfcb1b8536
c6c55295f1bd6a194c3b55ceb27de3b33dddc1ba9aa160883ed2d7987ab6ecd9
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca2ee41de2f8efcd10b5dde5aeb4ab14c975d8b2003f5160898b5f2e48d21194
ca6f07ec1368dbc869318144688deac0eca76f09553a468c942c2d9a227ca4f5
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc14bcc45ee7406a2aa6a28f7158443230ec0d48d3bc6b1d6707e98ea68204a4
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
cd50eeb1c61edbab8b8817bb9bd24baec98e8df4fb3e0fc56a148cfd1795c878
ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfef418ef02c4bc78cac47615c713c4cece812f26ef24457bd37c20a6286c391
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1d59d2e6c991e492153ca5f15d739f1fbee1dbe716aa75ab16c624dc8f774d5
d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97
d2f090411faebdf8480023fa064f0d3ae391a5c101cb3395bfbd6d387e452e54
d42eb11a434bc905323158aa169d66003eb8836cc099bdc0ae8dc48779b5ad72
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d6c3fb3d9b8becb2f5544276298b812e8c52f77309534b8c6d5002e5b8100ea4
d783f40a433e08b796f8adc16a9c18a265237c67faa807c95617249718e9c2c0
d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4
d8848f82e8c8007a7361443f11c4ead6d524d315e78d089a93a0e146634a956b
db462b72eef6737a233fb0c331c28955f5a0bb6ce059b71d6dd93cf0df94d072
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc553a181f5ccb520b8b89628208051fd90129ea83a2949d3c78aa2154682563
dcc4bac99c459f9448c4d85df6c5b4ebf9628659e91f7ccad92d772337de846c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def7bd84f26bb5196d449e61db872c50f847db0fbe32c537561e9b98753dd91c
df2862980156926e5baa2e9d513a18d972207cab1aef880a0967ddb5756d3434
e0e287052c2365df71594ff99ec0df6fa068e3e0ff436413a8fad11e9a25cc3c
e0fe83d875faf394978cd04227fb30838db2f4a9bd67e6862e6845c6eee1a09e
e2564d17293884dfd3c0d72b984ed6c984d18dcf29c8e245d453b3b9934beb1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
e471e2ad97424600abc20ab828239f3a3dc62e1ef49a121d871995ad965307f0
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e6e3fd75e470cd50759b897eab984da9b5cafeda028be8eba2e779e41df6d818
e760704ef6545fcb3d58d99a719f5e8cc0eb669e2b713fc34c227c81e0b28213
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e93df28782512489f77ecbb0c00434bd0f1251a8b6811201b6e3bb0b4c7ae6d1
e95962f1cad9a680046260c7ecdbbe11592468485494d52d91d8f96c94b23c04
ea545fbe45f0f4005e27955f6b63c236438679566c666842f98c24dac9d3e70e
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
eb5916ab78f83bd89c185163938f4477d8cb6b13939202cb89711efb139d67c5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb972584888cb7a143b5b406d5b8bd21fd9042e6c6c35a10311ca7aefa24ba41
edbf7e3c6a7909dbcb3dbfbf887c39613ad3ff354b10743bdce461684c213239
edc1ffb291557accf71f130ed2c2d2fc0a14f899c52e133995168afc0c581598
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
ef9353f9584bbda269335176590186d17c9dc72636a5effbc987ef3dd5807e63
efa9fa35d165f6b4bba253e1ab7b01adf1c25b2b460b2f809fede56b97f5bc0f
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f040c7bc601f4b7019b262b33001ffe70965205f8e346cf16f6b38944eb5169f
f0b7b8273e8f2692befb0f36215fd3b76fc3d50e3be0b9dfe0c7642eed3ad88d
f10edb33bef155eaa49a96ed794bdaab4ce8116e3085453c669699091f64d998
f23dc5f9dcf597316a38b53fcf69f40b50d5639b29177cd8b55d14f1c0c7bb3e
f30c3d110d1fb0e87a1212b10d8b24ae8be9206e2ee0e91c583ec95e010480c7
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f40444119f0e4a1655566672eef9cd69f446a43ca74cbb414ae34be420452877
f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45
f567344f68b30f93c640c0721dd5521a53613fa8ed6787bb1f09a1317016f02d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f685909d2886b304307258a49759923840c3cd774e5da1ad5dd696a8ad79805b
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f9d5725420abff58c3ce7fa0515fa6ba9f047c265a4da376146861712a383ce6
f9e1439102603f478bf5a92a4180950c923d8529fe280f1ffcbfad842431e327
fb25408fece1ca5234dd9849c524da831ee276af37ca11f332c2b68bf5a0dfae
fb4afdcf42b82f6208807e665617a1fd9cc77a340f5d235503d4f90db0fa1574
fc2b1e97053e3c3bf8b4af4f448cb657f02ab479e098d8844cbc1ff79888072e
fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00
fce94aac851d686b92257ba5992aa739f73fdc66c862e96b86834db5c0fde7be
fd2117263b7bf39d5787073ac9a4bf5508365314b22f45f166e3a28267aaef9c
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fea6630edeb42171fed7030306489b90988aa11b20953c7056d43eb61e2247ac

drd.com.br Open in urlscan Pro 177.153.49.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

469 Requests

93 %HTTPS

48 %IPv6

64 Domains

93 Subdomains

76 IPs

11 Countries

10678 kBTransfer

18442 kBSize

74 Cookies

6 Outgoing links

Page URL History

Redirected requests

469 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

drd.com.br Open in urlscan Pro
177.153.49.228 Public Scan

Screenshot
Live screenshot

Full Image

469
Requests

93 %
HTTPS

48 %
IPv6

64
Domains

93
Subdomains

76
IPs

11
Countries

10678 kB
Transfer

18442 kB
Size

74
Cookies

469 HTTP transactions
5 data transactions