www.posthaus.com.br Open in urlscan Pro
177.101.99.110  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://posthau.com.br/ HTTP 301
   https://llinks.io/?fmFhB1k Page URL
   
2. https://llinks.io/?fmFhB1k&forwardA=true HTTP 303
   https://www.awin1.com/cread.php?awinmid=17634&awinaffid=691863&ued=https%3A%2F%2Fwww.posthaus.com.br%2F HTTP 302
   https://www.zenaps.com/rclick.php?mid=17634&c_len=2592000&c_ts=1621301271&c_cnt=691863%7C0%7C0%7C1621301271%7C%7Caw%7C0&ir=433fdf30-b778-11eb-962f-692d0326f1d6&pr=https%3A%2F%2Fwww.posthaus.com.br%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&bId=HLEX_60a31817eff301.66949427&cookie=1&c_d=zenaps.com HTTP 302
   https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

• https://posthau.com.br/ HTTP 301
• https://llinks.io/?fmFhB1k

Request Chain 85

• https://sslwidget.criteo.com/event?a=4764&v=5.6.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=posthaus.com.br&dtycbr=94095 HTTP 302
• https://widget.us.criteo.com/event?a=4764&v=5.6.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=posthaus.com.br&dtycbr=94095

Request Chain 131

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlQRrDwBgF28J7NCYR5VD8&google_cver=1

Request Chain 132

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKMYJdfL4IdRdO3D0i7h-wAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlQRrDwBgF28J7NCYR5VD8&google_cver=1

Request Chain 133

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEFgBrRu25yIfbML6BbjHxz0&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFgBrRu25yIfbML6BbjHxz0%26google_cver%3D1

Request Chain 134

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDM4NjEyNzY3NjgzNzQwNg%3D%3D

Request Chain 135

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFwVF0FvcN79upJZLCpGejY&google_cver=1

Request Chain 136

• https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGZlZTE2OWEtZjJjNy0yYWQ4LWMwYTgtMTcxOWRiOWU4NDgy

Request Chain 137

• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
• https://sync.teads.tv/um?eid=3&uid=CAESEL0vNjGkJjUAEAOeHmJ1BrA&google_cver=1

Request Chain 138

• https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OTUxYzNjMTctMzFhYi00NjVkLTlhMGItYTQ2MjI0YzQ3MzA1

Request Chain 149

• https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
• https://partners.tremorhub.com/sync?UIGL=CAESELS3xn97Kx6vIwEyaLEkMYo&google_cver=1

Request Chain 150

• https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMxLydPsrZ6BjTh9h_KDlSo&google_cver=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMxLydPsrZ6BjTh9h_KDlSo&google_cver=1&__user_check__=1&sync_id=4bc205f2-b778-11eb-b778-1189f5600206

Request Chain 151

• https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=4bb4805e-b778-11eb-9c1b-1fd522ee0406 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGJiNDdmYTQtYjc3OC0xMWViLTljMWItMWZkNTIyZWUwNDA2

Request Chain 162

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESELSVFSWX7gPC_uxC5tSfsMs&google_cver=1&google_push=AQvitULDAnqVDgQzgJOnleirT66ObLTmfTs-q0WHutxN9GbIRL81aBzJZLRzB9EXnU3vMdQhrY0DQWih_EnyuVaAGxr1AtsYCJhX HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA1OTQ4Mzc5NTkyMTU1NDIyNw== HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELSVFSWX7gPC_uxC5tSfsMs&google_cver=1

Request Chain 164

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHIyVMXjvRTWp_qzh373KqM&google_cver=1&google_push=AQvitUJBcWPWLxX5xVWRVquZPNr0pvUW7CY8n7GQlTWwxvOORG9WraenSe7KwSYG47ZNWmfifk-pV6RQAsakUYj1fUJxM0Zx62NP HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2MzQzNjA2NDc1OTQxMjg4Ng%3D%3D&google_push=AQvitUJBcWPWLxX5xVWRVquZPNr0pvUW7CY8n7GQlTWwxvOORG9WraenSe7KwSYG47ZNWmfifk-pV6RQAsakUYj1fUJxM0Zx62NP

Request Chain 167

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDzT9bMJDWkYO4waBFK7geo&google_cver=1&google_push=AQvitUIaGtM9LYN8tz2vsJUKeFQhl76E8HzEq9u_22lFIZbXIF-cYq1mvtaFuionm5gepZdHJlJpNigKPeN4WCBkmJWNNb8lRvOp HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09UQ1hEOEctMjUtSUtMNQ==&google_push=AQvitUIaGtM9LYN8tz2vsJUKeFQhl76E8HzEq9u_22lFIZbXIF-cYq1mvtaFuionm5gepZdHJlJpNigKPeN4WCBkmJWNNb8lRvOp

Request Chain 168

• https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC6N7SSK-SgMXcZgI9rOT5s&google_cver=1&google_push=AQvitUJhs0g2Dw-p8OaICx5Q_SkFE7uunO6P3sx8KL4sXW-bRwCh4f-F8jZDoE7WGuxZjacTYHIfIEREtPA_YOP1uYj6afOjyvs HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=b5c78cfb6369fb53469a&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUJhs0g2Dw-p8OaICx5Q_SkFE7uunO6P3sx8KL4sXW-bRwCh4f-F8jZDoE7WGuxZjacTYHIfIEREtPA_YOP1uYj6afOjyvs

Request Chain 177

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEObCvxB3fW9-wdsQtmUUtgs&google_cver=1&google_push=AQvitUIXOXd5XvGBMtg49BNgSsm2HFFfJ7jESL1gAy5BSNNCjvBiRqOmn63Suml-1EFBdAGqC9OiqNG9zVHF7JIimKjXhlNDpbrHHg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIXOXd5XvGBMtg49BNgSsm2HFFfJ7jESL1gAy5BSNNCjvBiRqOmn63Suml-1EFBdAGqC9OiqNG9zVHF7JIimKjXhlNDpbrHHg

Request Chain 178

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEMWtzk61sKX78gfrHRXsFfc&google_cver=1&google_push=AQvitUIQjJAPAmJwU7_Zomctl8emrTZfVwrNzhBBp1B8PoAoBIww_ufqcPmEms4BGy_20b0M1mTi_yJhlfrsLN00_mQIkhsk5ecvxQ HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=l4qjLMLsTLezqPmdON5IIw2&google_push=AQvitUIQjJAPAmJwU7_Zomctl8emrTZfVwrNzhBBp1B8PoAoBIww_ufqcPmEms4BGy_20b0M1mTi_yJhlfrsLN00_mQIkhsk5ecvxQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=l4qjLMLsTLezqPmdON5IIw2&google_push=AQvitUIQjJAPAmJwU7_Zomctl8emrTZfVwrNzhBBp1B8PoAoBIww_ufqcPmEms4BGy_20b0M1mTi_yJhlfrsLN00_mQIkhsk5ecvxQ&google_tc=

Request Chain 180

• https://d5p.de17a.com/cookies/google?google_gid=CAESENrTLbtpsXNjfqUnRGDzPlw&google_cver=1&google_push=AQvitUKZhNv9Xxeh_w84lMF-efIVT7QDp_NVcZk_wu3H9oKY8cNQ3Vy5SomRnxzq6hRdU5lBDziZP23iyTmYEKqS51VhDcADAECx HTTP 302
• https://d5p.de17a.com/cookies/google;c?google_gid=CAESENrTLbtpsXNjfqUnRGDzPlw&google_cver=1&google_push=AQvitUKZhNv9Xxeh_w84lMF-efIVT7QDp_NVcZk_wu3H9oKY8cNQ3Vy5SomRnxzq6hRdU5lBDziZP23iyTmYEKqS51VhDcADAECx

Request Chain 181

• https://rtb.openx.net/sync/dds?google_gid=CAESECDcfkIiHFNz1bSPmzBl--o&google_cver=1&google_push=AQvitUJRilMUmSEw-keP4zYYdJMu0xdI5Xa3GFu_FKG9qZlJUWbWUOmcjZFfrS9PXgFRHwtTtojMsqHo4kCeRSnN67oRV-7WuKk4lg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJRilMUmSEw-keP4zYYdJMu0xdI5Xa3GFu_FKG9qZlJUWbWUOmcjZFfrS9PXgFRHwtTtojMsqHo4kCeRSnN67oRV-7WuKk4lg&google_hm=LNdPbJI2zVIzPAEXwmVwWA==

Request Chain 182

• https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC6N7SSK-SgMXcZgI9rOT5s&google_cver=1&google_push=AQvitUJZMZeXYdfqHrzaN64wlUFKkcvNsGpcREf7nbpAp-0mqX9v9krR945Jn_BaCHJgY8pL8YObpOXPFmO_1ZuM54o5ktzkzKk2Tw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=94de4fb1733bf547cbeb&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUJZMZeXYdfqHrzaN64wlUFKkcvNsGpcREf7nbpAp-0mqX9v9krR945Jn_BaCHJgY8pL8YObpOXPFmO_1ZuM54o5ktzkzKk2Tw

Request Chain 183

• https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBFPWQWp1wfzxF_7q9XgrY0&google_cver=1&google_push=AQvitUKFhDrevQhlYPKDw9etsGfOndQ_PPQSwsu7ljaqgy9UIUvNueCWYEw7OhAjAaClHfVd8mhKyEYT40dOtYFocQ8J5p1zRIg5hw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUKFhDrevQhlYPKDw9etsGfOndQ_PPQSwsu7ljaqgy9UIUvNueCWYEw7OhAjAaClHfVd8mhKyEYT40dOtYFocQ8J5p1zRIg5hw&google_hm=Mjg2NDkzMTY0OTc4MjM5NzEzNQ%3D%3D

Request Chain 186

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHznaBi6qO2EN4bA2NjwjXw&google_cver=1&google_push=AQvitUI-u4yxSmM4b8n1VQhzp256cNBgdCKRTz_Of99pl1EYu6Osg4JpzwZEIheDVwgq5vx8qNaoj0_qE0oOMmwghGcgPekXWcA9iQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHznaBi6qO2EN4bA2NjwjXw&google_push=AQvitUI-u4yxSmM4b8n1VQhzp256cNBgdCKRTz_Of99pl1EYu6Osg4JpzwZEIheDVwgq5vx8qNaoj0_qE0oOMmwghGcgPekXWcA9iQ

Request Chain 188

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGGOWx0upV0eKFx5tIzfLLg&google_cver=1&google_push=AQvitUIg1lUwHA-De5RFfaj3KQqy1iksQ2D76opEd3NdQL_nnkCn7aov54c8iJcxZWLLe6fTpBoUk7gL7TxpLdtOs1n3Pz2v3Em-Mw HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGGOWx0upV0eKFx5tIzfLLg&google_cver=1&google_push=AQvitUIg1lUwHA-De5RFfaj3KQqy1iksQ2D76opEd3NdQL_nnkCn7aov54c8iJcxZWLLe6fTpBoUk7gL7TxpLdtOs1n3Pz2v3Em-Mw

Request Chain 189

• https://rtb.openx.net/sync/dds?google_gid=CAESECDcfkIiHFNz1bSPmzBl--o&google_cver=1&google_push=AQvitUKJmDbcaXyA8Lk0zPHVHcMYEFlmGIEiH0E-74uBiEy5V0R75Jquc3ry6hFaj6xHXD2yxpWGAYQHfQR1GqT51eyXPDgLq7dmRA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKJmDbcaXyA8Lk0zPHVHcMYEFlmGIEiH0E-74uBiEy5V0R75Jquc3ry6hFaj6xHXD2yxpWGAYQHfQR1GqT51eyXPDgLq7dmRA&google_hm=LNdPbJI2zVIzPAEXwmVwWA==

Request Chain 190

• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJQplZhv1vS7bkDy0dcWrK8&google_cver=1&google_push=AQvitULe5QcxN-yzEXUiZtJsB0O2R_xyi0wJikCYRDZZyRtF-wmvTbv9OZJYfLSMtyrrMpBNAzSwMdqApAdlJDI_cfI39Lr4G2Xb HTTP 307
• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJQplZhv1vS7bkDy0dcWrK8&google_cver=1&google_push=AQvitULe5QcxN-yzEXUiZtJsB0O2R_xyi0wJikCYRDZZyRtF-wmvTbv9OZJYfLSMtyrrMpBNAzSwMdqApAdlJDI_cfI39Lr4G2Xb&sovrn_retry=true HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULe5QcxN-yzEXUiZtJsB0O2R_xyi0wJikCYRDZZyRtF-wmvTbv9OZJYfLSMtyrrMpBNAzSwMdqApAdlJDI_cfI39Lr4G2Xb&google_hm=4034cf027474dffd654eaf8d HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULe5QcxN-yzEXUiZtJsB0O2R_xyi0wJikCYRDZZyRtF-wmvTbv9OZJYfLSMtyrrMpBNAzSwMdqApAdlJDI_cfI39Lr4G2Xb&google_hm=4034cf027474dffd654eaf8d&google_tc=

Request Chain 191

• https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEf1k9J2tMcHTpZL5Mwf4Eo&google_cver=1&google_push=AQvitULwr3Ycf4F6l4sZNtEizIKYgZpii4Y5Lc4tqIsFb3fcJiC6X97dv8PitFw3L4lfScvb71B4SBzX1cZSABwgAux1Vb3JJnxLPbM HTTP 302
• https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEf1k9J2tMcHTpZL5Mwf4Eo&google_cver=1&google_push=AQvitULwr3Ycf4F6l4sZNtEizIKYgZpii4Y5Lc4tqIsFb3fcJiC6X97dv8PitFw3L4lfScvb71B4SBzX1cZSABwgAux1Vb3JJnxLPbM&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEf1k9J2tMcHTpZL5Mwf4Eo&google_cver=1&google_push=AQvitULwr3Ycf4F6l4sZNtEizIKYgZpii4Y5Lc4tqIsFb3fcJiC6X97dv8PitFw3L4lfScvb71B4SBzX1cZSABwgAux1Vb3JJnxLPbM&apid=UP4c63a848-b778-11eb-be68-0297f18d7a9a HTTP 302
• https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEf1k9J2tMcHTpZL5Mwf4Eo&google_cver=1&google_push=AQvitULwr3Ycf4F6l4sZNtEizIKYgZpii4Y5Lc4tqIsFb3fcJiC6X97dv8PitFw3L4lfScvb71B4SBzX1cZSABwgAux1Vb3JJnxLPbM&apid=UP4c63a848-b778-11eb-be68-0297f18d7a9a&verify=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0YzYzYTg0OC1iNzc4LTExZWItYmU2OC0wMjk3ZjE4ZDdhOWE%3D&google_push=AQvitULwr3Ycf4F6l4sZNtEizIKYgZpii4Y5Lc4tqIsFb3fcJiC6X97dv8PitFw3L4lfScvb71B4SBzX1cZSABwgAux1Vb3JJnxLPbM

271 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ llinks.io/ Redirect Chain https://posthau.com.br/ https://llinks.io/?fmFhB1k	822 B 964 B	347ms 315ms	Document text/html	2606:4700:3030::6815:2f56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2f56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :method GET :authority llinks.io :scheme https :path /?fmFhB1k pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:27:49 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-robots-tag none, noindex, nofollow referrer-policy no-referrer strict-transport-security max-age=63072000; includeSubDomains; preload alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-request-id 0a1eaf2ca800004e5bf027f000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bTx1rXQONVlPgGsxyx6RijKu3qE5UClxW0qOny9b0INapfBzLIdVH4XfNxDqyXmJ99T%2FiOUyAgBoubszq15Twm0Oco2uLpPIEzfY5803VB9VX5%2FH9No%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 65114e277dbb4e5b-FRA content-encoding br Redirect headers date Tue, 18 May 2021 01:27:49 GMT server Apache location https://llinks.io/?fmFhB1k content-length 234 content-type text/html; charset=iso-8859-1
GET H/1.1	200 OK	Primary Request / Show response www.posthaus.com.br/ Redirect Chain https://llinks.io/?fmFhB1k&forwardA=true https://www.awin1.com/cread.php?awinmid=17634&awinaffid=691863&ued=https%3A%2F%2Fwww.posthaus.com.br%2F https://www.zenaps.com/rclick.php?mid=17634&c_len=2592000&c_ts=1621301271&c_cnt=691863%7C0%7C0%7C1621301271%7C%7Caw%7C0&ir=433fdf30-b778-11eb-962f-692d0326f1d6&pr=https%3A%2F%2Fwww.posthaus.com.br%... https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term...	107 KB 41 KB	2838ms 542ms	Document text/html	177.101.99.110 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.110 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software / Resource Hash 0368be7dc22dd24eafa7951b0100a3d1bfd4c505b420de983c728b971a7565e4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host www.posthaus.com.br Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 Origin null Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * X-DNS-Prefetch-Control off X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=15552000; includeSubDomains X-Download-Options noopen X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block Content-Type text/html; charset=utf-8 ETag W/"1ab76-vpfdyyQzthLWdtS3xk3ZZXEoDTI" Vary Accept-Encoding Content-Encoding gzip Date Tue, 18 May 2021 01:27:57 GMT Transfer-Encoding chunked DBR-Device desktop DBR-Company posthaus DBR-USER mozilla/5.0 (windows nt 10.0; win64; x64) applewebkit/537.36 (khtml, like gecko) chrome/89.0.4389.72 safari/537.36 DBR-REFER 0 Age 0 Via AX-CACHE-4.1:110 Redirect headers Allow GET Location https://www.posthaus.com.br?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Node Helix P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Content-Length 0 Date Tue, 18 May 2021 01:27:54 GMT Connection keep-alive Set-Cookie aw17634=691863|0|0|1621301271||aw|0;domain=.zenaps.com;path=/;expires=Thursday, 17-Jun-2021 01:27:51 UTC;Secure;SameSite=None bId=HLEX_60a31817eff301.66949427;domain=.zenaps.com;path=/;expires=Wednesday, 18-May-2022 01:27:54 UTC;Secure;SameSite=None Strict-Transport-Security max-age=86400 Awin-Akamai-Rule-Set default
GET H2	200	css fonts.googleapis.com/	9 KB 837 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3ed154a0995f9a5597ccb3c567815c1222b7dd07843f761f700b9a9eb8cd3250 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 18 May 2021 00:48:09 GMT server ESF date Tue, 18 May 2021 01:27:58 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 18 May 2021 01:27:58 GMT
GET H/1.1	200 OK	Cookie set app.2aa0b421e8f1cfe53133.bundle.js Show response www.posthaus.com.br/	601 KB 154 KB	1149ms 259ms	Script application/javascript	177.101.99.110 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://www.posthaus.com.br/app.2aa0b421e8f1cfe53133.bundle.js Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.110 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software / Resource Hash bfaeded0c03e91d8d39bbbfbb83ee2f8a5c8845a6d6917b1d0327ed15eb3c65d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.posthaus.com.br Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Connection keep-alive Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff X-DNS-Prefetch-Control off DBR-Company posthaus Connection keep-alive X-XSS-Protection 1; mode=block DBR-REFER https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=zanox&utm_medium=afiliadosexternos&utm_campaign=linktexto&mkt=zanox054&utm_term=http%3a%2f%2fdecoracao.com DBR-Device desktop Last-Modified Mon, 17 May 2021 16:18:54 GMT X-Frame-Options SAMEORIGIN Date Tue, 18 May 2021 01:27:59 GMT DBR-USER mozilla/5.0 (windows nt 10.0; win64; x64) applewebkit/537.36 (khtml, like gecko) chrome/89.0.4389.72 safari/537.36 Vary Accept-Encoding X-Download-Options noopen Content-Type application/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=1800 Transfer-Encoding chunked ETag W/"96435-1797b1f86e1" Set-Cookie UqZBpD3n3meIVhgUvjWvoX+iSfgHy5ZEY83MupSb=v1X9OGSQ__DeX; Path=/ Accept-Ranges bytes
GET H/1.1	200 OK	polyfills.6c4275ad25d099142998.bundle.js Show response www.posthaus.com.br/	8 KB 4 KB	1783ms 250ms	Script application/javascript	177.101.99.110 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://www.posthaus.com.br/polyfills.6c4275ad25d099142998.bundle.js Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.110 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software / Resource Hash 8f9a1388a03ba06718fbf74810ee05a707a63fe9c5dd677966c16e8e09900658 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.posthaus.com.br Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Connection keep-alive Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Age 392 Transfer-Encoding chunked DBR-Company posthaus X-DNS-Prefetch-Control off X-XSS-Protection 1; mode=block DBR-REFER https://www.posthaus.com.br/moda-praia/plus-size Access-Control-Allow-Origin * DBR-Device desktop Last-Modified Mon, 17 May 2021 17:03:31 GMT X-Frame-Options SAMEORIGIN Date Tue, 18 May 2021 01:21:28 GMT DBR-USER mozilla/5.0 (windows nt 10.0; win64; x64) applewebkit/537.36 (khtml, like gecko) chrome/90.0.4430.212 safari/537.36 Vary Accept-Encoding X-Download-Options noopen Content-Type application/javascript; charset=UTF-8 Via AX-CACHE-4.1:110 Cache-Control public, max-age=1800 ETag W/"1eed-1797b48604c" Accept-Ranges bytes
GET H/1.1	200 OK	vendors~app.css www.posthaus.com.br/	37 KB 8 KB	883ms 250ms	Stylesheet text/css	177.101.99.110 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://www.posthaus.com.br/vendors~app.css Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.110 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software / Resource Hash 0a6d05e41bd21192149153bbd7d29a9ecdbcf0c9f1454c6a995e2a95531d1d41 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.posthaus.com.br Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Connection keep-alive Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Age 367 Transfer-Encoding chunked DBR-Company posthaus X-DNS-Prefetch-Control off X-XSS-Protection 1; mode=block DBR-REFER https://www.posthaus.com.br/moda-feminina/short-cinza-feminino_art122214null Access-Control-Allow-Origin * DBR-Device desktop Last-Modified Mon, 17 May 2021 17:03:31 GMT X-Frame-Options SAMEORIGIN Date Tue, 18 May 2021 01:21:52 GMT DBR-USER mozilla/5.0 (compatible; pinterestbot/1.0; +http://www.pinterest.com/bot.html) Vary Accept-Encoding X-Download-Options noopen Content-Type text/css; charset=UTF-8 Via AX-CACHE-4.1:110 Cache-Control public, max-age=1800 ETag W/"9254-1797b486094" Accept-Ranges bytes
GET H/1.1	200 OK	vendors~app.f18d8c397ab7beada47c.chunk.js Show response www.posthaus.com.br/	591 KB 173 KB	1997ms 465ms	Script application/javascript	177.101.99.110 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://www.posthaus.com.br/vendors~app.f18d8c397ab7beada47c.chunk.js Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.110 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software / Resource Hash 770a272e2a5b29477724368f4c624a6dcd18a9e615c3f2942741cf8227e5c789 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.posthaus.com.br Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Connection keep-alive Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Age 388 Transfer-Encoding chunked DBR-Company posthaus X-DNS-Prefetch-Control off X-XSS-Protection 1; mode=block DBR-REFER https://www.posthaus.com.br/onesignalsdkworker.js Access-Control-Allow-Origin * DBR-Device desktop Last-Modified Mon, 17 May 2021 16:19:32 GMT X-Frame-Options SAMEORIGIN Date Tue, 18 May 2021 01:21:32 GMT DBR-USER mozilla/5.0 (windows nt 6.3; win64; x64) applewebkit/537.36 (khtml, like gecko) headlesschrome/87.0.4280.141 safari/537.36 edg/87.0.664.75 Vary Accept-Encoding X-Download-Options noopen Content-Type application/javascript; charset=UTF-8 Via AX-CACHE-4.1:110 Cache-Control public, max-age=1800 ETag W/"93d1f-1797b201dff" Accept-Ranges bytes
GET H/1.1	200 OK	home.cc6381fc87e835f9800d.chunk.js Show response www.posthaus.com.br/	15 KB 5 KB	2408ms 801ms	Script application/javascript	177.101.99.110 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://www.posthaus.com.br/home.cc6381fc87e835f9800d.chunk.js Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.110 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software / Resource Hash e7cba92c5732a720deb1544a69634c35bcabda987c8136541bc722741ca53fb7 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.posthaus.com.br Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Connection keep-alive Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Age 404 Transfer-Encoding chunked DBR-Company posthaus X-DNS-Prefetch-Control off X-XSS-Protection 1; mode=block DBR-REFER https://www.posthaus.com.br/moda-feminina/vestido-de-festa Access-Control-Allow-Origin * DBR-Device desktop Last-Modified Mon, 17 May 2021 16:19:20 GMT X-Frame-Options SAMEORIGIN Date Tue, 18 May 2021 01:21:16 GMT DBR-USER mozilla/5.0 (macintosh; intel mac os x 10_15_6) applewebkit/605.1.15 (khtml, like gecko) version/14.0.3 safari/605.1.15 Vary Accept-Encoding X-Download-Options noopen Content-Type application/javascript; charset=UTF-8 Via AX-CACHE-4.1:110 Cache-Control public, max-age=1800 ETag W/"3c6a-1797b1fec9c" Accept-Ranges bytes
GET H/1.1	200 OK	desk-home.cc6381fc87e835f9800d.chunk.js Show response www.posthaus.com.br/	19 KB 6 KB	2035ms 250ms	Script application/javascript	177.101.99.110 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://www.posthaus.com.br/desk-home.cc6381fc87e835f9800d.chunk.js Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.110 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software / Resource Hash 37b26f0db6b2ad0c4eb4ff9af81e783eae8fafb19b0875da91b32af457c315c2 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.posthaus.com.br Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Connection keep-alive Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Age 410 Transfer-Encoding chunked DBR-Company posthaus X-DNS-Prefetch-Control off X-XSS-Protection 1; mode=block DBR-REFER https://www.posthaus.com.br/moda-feminina/vestido-decote-redondo-estampado_art215553?mkt=wgpshopuscoutros&utm_source=google&utm_medium=shopping&utm_campaign=wgpshopuscoutros&gclid=cjwkcajwqiifbhaheiwang9szs9rr1dgcgqjicf80bu2c8vikvafxatmwcyokliagvpujwubjytrtrochb4qavd_bwe Access-Control-Allow-Origin * DBR-Device desktop Last-Modified Mon, 17 May 2021 17:03:36 GMT X-Frame-Options SAMEORIGIN Date Tue, 18 May 2021 01:21:10 GMT DBR-USER mozilla/5.0 (windows nt 10.0; win64; x64) applewebkit/537.36 (khtml, like gecko) chrome/90.0.4430.212 safari/537.36 Vary Accept-Encoding X-Download-Options noopen Content-Type application/javascript; charset=UTF-8 Via AX-CACHE-4.1:110 Cache-Control public, max-age=1800 ETag W/"4d59-1797b48746a" Accept-Ranges bytes
GET H/1.1	200 OK	desk-product-list.296b7bee3d11422c549f.chunk.js Show response www.posthaus.com.br/	29 KB 9 KB	2292ms 252ms	Script application/javascript	177.101.99.110 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://www.posthaus.com.br/desk-product-list.296b7bee3d11422c549f.chunk.js Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.110 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software / Resource Hash e616ee2c88152f30033f18b849c80da97134836a22740955ca5a58161958c464 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.posthaus.com.br Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Connection keep-alive Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Age 384 Transfer-Encoding chunked DBR-Company posthaus X-DNS-Prefetch-Control off X-XSS-Protection 1; mode=block DBR-REFER https://www.posthaus.com.br/moda-feminina/vestido-de-pontas-estampado-lenco-rosa_art330128?utm_source=instagram&utm_medium=seminvestimento&utm_campaign=instashop&mkt=instashop&fbclid=iwar2-o0bura2zznq_oni-n26d_-ootkjgqzghglxpcc1oktjmah0vgejnvx8 Access-Control-Allow-Origin * DBR-Device desktop Last-Modified Mon, 17 May 2021 16:19:58 GMT X-Frame-Options SAMEORIGIN Date Tue, 18 May 2021 01:21:36 GMT DBR-USER facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) Vary Accept-Encoding X-Download-Options noopen Content-Type application/javascript; charset=UTF-8 Via AX-CACHE-4.1:110 Cache-Control public, max-age=1800 ETag W/"72d2-1797b2080bf" Accept-Ranges bytes
GET H/1.1	200 OK	product-details.28e63d697ca891b8a956.chunk.js Show response www.posthaus.com.br/	16 KB 6 KB	3086ms 250ms	Script application/javascript	177.101.99.110 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://www.posthaus.com.br/product-details.28e63d697ca891b8a956.chunk.js Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.110 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software / Resource Hash a3bf6a62e6905554d0049388e2a0b7b79d834fabc5d6565b3550a3b8154273a6 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.posthaus.com.br Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Connection keep-alive Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Age 385 Transfer-Encoding chunked DBR-Company posthaus X-DNS-Prefetch-Control off X-XSS-Protection 1; mode=block DBR-REFER https://www.posthaus.com.br/moda-feminina/vestido-de-pontas-estampado-lenco-rosa_art330128?utm_source=instagram&utm_medium=seminvestimento&utm_campaign=instashop&mkt=instashop&fbclid=iwar2-o0bura2zznq_oni-n26d_-ootkjgqzghglxpcc1oktjmah0vgejnvx8 Access-Control-Allow-Origin * DBR-Device desktop Last-Modified Mon, 17 May 2021 16:19:58 GMT X-Frame-Options SAMEORIGIN Date Tue, 18 May 2021 01:21:36 GMT DBR-USER facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) Vary Accept-Encoding X-Download-Options noopen Content-Type application/javascript; charset=UTF-8 Via AX-CACHE-4.1:110 Cache-Control public, max-age=1800 ETag W/"3e3f-1797b208106" Accept-Ranges bytes
GET H2	200	ic-navbar-logo.svg ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/	7 KB 3 KB	596ms 60ms	Image image/svg+xml	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ic-navbar-logo.svg Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 69740dde1b2dcafc780b3b79e4f41ac98d5aeb282cda3f68d961aded4d0d2eb2 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT content-encoding gzip last-modified Thu, 27 Dec 2018 19:29:01 GMT server Apache vary Accept-Encoding, Accept-Encoding,User-Agent content-type image/svg+xml cache-control max-age=86400 accept-ranges bytes content-length 2614 expires Wed, 19 May 2021 01:28:01 GMT
GET H2	200	ic-mastercard.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/	853 B 1 KB	598ms 62ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-mastercard.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 31dfb7610d826d312c1720e980234de2269bedb09591f134f87ab8d6840ccb6c Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT via AX-CACHE-4.1:113 last-modified Mon, 07 Dec 2020 19:48:59 GMT server Apache age 0 etag "355-5b5e51dffe0c0" vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 853 servidor Loghaus S-Cache-BNU-CDN02 expires Wed, 19 May 2021 01:28:01 GMT
GET H2	200	ic-visa.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/	629 B 890 B	598ms 62ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-visa.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash fe8237cfa6bab4b205320dc57775dc118244de737cf5b08047359195f5a07f55 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT via AX-CACHE-4.1:113 last-modified Mon, 07 Dec 2020 19:49:00 GMT server Apache age 0 etag "275-5b5e51e0f2300" vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 629 servidor Loghaus S-Cache-BNU-CDN02 expires Wed, 19 May 2021 01:28:01 GMT
GET H2	200	ic-amex.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/	534 B 795 B	599ms 63ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-amex.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 1bb39f2e41475075c585cf8a90bb256c35177f80036af0267f3a5d35385df576 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT via AX-CACHE-4.1:113 last-modified Mon, 07 Dec 2020 19:48:54 GMT server Apache age 0 etag "216-5b5e51db39580" vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 534 servidor Loghaus S-Cache-BNU-CDN02 expires Wed, 19 May 2021 01:28:01 GMT
GET H2	200	ic-caixa.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/	876 B 1 KB	599ms 64ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-caixa.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 399c127003488f2737c0e966d2a6cabf25ec632a7e94bb087d4f2df67566d4c7 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT via AX-CACHE-4.1:113 last-modified Mon, 07 Dec 2020 19:48:55 GMT server Apache age 0 servidor Loghaus S-Cache-BNU-CDN01 vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 876 expires Wed, 19 May 2021 01:28:01 GMT
GET H2	200	ic-hipercard.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/	771 B 1 KB	600ms 65ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-hipercard.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash e444e8744871fda2c920b0526bd9eaee33660153dbe548cd5df4055d970b8d78 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT via AX-CACHE-4.1:113 last-modified Wed, 25 Jul 2018 19:05:44 GMT server Apache age 0 etag "303-571d790c09200" vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 771 servidor Loghaus S-Cache-BNU-CDN02 expires Wed, 19 May 2021 01:28:01 GMT
GET H2	200	ic-elo.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/	781 B 1 KB	108ms 62ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-elo.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash fe145141adf7a295eb02f9ea18fdeb289330ce47fb5837927272ac21b6da4bbc Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT via AX-CACHE-4.1:113 last-modified Mon, 07 Dec 2020 19:48:56 GMT server Apache age 0 etag "30d-5b5e51dd21a00" vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 781 servidor Loghaus S-Cache-BNU-CDN02 expires Wed, 19 May 2021 01:28:01 GMT
GET H2	200	ic-discover.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/	762 B 1 KB	109ms 62ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-discover.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 37756fc4581c844e472ce599eb9ef847b6a668fadfaef9599b7ea9afceb54f46 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT via AX-CACHE-4.1:113 dbrhttps TRUE last-modified Mon, 07 Dec 2020 19:48:55 GMT server Apache age 0 etag "2fa-5b5e51dc2d7c0" vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 762 servidor Loghaus S-Cache-BNU-CDN02 expires Wed, 19 May 2021 01:28:01 GMT
GET H2	200	img-reclame-aqui.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/	1 KB 1 KB	106ms 63ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-reclame-aqui.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 7e140f35e7c47baaf574e9321f534de355df62e958841f1900fe62e8cab897ec Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT via AX-CACHE-4.1:113 last-modified Mon, 07 Dec 2020 19:49:01 GMT server Apache age 0 servidor Loghaus S-Cache-BNU-CDN01 vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 1152 expires Wed, 19 May 2021 01:28:01 GMT
GET H2	200	img-ebit.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/	1 KB 1 KB	107ms 64ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-ebit.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 7b5702e19970ce41380ca449d54519f428482977c78275255e909046ae97c445 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT via AX-CACHE-4.1:113 last-modified Mon, 07 Dec 2020 19:49:00 GMT server Apache age 0 etag "473-5b5e51e0f2300" vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 1139 servidor Loghaus S-Cache-BNU-CDN02 expires Wed, 19 May 2021 01:28:01 GMT
GET H2	200	img-go-daddy.jpg ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/	3 KB 3 KB	111ms 68ms	Image image/jpeg	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-go-daddy.jpg Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 8e77aa0c8ce495b82e8c0cdb2da40716a5c84ab66a1ecf2e2b1adce2341da931 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT via AX-CACHE-4.1:113 dbrhttps TRUE last-modified Tue, 26 May 2020 14:25:14 GMT server Apache age 0 etag "bc6-5a68ddd21398d" vary User-Agent content-type image/jpeg cache-control max-age=86400 accept-ranges bytes content-length 3014 servidor Loghaus S-Cache-BNU-CDN02 expires Wed, 19 May 2021 01:28:01 GMT
GET H2	200	ic-facebook.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/	197 B 457 B	112ms 69ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-facebook.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 42163a7c55b8f00f4276c06c1b47118dff268c8027b9b436efe5be5fbdd30cbe Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT via AX-CACHE-4.1:113 last-modified Mon, 07 Dec 2020 19:48:56 GMT server Apache age 0 etag "c5-5b5e51dd21a00" vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 197 servidor Loghaus S-Cache-BNU-CDN02 expires Wed, 19 May 2021 01:28:01 GMT
GET H2	200	ic-instagram.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/	3 KB 3 KB	113ms 70ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-instagram.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 1df1bedfc6649bf041238e418e2b67864dfa1905e57e6ff05a60381726413940 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:01 GMT via AX-CACHE-4.1:113 last-modified Mon, 07 Dec 2020 19:48:58 GMT server Apache age 0 etag "c9f-5b5e51df09e80" vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 3231 servidor Loghaus S-Cache-BNU-CDN02 expires Wed, 19 May 2021 01:28:01 GMT
GET DATA	200 OK	truncated /	16 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 24333fd1c10e2127184a4a8fa0552b3341720b3289c15dbfe0146fe8b4a29892 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	17 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3739254e267a5f9d7f1a73e7fcc4beb47c2eca194e3334519a078d9ba96f211d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	mem5YaGs126MiZpBA-UNirkOUuhp.woff2 fonts.gstatic.com/s/opensans/v18/	15 KB 15 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.posthaus.com.br Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 10:03:38 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:47 GMT server sffe age 141862 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14880 x-xss-protection 0 expires Mon, 16 May 2022 10:03:38 GMT
GET H3-29	200	mem8YaGs126MiZpBA-UFVZ0b.woff2 fonts.gstatic.com/s/opensans/v18/	14 KB 14 KB	15ms 13ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.posthaus.com.br Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 11 May 2021 01:50:37 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:22 GMT server sffe age 603443 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14380 x-xss-protection 0 expires Wed, 11 May 2022 01:50:37 GMT
GET H3-29	200	mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 fonts.gstatic.com/s/opensans/v18/	15 KB 15 KB	19ms 17ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.posthaus.com.br Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 11 May 2021 20:40:38 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:11:00 GMT server sffe age 535642 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15056 x-xss-protection 0 expires Wed, 11 May 2022 20:40:38 GMT
GET H/1.1	200 OK	fontawesome-webfont.woff2 www.posthaus.com.br/assets/fonts/	75 KB 76 KB	484ms 251ms	Font font/woff2	177.101.99.110 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://www.posthaus.com.br/assets/fonts/fontawesome-webfont.woff2 Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/vendors~app.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.110 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://www.posthaus.com.br Accept-Encoding gzip, deflate, br Host www.posthaus.com.br Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest font Referer https://www.posthaus.com.br/vendors~app.css Connection keep-alive Origin https://www.posthaus.com.br Referer https://www.posthaus.com.br/vendors~app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=15552000; includeSubDomains DBR-USER mozilla/5.0 (windows nt 10.0; win64; x64) applewebkit/537.36 (khtml, like gecko) chrome/90.0.4430.212 safari/537.36 X-Content-Type-Options nosniff Age 385 X-DNS-Prefetch-Control off DBR-Company posthaus Content-Length 77160 X-XSS-Protection 1; mode=block DBR-REFER https://www.posthaus.com.br/vendors~app.css?__wb_revision__=f18d8c397ab7beada47c Access-Control-Allow-Origin * DBR-Device desktop Last-Modified Mon, 17 May 2021 17:03:36 GMT Date Tue, 18 May 2021 01:21:37 GMT X-Download-Options noopen X-Frame-Options SAMEORIGIN Content-Type font/woff2 Via AX-CACHE-4.1:110 Cache-Control public, max-age=1800 ETag W/"12d68-1797b487468" Accept-Ranges bytes
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/vendors~app.f18d8c397ab7beada47c.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 3670 date Tue, 18 May 2021 00:26:52 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Tue, 18 May 2021 02:26:52 GMT
GET H3-29	200	gtm.js Show response www.googletagmanager.com/	255 KB 69 KB	41ms 30ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T4KNHML&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash dd2bdd266465caa0446a1b3bb95c3a97072a447ed3a10033313d58ecfeb0297e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:02 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 70758 x-xss-protection 0 last-modified Tue, 18 May 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 18 May 2021 01:28:02 GMT
GET H2	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	54ms 14ms	Script application/javascript	2606:4700::6812:e234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/app.2aa0b421e8f1cfe53133.bundle.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:02 GMT content-encoding gzip cf-cache-status HIT server cloudflare age 1473 etag W/"5404400d01d5519bc4a10316e7ed5c9b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 65114e789cc02ba1-FRA cf-request-id 0a1eaf5f5e00002ba181180000000001 expires Fri, 21 May 2021 01:28:02 GMT
GET H/1.1	200 OK	vendors~desk-home~home.56a60e86694745efdfcf.chunk.js Show response www.posthaus.com.br/	59 KB 20 KB	257ms 256ms	Script application/javascript	177.101.99.110 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://www.posthaus.com.br/vendors~desk-home~home.56a60e86694745efdfcf.chunk.js Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/app.2aa0b421e8f1cfe53133.bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.110 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software / Resource Hash 3eae0c283f0c134e5b38070d93fc73b6d371eaab8fe22e133b6936a6e23728d4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.posthaus.com.br Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Connection keep-alive Referer https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Age 3 Transfer-Encoding chunked DBR-Company posthaus X-DNS-Prefetch-Control off X-XSS-Protection 1; mode=block DBR-REFER https://www.posthaus.com.br/?awc=17634_1621301271_d71611cc339adaf4b46772a943dd9e6a&lnk=1458_0_0_0&ordprd=6&utm_source=zanox&utm_medium=afiliadosexternos&utm_campaign=linktexto&mkt=zanox054&utm_term=http%3a%2f%2fdecoracao.com Access-Control-Allow-Origin * DBR-Device desktop Last-Modified Mon, 17 May 2021 16:19:58 GMT X-Frame-Options SAMEORIGIN Date Tue, 18 May 2021 01:27:59 GMT DBR-USER mozilla/5.0 (windows nt 10.0; win64; x64) applewebkit/537.36 (khtml, like gecko) chrome/76.0.3809.71 safari/537.36 Vary Accept-Encoding X-Download-Options noopen Content-Type application/javascript; charset=UTF-8 Via AX-CACHE-4.1:110 Cache-Control public, max-age=1800 ETag W/"ecdc-1797b208068" Accept-Ranges bytes
GET H3-29	200	ecommerce.js Show response www.google-analytics.com/plugins/ua/	1 KB 761 B	11ms 7ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ecommerce.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:20:43 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 439 vary Accept-Encoding content-type text/javascript cache-control public, max-age=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 738 x-xss-protection 0 expires Tue, 18 May 2021 02:20:43 GMT
GET H3-29	200	js Show response www.google-analytics.com/gtm/	87 KB 34 KB	23ms 23ms	Script application/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-5XLVWG6&cid=882156496.1621301283 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fb6d269b17f297118aa7e277044a9a5718f359dee396df9eb4c48349b52f5793 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:02 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35106 x-xss-protection 0 last-modified Tue, 18 May 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 18 May 2021 01:28:02 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	92 KB 24 KB	39ms 15ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 23959 x-fb-rlafr 0 pragma public x-fb-debug QYxPxJygPfQ+q2xnGOqu/Nx2LfzIptDUZtDkQkGJ7o3DJjiNz3kM4gP/ObexEqWcLJdrwJTF0L9ErtmYuPpLVg== x-fb-trip-id 686109401 x-frame-options DENY date Tue, 18 May 2021 01:28:03 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	tag.js Show response cdn.pmweb.com.br/df/	17 KB 7 KB	1054ms 258ms	Script application/javascript	54.207.91.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pmweb.com.br/df/tag.js?id=PM-NW3T6C Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.207.91.207 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-207-91-207.sa-east-1.compute.amazonaws.com Software nginx / Resource Hash 1b2827f1b0e9b11ea1ef8b0ecdede04685530763d85e6c8d3e4d70de45b4ccb9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 18 May 2021 01:28:03 GMT Content-Encoding gzip Last-Modified Thu, 13 May 2021 22:18:59 GMT Server nginx ETag W/"609da5d3-444f" Vary Accept-Encoding Connection keep-alive Content-Type application/javascript Cache-Control max-age=300 Strict-Transport-Security max-age=31536000; includeSubdomains; preload Content-Length 6919 Expires Tue, 18 May 2021 01:33:03 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	36 KB 14 KB	212ms 76ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4KNHML&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14057 x-xss-protection 0 server cafe etag 15306424688967737279 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 18 May 2021 01:28:03 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	5 KB 2 KB	3247ms 105ms	Script application/javascript	151.101.12.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:06 GMT via 1.1 varnish last-modified Fri, 04 Dec 2020 00:21:46 GMT age 5321 etag "cbc512946c8abb461c6215ed5b454e5f+gzip" vary Accept-Encoding,Host x-cache HIT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" content-encoding gzip cache-control no-cache accept-ranges bytes content-type application/javascript; charset=utf-8 content-length 1957 x-timer S1621301286.273738,VS0,VE0 x-served-by cache-fra19139-FRA
GET H2	200	bat.js Show response bat.bing.com/	30 KB 9 KB	105ms 30ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:02 GMT content-encoding gzip last-modified Tue, 13 Apr 2021 17:21:02 GMT x-msedge-ref Ref A: 8FE860A82D9B4E9DB918FBCCFBF5EF7D Ref B: FRAEDGE1212 Ref C: 2021-05-18T01:28:03Z etag "0d398608930d71:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 accept-ranges bytes content-length 8910
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	113 KB 32 KB	15580ms 239ms	Script application/javascript	2.16.186.162 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C24Q4CFMU8Q03RAI27R0&lib=ttq Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 12c6778483f156dc6b52fb70601be43f21a09ae04fafdf977b5d3b2aff7b8ea3 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-akamai-request-id 2313206a.34ab8e7f date Tue, 18 May 2021 01:28:18 GMT content-encoding gzip x-cache-remote TCP_MISS from a184-28-72-53.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a2-16-186-158.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-) x-parent-response-time 159,2.16.186.158 server-timing cdn-cache; desc=MISS, edge; dur=154, origin; dur=5, inner; dur=0 pragma no-cache server nginx x-tt-logid 20210518012818010236040158386D158F vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 6,184.28.72.53 expires Tue, 18 May 2021 01:28:18 GMT
GET H2	200	md5.min.js Show response cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/	4 KB 2 KB	21ms 19ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4KNHML&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 2137382 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1339 cf-request-id 0a1eaf610600002c01bd89a000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:06:35 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03d8b-eb6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BFulT%2Bo2lhoZamDpXBWDqXDYNOri8K9XdTHk79rohODp6WMpBLfkWJG3AGcY10CfS45lDNVm%2BfKU2xhiUGdON6fjoM4Mf1qyry5jJAtKndmgzUino4MHkQHPb4FB8AjRjQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 65114e7b3d0c2c01-FRA expires Sun, 08 May 2022 01:28:03 GMT
GET H2	200	tagtag.min.js Show response www.artfut.com/static/	3 KB 2 KB	93ms 24ms	Script application/javascript	2606:4700:20::681a:16d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.artfut.com/static/tagtag.min.js?campaign_code=d11d781f62 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4KNHML&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 671 cf-request-id 0a1eaf614c0000dffb9eaa5000000001 pragma public last-modified Mon, 21 Sep 2020 11:48:28 GMT server cloudflare etag W/"5f68930c-cb0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PAeYVDtC0%2Fws26FYCBmH92gqMer6ade1gVvlvLgiBmG%2FRX6%2FsMptHFEd9bjrb5l93zVOTkvOw93xLbTZiKsOulVtiKK8kdQ%2Bi8THnn3DkyPUJvHmkXqX4Qw8qQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1200, public cf-ray 65114e7ba99ddffb-FRA expires Tue, 18 May 2021 01:36:52 GMT
GET H3-29	200	1464688870412041 Show response connect.facebook.net/signals/config/	255 KB 72 KB	72ms 64ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1464688870412041?v=2.9.39&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e122ee487eb29692425bb11be33243bdfcdaee0e4cb204d625fbbd9612346c10 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-fb-rlafr 0 pragma public x-fb-debug DFBFjrUFwB3cBCh5arNbVWWxAwPPmgtO7gQzXOFVeNCPxAocthR9sjHG7bBYuszS4WJu6B3ThbKu616B7bSsLw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Tue, 18 May 2021 01:28:03 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	tracking.min.js Show response www.artfut.com/static/	26 KB 7 KB	13ms 12ms	Script application/javascript	2606:4700:20::681a:16d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.artfut.com/static/tracking.min.js Requested by Host: www.artfut.com URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=d11d781f62 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 150 cf-request-id 0a1eaf61760000dffb72a8f000000001 pragma public last-modified Mon, 21 Sep 2020 11:48:28 GMT server cloudflare etag W/"5f68930c-686e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UqYXSYvE%2FHJwM0ZF3HHXKPRdTPg6etTveo8pmHyYgZ1GxRhqpgb63QTu3yS3QQdgeWTYze327JUJ0961XyfaJePJz2XnumZbDQMs35tXNmFC4N79ghHKnr%2F6xg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1200, public cf-ray 65114e7be9e2dffb-FRA expires Tue, 18 May 2021 01:45:33 GMT
GET H2	200	crossdevice.min.js Show response www.artfut.com/static/	25 KB 8 KB	21ms 19ms	Script application/javascript	2606:4700:20::681a:16d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.artfut.com/static/crossdevice.min.js Requested by Host: www.artfut.com URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=d11d781f62 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 187 cf-request-id 0a1eaf61770000dffb5aa18000000001 pragma public last-modified Mon, 21 Sep 2020 11:48:27 GMT server cloudflare etag W/"5f68930b-655c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WDNvUVm4mYMswqRk3asy9ZHwToNH%2FNEqsbHltJDMzYeVDK0Y2w1AT5iE%2BVjtOOR7lUsspflXxguHBFCrvk97ml0xQSoYCk8p7I6EBXC%2FmG%2FF5D55BgpDTrwPig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1200, public cf-ray 65114e7bf9e5dffb-FRA expires Tue, 18 May 2021 01:44:56 GMT
GET H2	204	4074602 Show response bat.bing.com/p/action/	0 150 B	147ms 145ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/4074602 Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ARR/3.0 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 18 May 2021 01:28:03 GMT cache-control private,max-age=86400 x-msedge-ref Ref A: 45C99654AEEB43F8B0A8F28903E995A9 Ref B: FRAEDGE1212 Ref C: 2021-05-18T01:28:03Z x-powered-by ARR/3.0 x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 149 B	29ms 28ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=4074602&Ver=2&mid=64ff3ad0-5cfb-4c36-9553-3a5e81d4d39a&sid=4a19f300b77811ebacaaad78a5b913c4&vid=4a1d4fd0b77811eb8ffcf50abea71489&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Posthaus,%20Moda%20Feminina,%20Blusas,%20Vestidos%20e%20mais!&p=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&r=&lt=12861&evt=pageLoad&msclkid=N&sv=1&rn=239012 Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * pragma no-cache date Tue, 18 May 2021 01:28:02 GMT cache-control no-cache, must-revalidate x-msedge-ref Ref A: 9B8352CBB4944C898595379F195E8F2F Ref B: FRAEDGE1212 Ref C: 2021-05-18T01:28:03Z x-cache CONFIG_NOCACHE expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/	3 KB 1 KB	31ms 16ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/?random=1621301283379&cv=9&fst=1621301283379&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&tiba=Posthaus%2C%20Moda%20Feminina%2C%20Blusas%2C%20Vestidos%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c19ae13ff1f5e2b246df98bc308fa799d077da7170ac85fc870362ef8eec6bb2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:03 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1209 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 362 B	9ms 7ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1464688870412041&ev=PageView&dl=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&rl=&if=false&ts=1621301283439&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.2.1621301283431.946982344&it=1621301283161&coo=false&exp=l1&rqm=GET Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Tue, 18 May 2021 01:28:03 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	4 B 24 B	13ms 13ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j90&a=979965106&t=pageview&_s=1&dl=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&dp=%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&ul=en-us&de=UTF-8&dt=Posthaus%2C%20Moda%20Feminina%2C%20Blusas%2C%20Vestidos%20e%20mais!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEITQAAAAC~&jid=704855244&gjid=1579597088&cid=882156496.1621301283&tid=UA-1640709-1&_gid=1468657763.1621301283&_r=1&_slc=1&z=1530634799 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 18 May 2021 01:28:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.posthaus.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response ipv4.icanhazip.com/	15 B 450 B	659ms 55ms	XHR text/plain	172.67.9.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ipv4.icanhazip.com/ Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/vendors~app.f18d8c397ab7beada47c.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.9.138 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6419a639f48f0423e950843a4390f7a1259b1d8f3177e0df8e4c93403fcd666e Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:04 GMT server cloudflare x-rtfm Learn about this site at http://bit.ly/icanhazip-faq expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET content-type text/plain access-control-allow-origin * x-thank-you Many thanks to the fine people at Cloudflare for keeping this site afloat! x-otter 🦦 cf-ray 65114e81a986c2c2-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15 cf-request-id 0a1eaf650e0000c2c2ed0c3000000001
GET H2	200	ld.js Show response static.criteo.net/js/ld/	36 KB 12 KB	70ms 22ms	Script text/javascript	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/ld.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4KNHML&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 78dc1d813da12c0a30b5f00242c82b9cd577771cf689d3d1061fea6cc9613cc0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT content-encoding gzip last-modified Wed, 07 Apr 2021 11:44:21 GMT server nginx etag W/"606d9b15-9076" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 19 May 2021 01:28:03 GMT
OPTIONS		/ ws-ph.ecosweb.com.br/rest/shopping/addCampaignWithoutWarn/v1/ Frame	0 0
POST		/ ws-ph.ecosweb.com.br/rest/shopping/addCampaignWithoutWarn/v1/	0 0
GET H/1.1	200 OK	/ Show response ws-ph.ecosweb.com.br/rest/products/autocomplete/v10/	12 B 543 B	495ms 256ms	XHR application/json	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/products/autocomplete/v10/?relativeURL=%2Fbusca%3Fpalavra%3D Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/vendors~app.f18d8c397ab7beada47c.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash eef46741adfc3a9f76294d3b78f37a45f113092ac9d44ee77c7a038a88ff09a1 Request headers Accept application/json, text/plain, */* Referer https://www.posthaus.com.br/ anonymous 0bf70ffb-de02-4ab8-a4c0-248f5daee3dd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Authorization eyJhbGciOiJIUzUxMiJ9.eyJqdGkiOiIwMWVhYTdhYi1iYWRkLTQ0OGMtYmU5Mi1mMjUzNTkzMTljZDQiLCJpYXQiOjE1NjUzNDgwNzksInN1YiI6IntcInBhc3N3b3JkXCI6XCJkYnI0MTAyXCIsXCJzeXN0ZW1cIjpcImRza1wiLFwiaWRDb21wYW55XCI6XCIxMlwiLFwidXNlclwiOlwiZGJyNDEwMlwifSIsImlzcyI6IjEyIiwiYXVkIjoid3MucmVzdC5hcHAifQ.xu8iGoKwk3gKTM_SHiGMS1mRiTXJMck-GT3x8C4pkRqEjVxI6BykYIZjgzKXK2YbAckbKbJ3IaxoemTmO9WC9Q Response headers Date Tue, 18 May 2021 01:27:05 GMT Via AX-CACHE-4.1:63 Server Apache-Coyote/1.1 Age 70 Content-Type application/json Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Credentials,Access-Control-Max-Age,Access-Control-Allow-Headers,AMP-Same-Origin Access-Control-Allow-Credentials true Content-Length 12
GET H/1.1	200 OK	/ ws-ph.ecosweb.com.br/rest/store/home/v10/	4 KB 4 KB	688ms 254ms	XHR application/json	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/store/home/v10/ Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/vendors~app.f18d8c397ab7beada47c.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Accept application/json, text/plain, */* Referer https://www.posthaus.com.br/ anonymous 0bf70ffb-de02-4ab8-a4c0-248f5daee3dd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Authorization eyJhbGciOiJIUzUxMiJ9.eyJqdGkiOiIwMWVhYTdhYi1iYWRkLTQ0OGMtYmU5Mi1mMjUzNTkzMTljZDQiLCJpYXQiOjE1NjUzNDgwNzksInN1YiI6IntcInBhc3N3b3JkXCI6XCJkYnI0MTAyXCIsXCJzeXN0ZW1cIjpcImRza1wiLFwiaWRDb21wYW55XCI6XCIxMlwiLFwidXNlclwiOlwiZGJyNDEwMlwifSIsImlzcyI6IjEyIiwiYXVkIjoid3MucmVzdC5hcHAifQ.xu8iGoKwk3gKTM_SHiGMS1mRiTXJMck-GT3x8C4pkRqEjVxI6BykYIZjgzKXK2YbAckbKbJ3IaxoemTmO9WC9Q Response headers Date Tue, 18 May 2021 01:20:12 GMT Via AX-CACHE-4.1:63 Server Apache-Coyote/1.1 Age 487 Content-Type application/json Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Credentials,Access-Control-Max-Age,Access-Control-Allow-Headers,AMP-Same-Origin Access-Control-Allow-Credentials true Content-Length 4008
GET H/1.1	200 OK	/ Show response ws-ph.ecosweb.com.br/rest/shopping/quantityshoppingcart/v1/	26 B 518 B	613ms 359ms	XHR application/json	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/shopping/quantityshoppingcart/v1/ Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/vendors~app.f18d8c397ab7beada47c.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash fe8a41e50211389f086c3697256e2032d68d6dc4e386656640618cecf772bb95 Request headers Accept application/json, text/plain, */* Referer https://www.posthaus.com.br/ anonymous 0bf70ffb-de02-4ab8-a4c0-248f5daee3dd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Authorization eyJhbGciOiJIUzUxMiJ9.eyJqdGkiOiIwMWVhYTdhYi1iYWRkLTQ0OGMtYmU5Mi1mMjUzNTkzMTljZDQiLCJpYXQiOjE1NjUzNDgwNzksInN1YiI6IntcInBhc3N3b3JkXCI6XCJkYnI0MTAyXCIsXCJzeXN0ZW1cIjpcImRza1wiLFwiaWRDb21wYW55XCI6XCIxMlwiLFwidXNlclwiOlwiZGJyNDEwMlwifSIsImlzcyI6IjEyIiwiYXVkIjoid3MucmVzdC5hcHAifQ.xu8iGoKwk3gKTM_SHiGMS1mRiTXJMck-GT3x8C4pkRqEjVxI6BykYIZjgzKXK2YbAckbKbJ3IaxoemTmO9WC9Q Response headers Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Credentials,Access-Control-Max-Age,Access-Control-Allow-Headers,AMP-Same-Origin Access-Control-Allow-Credentials true Server Apache-Coyote/1.1 Date Tue, 18 May 2021 01:28:16 GMT Content-Length 26 Content-Type application/json
GET H/1.1	200 OK	/ Show response ws-ph.ecosweb.com.br/rest/store/banner/benefit/v10/	222 B 754 B	612ms 270ms	XHR application/json	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/store/banner/benefit/v10/?relativeURL=%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/vendors~app.f18d8c397ab7beada47c.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash d6f720b661f77adeda24ec846217d6b0a410740ee6213d1a1a1ba1706be5ced2 Request headers Accept application/json, text/plain, */* Referer https://www.posthaus.com.br/ anonymous 0bf70ffb-de02-4ab8-a4c0-248f5daee3dd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Authorization eyJhbGciOiJIUzUxMiJ9.eyJqdGkiOiIwMWVhYTdhYi1iYWRkLTQ0OGMtYmU5Mi1mMjUzNTkzMTljZDQiLCJpYXQiOjE1NjUzNDgwNzksInN1YiI6IntcInBhc3N3b3JkXCI6XCJkYnI0MTAyXCIsXCJzeXN0ZW1cIjpcImRza1wiLFwiaWRDb21wYW55XCI6XCIxMlwiLFwidXNlclwiOlwiZGJyNDEwMlwifSIsImlzcyI6IjEyIiwiYXVkIjoid3MucmVzdC5hcHAifQ.xu8iGoKwk3gKTM_SHiGMS1mRiTXJMck-GT3x8C4pkRqEjVxI6BykYIZjgzKXK2YbAckbKbJ3IaxoemTmO9WC9Q Response headers Date Tue, 18 May 2021 01:28:16 GMT Via AX-CACHE-4.1:63 Server Apache-Coyote/1.1 Age 0 Content-Type application/json Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Credentials,Access-Control-Max-Age,Access-Control-Allow-Headers,AMP-Same-Origin Access-Control-Allow-Credentials true Content-Length 222
GET H/1.1	200 OK	v10 Show response ws-ph.ecosweb.com.br/rest/showCase/	36 KB 37 KB	394ms 291ms	XHR application/json	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/showCase/v10?page=home&position=0 Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/vendors~app.f18d8c397ab7beada47c.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash 8aa6fa67fd3f84696a6801f8913fa43767ff13bf5734862c1eedcaa0d8ff5893 Request headers Accept application/json, text/plain, */* Referer https://www.posthaus.com.br/ anonymous 0bf70ffb-de02-4ab8-a4c0-248f5daee3dd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Authorization eyJhbGciOiJIUzUxMiJ9.eyJqdGkiOiIwMWVhYTdhYi1iYWRkLTQ0OGMtYmU5Mi1mMjUzNTkzMTljZDQiLCJpYXQiOjE1NjUzNDgwNzksInN1YiI6IntcInBhc3N3b3JkXCI6XCJkYnI0MTAyXCIsXCJzeXN0ZW1cIjpcImRza1wiLFwiaWRDb21wYW55XCI6XCIxMlwiLFwidXNlclwiOlwiZGJyNDEwMlwifSIsImlzcyI6IjEyIiwiYXVkIjoid3MucmVzdC5hcHAifQ.xu8iGoKwk3gKTM_SHiGMS1mRiTXJMck-GT3x8C4pkRqEjVxI6BykYIZjgzKXK2YbAckbKbJ3IaxoemTmO9WC9Q Response headers Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Credentials,Access-Control-Max-Age,Access-Control-Allow-Headers,AMP-Same-Origin Access-Control-Allow-Credentials true Server Apache-Coyote/1.1 Date Tue, 18 May 2021 01:28:15 GMT Transfer-Encoding chunked Content-Type application/json
GET H/1.1	200 OK	v10 ws-ph.ecosweb.com.br/rest/showCase/	39 KB 0	880ms 363ms	XHR application/json	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/showCase/v10?page=home&position=1 Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/vendors~app.f18d8c397ab7beada47c.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Accept application/json, text/plain, */* Referer https://www.posthaus.com.br/ anonymous 0bf70ffb-de02-4ab8-a4c0-248f5daee3dd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Authorization eyJhbGciOiJIUzUxMiJ9.eyJqdGkiOiIwMWVhYTdhYi1iYWRkLTQ0OGMtYmU5Mi1mMjUzNTkzMTljZDQiLCJpYXQiOjE1NjUzNDgwNzksInN1YiI6IntcInBhc3N3b3JkXCI6XCJkYnI0MTAyXCIsXCJzeXN0ZW1cIjpcImRza1wiLFwiaWRDb21wYW55XCI6XCIxMlwiLFwidXNlclwiOlwiZGJyNDEwMlwifSIsImlzcyI6IjEyIiwiYXVkIjoid3MucmVzdC5hcHAifQ.xu8iGoKwk3gKTM_SHiGMS1mRiTXJMck-GT3x8C4pkRqEjVxI6BykYIZjgzKXK2YbAckbKbJ3IaxoemTmO9WC9Q Response headers Date Tue, 18 May 2021 01:28:21 GMT Server Apache-Coyote/1.1 Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Credentials,Access-Control-Max-Age,Access-Control-Allow-Headers,AMP-Same-Origin Access-Control-Allow-Credentials true Connection close
GET H/1.1	200 OK	v10 ws-ph.ecosweb.com.br/rest/showCase/	7 KB 0	632ms 266ms	XHR application/json	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/showCase/v10?page=home&position=2 Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/vendors~app.f18d8c397ab7beada47c.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Accept application/json, text/plain, */* Referer https://www.posthaus.com.br/ anonymous 0bf70ffb-de02-4ab8-a4c0-248f5daee3dd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Authorization eyJhbGciOiJIUzUxMiJ9.eyJqdGkiOiIwMWVhYTdhYi1iYWRkLTQ0OGMtYmU5Mi1mMjUzNTkzMTljZDQiLCJpYXQiOjE1NjUzNDgwNzksInN1YiI6IntcInBhc3N3b3JkXCI6XCJkYnI0MTAyXCIsXCJzeXN0ZW1cIjpcImRza1wiLFwiaWRDb21wYW55XCI6XCIxMlwiLFwidXNlclwiOlwiZGJyNDEwMlwifSIsImlzcyI6IjEyIiwiYXVkIjoid3MucmVzdC5hcHAifQ.xu8iGoKwk3gKTM_SHiGMS1mRiTXJMck-GT3x8C4pkRqEjVxI6BykYIZjgzKXK2YbAckbKbJ3IaxoemTmO9WC9Q Response headers Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Credentials,Access-Control-Max-Age,Access-Control-Allow-Headers,AMP-Same-Origin Access-Control-Allow-Credentials true Server Apache-Coyote/1.1 Date Tue, 18 May 2021 01:28:16 GMT Transfer-Encoding chunked Content-Type application/json
GET		v10 ws-ph.ecosweb.com.br/rest/showCase/lastViewed/	0 0
OPTIONS H/1.1	200 OK	/ ws-ph.ecosweb.com.br/rest/products/autocomplete/v10/ Frame	0 0	16407ms 253ms	Preflight	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/products/autocomplete/v10/?relativeURL=%2Fbusca%3Fpalavra%3D Protocol HTTP/1.1 Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers anonymous,authorization Origin https://www.posthaus.com.br User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Server Apache-Coyote/1.1 Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Allow-Credentials true Access-Control-Max-Age 10 Access-Control-Allow-Methods GET Access-Control-Allow-Headers referer,amp-access-control-allow-source-origin,origin,amp-same-origin,save-data,x-forwarded-for,login,access-control-request-method,accept,access-control-allow-origin,authorization,x-requested-with,access-control-request-headers,anonymous,content-type,user-agent Content-Length 0 Date Tue, 18 May 2021 01:28:15 GMT Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin
OPTIONS H/1.1	200 OK	/ ws-ph.ecosweb.com.br/rest/store/home/v10/ Frame	0 0	16639ms 486ms	Preflight	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/store/home/v10/ Protocol HTTP/1.1 Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers anonymous,authorization Origin https://www.posthaus.com.br User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Server Apache-Coyote/1.1 Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Allow-Credentials true Access-Control-Max-Age 10 Access-Control-Allow-Methods GET Access-Control-Allow-Headers referer,amp-access-control-allow-source-origin,origin,amp-same-origin,save-data,x-forwarded-for,login,access-control-request-method,accept,access-control-allow-origin,authorization,x-requested-with,access-control-request-headers,anonymous,content-type,user-agent Content-Length 0 Date Tue, 18 May 2021 01:28:15 GMT Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin
OPTIONS H/1.1	200 OK	/ ws-ph.ecosweb.com.br/rest/shopping/quantityshoppingcart/v1/ Frame	0 0	16557ms 253ms	Preflight	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/shopping/quantityshoppingcart/v1/ Protocol HTTP/1.1 Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers anonymous,authorization Origin https://www.posthaus.com.br User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Server Apache-Coyote/1.1 Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Allow-Credentials true Access-Control-Max-Age 10 Access-Control-Allow-Methods GET Access-Control-Allow-Headers referer,amp-access-control-allow-source-origin,origin,amp-same-origin,save-data,x-forwarded-for,login,access-control-request-method,accept,access-control-allow-origin,authorization,x-requested-with,access-control-request-headers,anonymous,content-type,user-agent Content-Length 0 Date Tue, 18 May 2021 01:28:20 GMT Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin
OPTIONS H/1.1	200 OK	/ ws-ph.ecosweb.com.br/rest/store/banner/benefit/v10/ Frame	0 0	16558ms 254ms	Preflight	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/store/banner/benefit/v10/?relativeURL=%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com Protocol HTTP/1.1 Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers anonymous,authorization Origin https://www.posthaus.com.br User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Server Apache-Coyote/1.1 Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Allow-Credentials true Access-Control-Max-Age 10 Access-Control-Allow-Methods GET Access-Control-Allow-Headers referer,amp-access-control-allow-source-origin,origin,amp-same-origin,save-data,x-forwarded-for,login,access-control-request-method,accept,access-control-allow-origin,authorization,x-requested-with,access-control-request-headers,anonymous,content-type,user-agent Content-Length 0 Date Tue, 18 May 2021 01:28:19 GMT Connection close Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin
OPTIONS H/1.1	200 OK	v10 ws-ph.ecosweb.com.br/rest/showCase/ Frame	0 0	16556ms 252ms	Preflight	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/showCase/v10?page=home&position=0 Protocol HTTP/1.1 Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers anonymous,authorization Origin https://www.posthaus.com.br User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Server Apache-Coyote/1.1 Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Allow-Credentials true Access-Control-Max-Age 10 Access-Control-Allow-Methods GET Access-Control-Allow-Headers referer,amp-access-control-allow-source-origin,origin,amp-same-origin,save-data,x-forwarded-for,login,access-control-request-method,accept,access-control-allow-origin,authorization,x-requested-with,access-control-request-headers,anonymous,content-type,user-agent Content-Length 0 Date Tue, 18 May 2021 01:28:15 GMT Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin
GET H2	200	img-cadastro-posthaus.jpg ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/	73 KB 73 KB	70ms 61ms	Image image/jpeg	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-cadastro-posthaus.jpg Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 42aff258c3bf0c77655a77d4600a99018bd330e0f1257c61a45ff9b7c30c1127 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT via AX-CACHE-4.1:113 last-modified Tue, 04 May 2021 14:12:48 GMT server Apache age 0 servidor Loghaus S-Cache-BNU-CDN01 vary User-Agent content-type image/jpeg cache-control max-age=86400 accept-ranges bytes content-length 74517 expires Wed, 19 May 2021 01:28:03 GMT
OPTIONS H/1.1	200 OK	v10 ws-ph.ecosweb.com.br/rest/showCase/ Frame	0 0	16660ms 254ms	Preflight	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/showCase/v10?page=home&position=1 Protocol HTTP/1.1 Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers anonymous,authorization Origin https://www.posthaus.com.br User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Server Apache-Coyote/1.1 Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Allow-Credentials true Access-Control-Max-Age 10 Access-Control-Allow-Methods GET Access-Control-Allow-Headers referer,amp-access-control-allow-source-origin,origin,amp-same-origin,save-data,x-forwarded-for,login,access-control-request-method,accept,access-control-allow-origin,authorization,x-requested-with,access-control-request-headers,anonymous,content-type,user-agent Content-Length 0 Date Tue, 18 May 2021 01:28:15 GMT Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin
OPTIONS H/1.1	200 OK	v10 ws-ph.ecosweb.com.br/rest/showCase/ Frame	0 0	16811ms 251ms	Preflight	177.101.99.63 Unifique Telecomu...
General Check archive.org Show headers Download Go to Full URL https://ws-ph.ecosweb.com.br/rest/showCase/v10?page=home&position=2 Protocol HTTP/1.1 Server 177.101.99.63 União da Vitória, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers anonymous,authorization Origin https://www.posthaus.com.br User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Server Apache-Coyote/1.1 Access-Control-Allow-Origin https://www.posthaus.com.br Access-Control-Allow-Credentials true Access-Control-Max-Age 10 Access-Control-Allow-Methods GET Access-Control-Allow-Headers referer,amp-access-control-allow-source-origin,origin,amp-same-origin,save-data,x-forwarded-for,login,access-control-request-method,accept,access-control-allow-origin,authorization,x-requested-with,access-control-request-headers,anonymous,content-type,user-agent Content-Length 0 Date Tue, 18 May 2021 01:28:20 GMT Access-Control-Expose-Headers Access-Control-Expose-Headers,AMP-Access-Control-Allow-Source-Origin,Access-Control-Allow-Origin
OPTIONS		v10 ws-ph.ecosweb.com.br/rest/showCase/lastViewed/ Frame	0 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 91 B	23ms 17ms	XHR text/plain	2a00:1450:400c:c0a::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-1640709-1&cid=882156496.1621301283&jid=704855244&gjid=1579597088&_gid=1468657763.1621301283&_u=aGBAAEISQAAAAC~&z=1170532451 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 18 May 2021 01:28:03 GMT content-type text/plain access-control-allow-origin https://www.posthaus.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/	3 KB 1 KB	33ms 32ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/?random=1621301283781&cv=9&fst=1621301283781&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&tiba=Posthaus%2C%20Moda%20Feminina%2C%20Blusas%2C%20Vestidos%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 19ecb0d96dc71688f275285370add5b09fbc7ab4442e8f34f2835e6f17f588dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:03 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1210 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	0_0_100186805_1_1600.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/	93 KB 93 KB	85ms 80ms	Image image/jpeg	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100186805_1_1600.jpg Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash f86fb21ade6efcdeef3195cfa2e4b19b07b128f297a4fd90a22a0ea4b248b213 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT via AX-CACHE-4.1:113 last-modified Fri, 14 May 2021 18:02:52 GMT server Apache age 1253 servidor Loghaus S-Cache-BNU-CDN01 vary User-Agent content-type image/jpeg cache-control max-age=43200 accept-ranges bytes content-length 94803 expires Tue, 18 May 2021 13:28:03 GMT
GET H2	200	0_0_100186805_2_1600.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/	91 KB 91 KB	125ms 120ms	Image image/jpeg	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100186805_2_1600.jpg Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 91410d0b56797402ce267f3998b86b19871c1d1acf8f58cfa2bef78e16a948ca Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT via AX-CACHE-4.1:113 last-modified Fri, 14 May 2021 18:02:54 GMT server Apache age 1253 etag "16c76-5c24e0d954fea" vary User-Agent content-type image/jpeg cache-control max-age=43200 accept-ranges bytes content-length 93302 servidor Loghaus S-Cache-BNU-CDN02 expires Tue, 18 May 2021 13:28:03 GMT
GET H2	200	0_0_100186805_3_1600.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/	75 KB 75 KB	150ms 145ms	Image image/jpeg	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100186805_3_1600.jpg Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash c331cd4cfac8db20b7695782581ebb0c19c40207ae3ebf3684331c14da79cb8e Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT via AX-CACHE-4.1:113 last-modified Fri, 14 May 2021 18:02:55 GMT server Apache age 1253 etag "12b22-5c24e0da958d6" vary User-Agent content-type image/jpeg cache-control max-age=43200 accept-ranges bytes content-length 76578 servidor Loghaus S-Cache-BNU-CDN02 expires Tue, 18 May 2021 13:28:03 GMT
GET H2	200	img-frete-gratis.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/	6 KB 6 KB	157ms 153ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-frete-gratis.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 84affaaa12618c4c6301ebac4273d52f9aa3341ca6079187ac890587ba804c76 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT via AX-CACHE-4.1:113 last-modified Tue, 26 May 2020 16:45:22 GMT server Apache age 0 etag "174a-5a68fd247ac80" vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 5962 servidor Loghaus S-Cache-BNU-CDN02 expires Wed, 19 May 2021 01:28:03 GMT
GET H2	200	img-troca-gratis.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/	5 KB 5 KB	163ms 159ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-troca-gratis.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 6e488ad6c6b6afcaf4a252740b31d099a4b316c887566d61b3bd096fb066ab2a Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT via AX-CACHE-4.1:113 last-modified Tue, 26 May 2020 16:45:22 GMT server Apache age 0 servidor Loghaus S-Cache-BNU-CDN01 vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 5141 expires Wed, 19 May 2021 01:28:03 GMT
GET H2	200	img-payment.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/	5 KB 6 KB	123ms 122ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-payment.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 8bd899fbb79026f90cc487cf6207cf11f5b2944ed6b42f450a1465348b5ca6f9 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT via AX-CACHE-4.1:113 last-modified Tue, 26 May 2020 16:45:22 GMT server Apache age 0 servidor Loghaus S-Cache-BNU-CDN01 vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 5471 expires Wed, 19 May 2021 01:28:03 GMT
GET H2	200	img-magazine.png ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/	4 KB 4 KB	124ms 123ms	Image image/png	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-magazine.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 94ecdbf0822a4777b7b7f1fc01dde4afa059148f084f897870fadf09950f04fa Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT via AX-CACHE-4.1:113 last-modified Tue, 26 May 2020 13:45:52 GMT server Apache age 0 servidor Loghaus S-Cache-BNU-CDN01 vary User-Agent content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 3915 expires Wed, 19 May 2021 01:28:03 GMT
GET H3-29	200	/ www.google.com/pagead/1p-user-list/1048808556/	42 B 69 B	22ms 20ms	Image image/gif	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/1048808556/?random=1621301283379&cv=9&fst=1621299600000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&tiba=Posthaus%2C%20Moda%20Feminina%2C%20Blusas%2C%20Vestidos%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3427280321&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	/ www.google.de/pagead/1p-user-list/1048808556/	42 B 64 B	27ms 24ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/1048808556/?random=1621301283379&cv=9&fst=1621299600000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&tiba=Posthaus%2C%20Moda%20Feminina%2C%20Blusas%2C%20Vestidos%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3427280321&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	ga-audiences www.google.com/ads/	42 B 68 B	18ms 17ms	Image image/gif	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1640709-1&cid=882156496.1621301283&jid=704855244&_u=aGBAAEISQAAAAC~&z=1951318750 Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	ga-audiences www.google.de/ads/	42 B 63 B	18ms 17ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1640709-1&cid=882156496.1621301283&jid=704855244&_u=aGBAAEISQAAAAC~&z=1951318750 Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	event Show response widget.us.criteo.com/ Redirect Chain https://sslwidget.criteo.com/event?a=4764&v=5.6.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=posthaus.com.br&dtycbr=94095 https://widget.us.criteo.com/event?a=4764&v=5.6.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=posthaus.com.br&dtycbr=94095	1 KB 1 KB	1477ms 162ms	Script application/x-javascript	74.119.119.150 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://widget.us.criteo.com/event?a=4764&v=5.6.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=posthaus.com.br&dtycbr=94095 Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c76d4254878dd5338c88a7deab42022fc42371a5fdee3053168b2e5f87642e57 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT content-encoding gzip server Microsoft-IIS/10.0 timing-allow-origin * x-powered-by ASP.NET vary Accept-Encoding p3p NON DSP COR CURa PSA PSD OUR BUS NAV STA cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 30757 content-type application/x-javascript content-length 862 expires 0 Redirect headers pragma no-cache date Tue, 18 May 2021 01:28:03 GMT server Microsoft-IIS/10.0 location https://widget.us.criteo.com/event?a=4764&v=5.6.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=posthaus.com.br&dtycbr=94095 cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 2913 timing-allow-origin * content-length 0 expires 0
GET H2	200	syncframe Show response gum.criteo.com/ Frame CDEB	0 193 B	85ms 26ms	Document text/html	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?topUrl=www.posthaus.com.br&origin=onetag Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/ld.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority gum.criteo.com :scheme https :path /syncframe?topUrl=www.posthaus.com.br&origin=onetag pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.posthaus.com.br/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.posthaus.com.br/ Response headers cache-control private, max-age=0 content-type text/html; charset=utf-8 strict-transport-security max-age=31536000 cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 3557 date Tue, 18 May 2021 01:28:03 GMT content-length 0
GET H3-29	200	/ www.google.com/pagead/1p-user-list/1048808556/	42 B 69 B	21ms 19ms	Image image/gif	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/1048808556/?random=1621301283781&cv=9&fst=1621299600000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&tiba=Posthaus%2C%20Moda%20Feminina%2C%20Blusas%2C%20Vestidos%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3932672055&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	/ www.google.de/pagead/1p-user-list/1048808556/	42 B 64 B	25ms 24ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/1048808556/?random=1621301283781&cv=9&fst=1621299600000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&tiba=Posthaus%2C%20Moda%20Feminina%2C%20Blusas%2C%20Vestidos%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3932672055&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 213 B	14ms 14ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1464688870412041&ev=Microdata&dl=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&rl=&if=false&ts=1621301283964&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Posthaus%2C%20Moda%20Feminina%2C%20Blusas%2C%20Vestidos%20e%20mais!%20%22%2C%22meta%3Adescription%22%3A%22Posthaus%2C%20Moda%20Feminina%2C%20Blusas%2C%20Vestidos%20e%20muito%20mais.%20Diversas%20op%C3%A7%C3%B5es%20pra%20voc%C3%AA%20escolher.%20Aproveite!%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Posthaus%2C%20Moda%20Feminina%2C%20Blusas%2C%20Vestidos%20e%20mais!%22%2C%22og%3Aurl%22%3A%22%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.2.1621301283956.694712959&it=1621301283161&coo=false&es=automatic&tm=3&exp=l1&rqm=GET Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:03 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Tue, 18 May 2021 01:28:03 GMT
GET H2	200	0_0_100186809_1_1_880.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/	46 KB 46 KB	63ms 60ms	Image image/jpeg	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100186809_1_1_880.jpg Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 4d8c5d0d35635ca9286445576ce6e6b0f4b4fdaa9877b4ab5a78c0e5e22b899f Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:04 GMT via AX-CACHE-4.1:113 last-modified Fri, 14 May 2021 18:02:31 GMT server Apache age 0 servidor Loghaus S-Cache-BNU-CDN01 vary User-Agent content-type image/jpeg cache-control max-age=43200 accept-ranges bytes content-length 46664 expires Tue, 18 May 2021 13:28:04 GMT
GET H2	200	0_0_100186809_1_2_880.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/	69 KB 69 KB	68ms 65ms	Image image/jpeg	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100186809_1_2_880.jpg Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 4fe1064b200909f73a38aa2a4c31ef5f7faa5f4d5549cc2f4a02c2e3bfaeec4f Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:04 GMT via AX-CACHE-4.1:113 last-modified Fri, 14 May 2021 18:02:32 GMT server Apache age 0 servidor Loghaus S-Cache-BNU-CDN01 vary User-Agent content-type image/jpeg cache-control max-age=43200 accept-ranges bytes content-length 70355 expires Tue, 18 May 2021 13:28:04 GMT
GET H2	200	logoLareLazer.svg ph-cdn3.ecosweb.com.br/imagens01/	4 KB 2 KB	61ms 59ms	Image image/svg+xml	194.126.175.195 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph-cdn3.ecosweb.com.br/imagens01/logoLareLazer.svg Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US), Reverse DNS 194-126-175-195.static.hvvc.us Software Apache / Resource Hash 17bcc3658ee656d1a46a696a42e7b40c5b31b36057cf2726bdb1cf8aa90c2db3 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:04 GMT content-encoding gzip last-modified Thu, 18 Jun 2020 14:14:06 GMT server Apache etag "1132-5a85c63b5a1fa-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent content-type image/svg+xml cache-control max-age=43200 accept-ranges bytes content-length 1521 expires Tue, 18 May 2021 13:28:04 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	62 KB 21 KB	67ms 66ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 0dfee8dfa9bb417e64c0b9c3249ef610aced7a9a0d8b81888c79a22780316d0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:04 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "875 / 23 of 1000 / last-modified: 1621289344" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21345 x-xss-protection 0 expires Tue, 18 May 2021 01:28:04 GMT
GET H3-29	200	pubads_impl_2021051301.js Show response securepubads.g.doubleclick.net/gpt/	306 KB 108 KB	60ms 59ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 4bdcba71062ad849da6c41bb9130977f59af71c1b82e4c397b193469ece62ad6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:04 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 13 May 2021 08:39:52 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 110161 x-xss-protection 0 expires Tue, 18 May 2021 01:28:04 GMT
GET H3-29	200	config_2_5__24.json Show response securepubads.g.doubleclick.net/pagead/managed/js/	2 KB 724 B	152ms 89ms	XHR application/json	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/config_2_5__24.json?domain=www.posthaus.com.br Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 2ad0fe009b4e278bb28a800aab0b3c420a783b400fc57c869d15452012bc583a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:04 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 697 x-xss-protection 0 server cafe etag 6332091875858825310 vary Accept-Encoding, Origin content-type application/json; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 18 May 2021 01:28:04 GMT
GET H/1.1	200 OK	/ Show response df.pmweb.com.br/push/	2 B 511 B	1039ms 250ms	XHR text/plain	54.207.91.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://df.pmweb.com.br/push/?aid=PM-NW3T6C&cid=714641621301284083&sid=657678132826961621&pvw=7d164cee-70a2-4e95-acb7-9f536908b4d0&v=1.18.0&rs=1600x1200&tt=Posthaus%2C%20Moda%20Feminina%2C%20Blusas%2C%20Vestidos%20e%20mais!&ws=1600x1200&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&url=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&us=ZANOX&um=AFILIADOSEXTERNOS&uc=LINKTEXTO Requested by Host: cdn.pmweb.com.br URL: https://cdn.pmweb.com.br/df/tag.js?id=PM-NW3T6C Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.207.91.207 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-207-91-207.sa-east-1.compute.amazonaws.com Software nginx / Resource Hash 54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 18 May 2021 01:28:05 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubdomains; preload Content-Type text/plain Access-Control-Allow-Origin https://www.posthaus.com.br Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 Expires 0
GET H2	200	integrator.js Show response adservice.google.co.uk/adsid/	107 B 799 B	49ms 19ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.co.uk/adsid/integrator.js?domain=www.posthaus.com.br Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 18 May 2021 01:28:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	18ms 18ms	Script application/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.posthaus.com.br Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 18 May 2021 01:28:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	44 KB 18 KB	342ms 342ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3354610005030450&correlator=1428647079790941&output=ldjh&impl=fifs&eid=31061176&vrg=2021051301&ptt=17&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=70779096%2Chomedesktop728x90%2Chomedesktop300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2&prev_iu_szs=728x90%2C250x250%7C300x250%2C250x250%7C300x250%2C250x250%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1621301284&dt=1621301284731&dlt=1621301277758&idt=6587&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C409%2C675%2C941&adys=3294%2C3306%2C3306%2C3306&adks=1387136263%2C676727686%2C676727687%2C676727684&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x8%7C1600x16%7C1600x16%7C1600x16&msz=728x0%7C250x0%7C250x0%7C250x0&ga_vid=882156496.1621301283&ga_sid=1621301285&ga_hid=979965106&ga_fc=false&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&btvi=1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 75b064e84701c7c94124613837f471faae666e62e82045fba39799fbd7f4b42b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17973 x-xss-protection 0 google-lineitem-id -2,-1,-1,-1 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.posthaus.com.br cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/	0 0	51ms 13ms	Other text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-38/html/	0 0	12ms 11ms	Other text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	container.html Show response fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6AC0	6 KB 3 KB	21ms 7ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.posthaus.com.br/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.posthaus.com.br/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Tue, 18 May 2021 01:28:04 GMT expires Wed, 18 May 2022 01:28:04 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 27 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621251140663589" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27994 x-xss-protection 0 expires Tue, 18 May 2021 01:28:05 GMT
GET H3-29	200	container.html Show response fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4ADB	6 KB 3 KB	10ms 10ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.posthaus.com.br/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.posthaus.com.br/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Tue, 18 May 2021 01:28:04 GMT expires Wed, 18 May 2022 01:28:04 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	container.html Show response fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0688	6 KB 3 KB	7ms 7ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.posthaus.com.br/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.posthaus.com.br/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Tue, 18 May 2021 01:28:04 GMT expires Wed, 18 May 2022 01:28:04 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 11DA	624 B 297 B	35ms 20ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYzqmJkgEwAQ&v=APEucNW-z__4NEMkCI_NHV4ThLp6w_p-j48sCCB3qrAUH8P24AhdP1RjxhlJxPrZHnIVQouMtcYlLbl1vp1kkI9dLw7r-rI_gtsixoRIMZT31ey2ji-iCIxmsC6GDTasDPmd5vgeZt-J7onRBQKZDwFqmsDWUz-Wp-bW8Za86oAUDushN-1vV00eJ5yZvSrrJOjco4kfLqDdfRCRMdCg4bQ7Tvxq5XR_vg Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CICfxAEQifXSkAIYzqmJkgEwAQ&v=APEucNW-z__4NEMkCI_NHV4ThLp6w_p-j48sCCB3qrAUH8P24AhdP1RjxhlJxPrZHnIVQouMtcYlLbl1vp1kkI9dLw7r-rI_gtsixoRIMZT31ey2ji-iCIxmsC6GDTasDPmd5vgeZt-J7onRBQKZDwFqmsDWUz-Wp-bW8Za86oAUDushN-1vV00eJ5yZvSrrJOjco4kfLqDdfRCRMdCg4bQ7Tvxq5XR_vg pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUlyEByf3bZpHo7PuTou6-rqECrT6efpSiuoC_n2tMUM-jGjAzmGrqaXlJkr Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 18 May 2021 01:28:05 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 6AC0	57 KB 23 KB	53ms 53ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dzym_-dPobeIbSPV70LMuC_BmYlUpCR5A2e6mSqyDxkEY5T9zNZb2r5GDVNaZi3-BR3tiAh82lYO-v4EAfVdx0kLlM0sPicxTkWumzg4DEgcQ-6EAbQu6a0ZUDjKu0xF_b4g25wjdGBNSorqeTH4gk1kJwJQ&dbm_d=AKAmf-AamC3OlGM7wQa7i-ncwYDcxqzmStFuBAjBo905Ov9wy88gacqmk8ygozgGTfW6bBWWGEPDNkjHah8rlJgKAwzjL3PguzINvYcpp2MXWiD9fteoUEWS4tmjV-3RLZdWo8roZaG5A8RkMFZxSr1MXxlqZGERH33G_2tGuuZk_EK1XB02QfGgtIpr9pbqjcRWdvJ2ZruQ63UXJL2kwy8UxIFbo2DlsQvR7Z8ZwRr0V7uxS25dHvfJV0rZWzl_Apzln4QCPgiOuY9FC9KpTY7iyiTgJBzDnjZCo3AT3F_7XO0_UwJhfM9KdmpjPbyVIEeLvhggslfDdN9FuVmiKBPk1GgLV8ddNUqVmSxSV-lpjtY48Z_mimqRdCK7yB2F5qg6zqG1JxZwrozhrqHI2DEtodxV6s-e0KvHoe5Vl3YPtb6B2sR8d397i5hHSdK2FvINyXe82uIZDA00sw94_Y6h7QFSdhElc3ltRU2_rubgkXt-gd1U-nZikb7qFWd8bMsgZb9rJVsh_ISXFF-sflkPG4Cr4R5X0MeES1VLlHpGFs4pldpiEi5IJsP0RqKTh48M9NkQdBe7mqr_nRBHtqdMbSAtQ1JHFv2P_3iWHSrvF7-Vtd_zxWv-CFRURveCJfE4tMYPzrCvOcR1zXglkmqKnpHS97Mq0-xifJxL18zywLLYDGtO32pqXlsayw1q4WvDLEgOgvAjmkJOr1mMX72Ls5_JosP58wJ5MoScUlGD260Sg17OUo_cdZh96hEl8sGyP0Mbimd4h_l_VAOXcsgSBU8UB3arHi8mXKkRJqtrIhJsdiq2VmMC5skF9qcwyaJZ_YRhybRP-qG2IBBwUrIeBAxHjC3GlIQf3kSKdBEvVMRTuUccOGk6a0w5YMp15ELhDaAxTUPWk-r2feXLaXuty-skWN4wSg3yBqD_EXF1UYIXhcatrpTOJtci0wPkc76V9gZdJvrPRP1aoPIEKhDQ5sAklQf9Pj_Tl55-EKqkQTT-J0LT3Y42QHfqiDNsKP-zsxo8Rc1tb92evF5LxdrxwYvf8CxXsYo7sIIMCm95r_AlkTq2JWmWGA32sfsyr-HLVVmdhssZDdqY-jdt24mdQsZGKczo3ZB_AI-tkJYbZRcok1JmOUSHLts9yAOHCQqkNzW6rHYRTYATDkVDhGWbwBSZdX3pw9AaQxP_qCuFUJgbc39bXJ5-s2ndiZDliAQkso77UEj07R-lS9zhvP_LuPvwYd6kxSbS6vIGNo4BjZRZiCb1nxTbTxy-99BjS-2rHwFZ3g8HifyXJA7CFceMPUWYwPgdRCxG_8zrYvUx4-MKdATtvjLPzGhfCZBwuYaa9UfsgVSghw49CTBJUsbi8Qfbufppu5S1x5MIbhjkDUvksFcsnIlQ2PcXT3643xbxVSiuz-xKi7FYDAAgXmoglflZ05BKYa2hzWT3uCDV3hx-rO2PrPJ4WKeV-E7PwpRlkSU-KEhsGyEDCoUsyuDQ1-6Nirmp0In8reVRgt4fU2TQWCYenOaZqDMaMkbHtTsUqirfjOcT2bmJCQjjgt2Q3M8Mavz8AIdyOtb1wLl8wEmiUM4O3b2Y3jFktxqngHspajMc60_91QARG0fGL5fK3Y6RkB4XffX6v16iQ0DvoBf64Ojr9Xw43OllyhCuz4gQ8grQ4glK6dnYCZZ-k6PyUku2nN3zyJLVUaDZgDOf-9E-IJBHBJ42May_VOu5nV4bRZZPXLp5yV6eOWrluILXi6zoUtcYhE544NcxMpowp7ZhCNQk82LvcxHnytY_vuOPcXaovotI0XK-7TCMQ5uNhNqIeHjRA0H4MaZ3lwu_gPnavIWlhRQy51qRfDihCULawKXCtd0hG_GxalAP33M6WGhsn7BY-56Y6P1NwEIe2JRzlzJ3WyHyceqGRSudx309VbfRzX0gIpXtQ3JdodcNylH2tHwrxwgS-1im2L68pqcU7glKWoeWj01HiJsWzT7-Qp0gJmaIc1hkznUfs_RwuCdVAfJ0B2mtkL_X1WF8_q26y3Uh0HcdhRMMVJTYJZumtRDa29oD9YXFofdjkPDMIf2J-noPKHPnifA-RoxiWolWysSOfwFy9C5udgH4Io1nhk4NoF-NibgDtyoFmthskOhZ8jn8ICBDCq0vu-RqXH2SXXbFqLmBotvolxDjNsRP4fDEYjXmoWT0G1VJSETEW3HqDmffrRoiQjmvxR1vwHsfw92GRxv9OKwfz4c_9-D4aYTF3D3XLjJdEpjmexXV1wML_ulF8DkCADEWt3o1IPF5z7vtRXdILV6DNoJ4frzjgA9UO0Nu4qr8ShGD0YgQmYAWpe2EA-UyylW13oMu1KQrZhbsftk31GNKo2zP4lSd5jnGjMpm4YTU0y6uF-c4kmEpoQVtG3G5jno80sD8GO-JN26uMo9KDlQIKhZhtWRXflRI3SacTl8kqf0dsqM0zxiF_AdFTYFo_cfl-w53DMpBIVrRvDMCxo5Uk76860haEERGxpRcNBj6fdOVMrYgv6ro-qju9jznQZEda4BiKZm4NAHkXixymRc321_83-fT6UNmbcTRHhPXvXdx17nkXQaardVxrIJ9gBe9SMdHSWr8Xm5bubPd4YKQ3vBcWnPnzZmN_EVNkUrvY3-8Q1o9W5Ua3k19LZjMdbXIuAQc6-l-cgvz81YgZt0o0j4QYpnNZ-DsjN5JXo7PaXdk167KBqpi4lXnHg7cIRQbbfibs4oFg3iN6Wde_0ME3yoTvqJE5pJZKYzJj2PpdTr6BcIZj5O2m07cVQQ6tCDpns6u81bzSKB559KpOWUam3UdAet5PyefloWgF1voVfgb1J9v4ys92aK4-nU3Musv8aPfC31ESDXd_rtYf6lBO6o84LjpbKrcba_1sYGL2vRQUvaj9y9wi0SDcEiSVjgykOvGPa4vx8OSlxFVsQR0Xza7xadqQA3sOm8QssyvaIL7UauTLASVvSCMUGGgyMf0QuUVSKC11q0mfqYXQTbNdfgEV9BRwLiidDWGzENA_Y-y5QskK6ZDayUp62iXcXtos_U89ITLyqxqnJrDHRj5znfhgz8GxA-xyQCSKCt_NzSqkHOAfEzfV05K9eBp5NzQlH2f31--qlcYXRiFWAGG5Hyp8ERV2gq2i8Q9qovSQXVnPrlFOd9nWgzMPA&cid=CAASEuRoxZn9FFqLLwNn3VQFrBiewQ&rfl=1%2Chttps%253A%252F%252Fwww.posthaus.com.br%252F%240 Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1a3bb04c967e3f2e056f42fa2cf258bb7a33e33eb44741c6b73e3421341c3388 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23563 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6AC0	42 B 173 B	77ms 43ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CGl-ZQI0a8zNXcTOPKXV4E0l7LhYsiUpq31ybYtDzxwuk8-YFs5oZXLkOjaH666ugVPAnXE_vO8OVDlVrH8i5Za-RHsZs7aE9gGA7ONtnRN7Oxc1c Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 6AC0	2 KB 1 KB	51ms 23ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:25:17 GMT content-encoding gzip x-content-type-options nosniff age 168 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Jun 2021 01:25:17 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6AC0	118 KB 36 KB	54ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621251134821955" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36689 x-xss-protection 0 expires Tue, 18 May 2021 01:28:05 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 6AC0	13 KB 6 KB	45ms 22ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 00:26:53 GMT content-encoding gzip x-content-type-options nosniff age 3672 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Jun 2021 00:26:53 GMT
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 6C87	640 B 316 B	56ms 52ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYqrKJkgEwAQ&v=APEucNXld7YVinc7k-BxXn0ir4Yw2pt-oM6HGRO0JcV-Say7PRGNur-64KaMOFWl4O0Xcf6OD0Bi3IB0teW2zLubK2Gky5TRsxIT4aNax9q2yaFtOFCFqt41c1DnElXLDxKqAGZcdgb4--EXQYv14JnOTGYpJ6JExg4lYvAcaZMt80OCFa4I9RF2vch44bhKYTiIucdku-GShIB8FVvSf-UeVup54RLyeg Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CICfxAEQifXSkAIYqrKJkgEwAQ&v=APEucNXld7YVinc7k-BxXn0ir4Yw2pt-oM6HGRO0JcV-Say7PRGNur-64KaMOFWl4O0Xcf6OD0Bi3IB0teW2zLubK2Gky5TRsxIT4aNax9q2yaFtOFCFqt41c1DnElXLDxKqAGZcdgb4--EXQYv14JnOTGYpJ6JExg4lYvAcaZMt80OCFa4I9RF2vch44bhKYTiIucdku-GShIB8FVvSf-UeVup54RLyeg pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUlyEByf3bZpHo7PuTou6-rqECrT6efpSiuoC_n2tMUM-jGjAzmGrqaXlJkr Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 18 May 2021 01:28:05 GMT server cafe cache-control private content-length 295 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 4ADB	56 KB 23 KB	51ms 46ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CK_AJY7MJ09BSPHprhq5sp1pU4eKbbD_FHg5Lki0bFgiJpTOaJoLdOs0mjWKI2pc-947rtVDQ9wWXONhKogXcusNsxAfj6qbz0f3zdUuQ7Ld-m70s2FtBA8DNmI7RUJPI1vpxTCvNBLMtEF-WJTlfcEZuHqQ&dbm_d=AKAmf-CS6T1DpWwPMVFsCUf1FrbaqqC1bwhIXi7vSOjQpXvJ8D_Uv0kBP3ZC6kxKvAU-Xyq_VK-KwNgrpNxs2K4ZNg1YWJmBaLyCJTXe7JBijtlMhO5V-py8fHLYzqg6zspZJ5iGnNbbGdKBNI6aOyxLm0s-Rep1Iff6FXBfVdxLfxsga_Zj6YfvaysHO2eRNB6tSupPUKZ7ZC1Jh6B2PZ8sCKvLXugjUrXAwd8Qi6BBwlmvqUKmmyFOoaSiZB7gQSYaRoo1TzHiWXRl1DZ1o93GUWWI8aJLSicex0ILqTIgkpzGcNRMr71bGuaPsbV3vzCUSy4YVCQrUKSUkIWej9om1q0SwTuQ0J83LMIsEDwvMg9u-xDuHsYlGNIyPHYmnDI-nAymJ_P1c-ZnV37aULha2Wulzqnfwo-oOy3C1LCf5kiBqEfKXhAJEMEID0Zl9EiZ9Cp2xa1Rgwfg4_s1qd2wnQDAPNRJj-0GhOjB0ze_7SFxr6k9dG1muGYGQbGUDk1x9jz2nF91BfaE6yLSdcxEBImAk-srTwvxih7WBefaRcg-Ca1SR48hDOixpN5niSb-uk3MT5tJFKdF1bxmUzVWEGhPxKmmS51LXXq-6_Nak9rrrx0A9RXtwjiT5m2odxHbtIPuPOtlGouz8PE7SZYTPMLEO5wPLsXawvRz06H7m8oS58eVtHJBRqJw38zAtY_r-8EaGeUgVG9YKHg3-3iwuGXuZoTH09ewhYPqdgULvf2YsFp8Sq403qbn4Y9XOuu0untgkm6wfHKVSjWJ971a9QpBCrBzpRSMmj5ED6qRE1IygV22ZcGVqiERkRZIDjoL_bg1iRQYjxtndkFuppDqmV0KcErstIhEE1GHltHDnTTlEMVlRYKkCwi5ZwmmeMeIefm67zKXMmeKK_IzdW1VK9mvFxEQ2Ban9frIzeGMPj_28617VPqnhj9lHiWEVn3loWqZ9EytVR6guloYYgVnZwPa7tBtzjs0u5TsTnkbLyl7x0-L0Avsyu4jE9kCxLSK37aNpWGqCiVkn8RmxRyR4yiLYOLyTb3mczfeYD0SjFOTSVRZgpAkA1ZTf_oXJOlMW6P6dhIkgnCmIVUM_u6Mi55XLAmT73wMaW1YvAsMF6K7c9GDGgxnm5D3S9vNirhl1iBH-F5loEx0sTpgb5qnECNzxY1Dtccjt2ir4O8Z3lxl0vyZMU3UYmjx6QIbLIqaZv4JbN9JATAsUaTOX3NV77lVSpIusm3ermV-Eu6GMOoj9GI1DApqzO7NUPvroPFO53i49WK3NJlj3pI-fEEhXr2zZdq5rDenFF8Mm08tE1HpW4J1qmRh_U1_AEbwI9dwwQt4OVrEpxSr9sXng82ZKfIHlkh_KF_4KHMdb6hlM3mOVMYZ-REQ9xjPfJqlEoh1Qt94Hwva315lXG4QpYMkYGcy7KrYH_e2n6TwrNtYclbwXSy9NLjd6UhW_6WJPUbT64_Ht9qyOfftxpfNsH_k8SqoD51HEjQtYC2kmOosnEgPcvkXlEgcNuFv16fvPlpx-axDXAKe_T2e45joiJh6MOFOu6RJfsBKyUJJZ5Cx5v_MT5KT8L19Xs1eB93qpHXMvW6KVKaDcRvrDIVReJOTthpei27tvXtqHax69qm6Y7YLLFVPqrNIupjUEY4q01q6g_GGAk_fgLDyjJOVSfxccFSgNhxtx3A9cHUpoMS7k4IeAYi1-7ynHFRbKutHuSbwqmYxK-luLqAbLfbCliyrurw6scAwX4JJqrWZJOC8r0W0Cgc-hiIUfkDORYzkdABSSxsAYlFCwvezh_hI4ZYqlirwfgdg7QzsjMIhCMIE1ekBpUtjRn_ahwWvJTnMcStbca8TM5gllMmhiWdvE627c51-HreE8DdWyOALefHgJ0TXCTXMvfKOKI2bS71bCvVA8-FVtm2JN23Zy0p7bboqbUERbq2Ef_QPg5MKzh6r3M3Su8GzHo8DQ2mowYPpkhBNTCR9JmzzCt4hoN8uP6SPM3ILEjAlODb1hLgvnjltZWf_1TQ8UJmo97FbEGHbb6Ounb9rCW0O4gvJd4jrLbEXqFpC5peV4PIUBtiZOWEX7SOvPMoZWAULxKnSA7yDjZ0t_SGwWBkFGKGROFIAbXhd9Yy_QgnlSwhz1UbbxKM1tYUdSssR94AFDBtxcGqDMv2n1tonXcdmW1O8D5Me5yJqGwV90heD-TKDICSEI09Zbq23MUa-k4aEqo1-1j4hOoE223msdOUkfV3X6G0Dm9SIwNft9Vr75OTDcPL7NP8M1HQytm3cK1Yp97JU_RCLbyyoo6ll9S0e7f16jU24HA86CpBC2VozB6SlaxoY7id10rX4c8Lg8vpYkJV_Ndb4SJOUDp94oNcBue32igMrUCx43zTLyKmN84lh_GphrJNNGKmmE5pnZbdUGVyYN9WtKnlwELFcNegbxHUB9AbybUzrGeZW_idE2VF_nOsfqbAu8Wfl3IV3BXLix5yNn-C52eHyrzqtvZNsi70Was6JPYXcemJCAaxuAQeuFo8dNkBOiILUn5KZAkI_zT93PFbbWTvaB3sWbV8z5lxtdvBZyc3yZtowKUccqGNYbmdRYssDpkfjDciXNdTJpetBGGNRkzbBA33N91HlJpsTF6WXLYgBsyfvZTfFtOa5rhU_z-VTXBWafF3hlbC6t3ZVvV9WVsZtVBRN3yAz-gMYPAvEuh4h-AIVMKhuROPdDhafrr1RrxUjr5ol9EFxjgrUK9Y9RzLUHFdz-y4h42-d_1U9oSD-xIvpsyNL7pxJEkSto3TFJHXw9n3I2dH-gCPG5w3tTfk1oYs9uRwOnWifyb2RFFyZknyYdz67tXA3LqRP1xmmb1QhSMdgoVtYCkjDIsT29JlIIQQ6z5L1BEO8O8UBTxqQipegDSB04DUM8si_zBZuHLjwvup6-LwVsmTT8-eGeLLPJU0xFcni5efR_NCeRY4m2EvxMmZc1HsYQxpOSrGfTJfVX02x6WqdX2WQtVzaFxcW7btP66bpW4Scm8cgag8KKcoNEETLYvZi9QXdeKxyo54-taSBOxfCr1E-i2it1O5FYO0IlbN9TcmFlht0mU2F5vAH0DvSRWdmKZVyKmKSLVLOHRo82ZUQceowSQ9g7iVyTorYWcUhc_6kwpB08seCqbd2iHZVig&cid=CAASEuRojc5w1WeNZAcMd_DvlT57EA&rfl=1%2Chttps%253A%252F%252Fwww.posthaus.com.br%252F%240 Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7069ae18c23b49be0364ee9e25306da392b85d934ce45fbd95baab9e66a8cbc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23559 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4ADB	42 B 107 B	90ms 67ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CWyAvDutdWZM7GgY8GnjbFV0cifOc8751aI-v9Yh8LJvq1Tj-eYGzDP5GGuzmqxeR9-cN6KC-GX6YJ4sIG3XynG8rvE5rjWffh_4gVT_ZqMsV8qyU Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 4ADB	2 KB 1 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:25:17 GMT content-encoding gzip x-content-type-options nosniff age 168 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Jun 2021 01:25:17 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4ADB	118 KB 36 KB	22ms 17ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621251134821955" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36689 x-xss-protection 0 expires Tue, 18 May 2021 01:28:05 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 4ADB	13 KB 6 KB	20ms 8ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 00:26:53 GMT content-encoding gzip x-content-type-options nosniff age 3672 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Jun 2021 00:26:53 GMT
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 73D3	482 B 274 B	63ms 48ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYyuyblwEwAQ&v=APEucNUqJ_AEXLeInCfLaQ2LS5HYB0DN6us6DnYb-8s5y-dCnd9SiI10YeSpJsW14_pOefSWQR1lwsBynntHnmwGb3wPwYSvr4sKz6ApIjKK3sG4G0-DcFsB4gJFwtayT6YNAKPCn1vflhpGVRRfppFQzPY-VoFcfSAJyo2v51I6SO-kjtdmNtbKJA4ffl2wLqJEfSv-K5b3Sq2DUQptYjKchu-ObmGM3Q Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CICfxAEQifXSkAIYyuyblwEwAQ&v=APEucNUqJ_AEXLeInCfLaQ2LS5HYB0DN6us6DnYb-8s5y-dCnd9SiI10YeSpJsW14_pOefSWQR1lwsBynntHnmwGb3wPwYSvr4sKz6ApIjKK3sG4G0-DcFsB4gJFwtayT6YNAKPCn1vflhpGVRRfppFQzPY-VoFcfSAJyo2v51I6SO-kjtdmNtbKJA4ffl2wLqJEfSv-K5b3Sq2DUQptYjKchu-ObmGM3Q pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUlyEByf3bZpHo7PuTou6-rqECrT6efpSiuoC_n2tMUM-jGjAzmGrqaXlJkr Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 18 May 2021 01:28:05 GMT server cafe cache-control private content-length 253 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 0688	57 KB 23 KB	80ms 59ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRd1ToWT4KutZX6y9_LkFK9BZ8dt1hbmsTXdOrWaxRiFkmRPPxX7csv0wwExnqsJC6SdrzbdNOzvDU6Ex20zZo7zRra8A70i9b3h-_s8y-_VwznMNQOgQMNZAq1PnP_rH1OTCMuiwVPejYDVKlSoncVuiuyw&dbm_d=AKAmf-C3O3XCRzrK1Ta1CzwRoenFjYKWRcP9_rSAvVaj-vSaQ0CenIFtq-wtBQ_RisMJ00KxAb0pFGm3BZgrm1_WhGHw8JHI8CPY2pGt-2icWWHeWYVjXDI_CPxkbvNjL3N_-920bnTXdPT846gw2DzLQN3n3lBA-Gg3MARhafsh-CVslQ2PAwwKF6mFy50Dx1x_3SzZCXRVHBtMBMvoF8xc6ZetMdODA4Zs62IOKB7fRheslvP63gBKxxghbsexsnhLe9T_uUrUwjjWUeIJlcNu7CsUT8EDxcYQMJBOgmmftZHiT0tP6Z0tzIDUuVcSOo3jB921jcLxZMnihYaCG3wRw-ola4vI0s2m15kZ21dHINBhZdueMbSdS-9FIlPva_TnJtmDACcBJYcSqbkWTRVYgK_38Oaa2sD_9kwA7sUfj1qx33UmAk3K5_MVkVYh4ZPaL79ngFziN2W8cnb5ZrQRNRP3XtAYsPAunHIBdPCmkYfDWt5WCuO4iF7_wq67_iY8RsTQz5PYinxGDVieOSwHHBn_eEK8zgdiJGt4g87nUpOoNNDAe6kLHgFNvcwREE_FpNfuECGii9i7jVZPxc8lTW_2m_JTliGjXG3M9IM8-SnMd8if2qTWAXjxQmhEZuVCRjZyLWcigx1F4CYBqdIqualuB4OlxNngpiqT1zsjWN4h_GLbzXCWMckfvbvMD1Rxux6LefuvkBDsYA1_-sQsAzOBdlKsjRGSIooj4b7T9HNgz5lhUIuaaThnJocnKsPrh8lHMrEObdVjiJKj5hh8EG2w-gEZiRC_h_dXZPOoVLWTTsIvYEM7vNbsWhv8XU2sRyDCNdb9A1n1Zg_fx8ngJNgRCYQJ-QJTDbHvM7h_G8q_DhbYWnSnWP-BkOYJGh1JqWwR8l6zSkS49jGRQfBe3lAmJr6EqNWDh8s64tfodcYgJ0EIV5XmoqGNiN9jbFFap7LtJRe8Jrh1qvRmV20PRYVmlJcpAmDqBQynsaOTdG6sQnk3XHDKL1jkLLylQRmm7I9xCDNSD1t96oK1mNZf_MTdMuMimr0K9OCsDf13oKYfN7Q0FVQm55PAe65vDPUujxC1Ee1Zi11EF0QOXv3vXgd6zfbqLQj7R5_vZCWaUCF3kF1nNIjN59dGUCV81tizuTHukWgn71n2cDRHOpfkVMoyXFIu446ukjosE-i0qkIA0gzM_PefqyXxBa-OXtIubzzDsuNQjyV8LsXzDjtCw1vmlHtU78rr6f2akGzULhFHIFxV_OZ30UKwdY1hRbNlznmx70-er3rb6lftVOEUUtbT5M465Lkf_zULFjuV9BjHabpGH4cM1jRljHksBRFSPoT9BVLRKl_siJXbZ1mt5vS7nqT9nImB0paUGWbZ1_jxtBIoUj0icfl-m0QWMnI2MS7Ij8xPEdY68b_9jLkvF3dT4Q9vDemnwiUP8XVRHhU5DrHlx-cof5LIGWUWBF2JSaJc-CutC_J17bLg842H1L7mavWpZv7csJMs1H7pXVjKJgYpniWnKtEUYFhsKdHP7cLfQBolrrKh5Jth_kx2G2f_VO9QT2bSqQ9nUShVwA5Dk2lWu_xGo_62fNGUBrhJf46w1Ck8fY0H-VZaJew52p9Q1Shkz355HcOGoOXM-DWAbnOHPwiV2ZzT1o9VSBKaPjSsu_uAADOZmNbPN7S236dS4Fui9QyLfl5kK4o4FZwU2hIZpZiI38Vzgr5os-9hDG05fWNSpG5A7bSpfYBUgJ5yBtQwipAu7Z5twIQ_0_3QbRKl3OW878SrUU7jatGi8TDEZEE6Q50lWKjVIrNsQyreRucZPIJKf2up_gn5vXESThlTPMBp0otCZLVRJuIS8vW7fpezEoEsjeCVVZCIe2sUHlPBTEx4CpSYzKvLWDWfyIxHuApJe5qlictBp6vLJZSpDyV3HEP9RkcBotV0KCJsk62lhR6fMdEUZ-G77uNgsad2_uzitVHu8YKufqib0E4v-OaHEAxgeQkJ_7JPEB5neEDkKTK8ZtF5yLXSWlo4fT6L7gm797nn_bREIOlOHurMrq9YOWXmj3TRXlD2YcmqpzolHoePHf-6FCVGPmCNf5KEub5j_qkP1_jb2HKOAlVgt1ESCxvp0Z3VdKy5msiVN6tSWmglkaHjykGqVHNSdi6zKuKQJA5kki89V5oeuwItDZJ7Bgqe1I019Rs2rBvUk4OhwlPhGTpfFdGKwT0lJQWxB-DuUCv-eqAHbtF183jLW_VnEWvV9s3pedOmPoPlYLHEU9qT0whPww4Cah5jdt9SWI42NZtYHRo5FKQ-v9V4DCcI07YwhDAz-nRtNqd85kP5WGw2SZZMhuyKP41siQtEi5byM1lZffeUnZ1SzARz1RnxXyPxWyPVv8QPPOSV8gak9v50k6ZhIc2eTVwLfy_xQv79oO4xBBPwj-Y71pn6ortesMJOoEz_bPHdJJy_pyOXxpybgdh_dCdbcivbwqCOfAFHRKzi4JMEV9WedNlUdCZkBZzr_ci5OhSdZmonvHGeKcvVVNk73JtgUGWpDnQQGmfhlHAIocPWKykoyQqGa-MqGp7dgcS6Z94FN-1SG6lJ_g5A9twN3Md1-VYPkOj_7_40FCsZ2MkAtFSjZCFu6xmLRK7hUPai1iNcwFndJsY9UiplbRQBBP2Qg53XoJ5unBfkPLA98_UaGqKmFsC6QYYRP_Wzg-1NC7xkeSVeMAoyeHf8fEwReV7avWk3qwd9zQWLdEFm8h0SFAAEu74Y6Mg8wfg6j3nkmzLf9x5EJemH7e6DTjk_Kv9heDfmNaszxzXqVRytidiL36frUXZ_TGugc-J12fOWIa6OvWNwKQd9H4KNSnYAS9cSw_6-fG09DywlRUlkCWNtnoXJQCUKQNFLk5HRB0yjOePpvGMDOFsPDKRgb9kUF4dvPUT_--fFi3dKDytN4a6FSMahg_VuEyqVmbpozZ8EIfISzXaxtFjoXZFqQ_kTlnyEfRdL4j37nH65ZKhdr-lNcYww3QPxyPaBj26QhHgtjaU3_CLGB5LaABJNuAFlSE8m6h6soyHeOVMevvJM3V1A3XniOmPz7p59mpIY8qGc08e1rYwgA8xiudCT9Vh6jq_eEpQflEnUkgY6RFQ0B8SOYEXpvAiW501JZTWWn82e0paOu-9W9aJBOA&cid=CAASEuRoXgktIo5jNvFT5ygs48Jyvw&rfl=1%2Chttps%253A%252F%252Fwww.posthaus.com.br%252F%240 Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5275e2d7c1df41dd7243c3232dcffe3ed9ae90c16a05b404bbcedd84872a0fc7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23565 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0688	42 B 63 B	73ms 53ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtofjefCdjih-OZ5JpAKs65vA9H9LYSA3tOqCQx3jtXcL--GI5Qfi7WDja5wiXwOnXGW0DjMFOfEbQmkWnYTJ4CMUbaz5fSybZMhpSYVWCqGjsfkQ Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 0688	2 KB 1 KB	18ms 11ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:25:17 GMT content-encoding gzip x-content-type-options nosniff age 168 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Jun 2021 01:25:17 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0688	118 KB 36 KB	28ms 18ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621251134821955" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36689 x-xss-protection 0 expires Tue, 18 May 2021 01:28:05 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 0688	13 KB 6 KB	18ms 9ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 00:26:53 GMT content-encoding gzip x-content-type-options nosniff age 3672 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Jun 2021 00:26:53 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame 0688	0 0	31ms 13ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQf9Q1GmrY7NHQhAong1O4GziBeCphdRXUgfZU5YFiInCa4UogjK3yZLlvT291Q0JRdKeGPKqMtBWUPNX2ojxKgKYvUoQ Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 6AC0	111 KB 39 KB	88ms 6ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 19:21:03 GMT content-encoding gzip x-content-type-options nosniff age 22022 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 18 May 2021 19:21:03 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/ Frame 6AC0	8 KB 3 KB	22ms 6ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dzym_-dPobeIbSPV70LMuC_BmYlUpCR5A2e6mSqyDxkEY5T9zNZb2r5GDVNaZi3-BR3tiAh82lYO-v4EAfVdx0kLlM0sPicxTkWumzg4DEgcQ-6EAbQu6a0ZUDjKu0xF_b4g25wjdGBNSorqeTH4gk1kJwJQ&dbm_d=AKAmf-AamC3OlGM7wQa7i-ncwYDcxqzmStFuBAjBo905Ov9wy88gacqmk8ygozgGTfW6bBWWGEPDNkjHah8rlJgKAwzjL3PguzINvYcpp2MXWiD9fteoUEWS4tmjV-3RLZdWo8roZaG5A8RkMFZxSr1MXxlqZGERH33G_2tGuuZk_EK1XB02QfGgtIpr9pbqjcRWdvJ2ZruQ63UXJL2kwy8UxIFbo2DlsQvR7Z8ZwRr0V7uxS25dHvfJV0rZWzl_Apzln4QCPgiOuY9FC9KpTY7iyiTgJBzDnjZCo3AT3F_7XO0_UwJhfM9KdmpjPbyVIEeLvhggslfDdN9FuVmiKBPk1GgLV8ddNUqVmSxSV-lpjtY48Z_mimqRdCK7yB2F5qg6zqG1JxZwrozhrqHI2DEtodxV6s-e0KvHoe5Vl3YPtb6B2sR8d397i5hHSdK2FvINyXe82uIZDA00sw94_Y6h7QFSdhElc3ltRU2_rubgkXt-gd1U-nZikb7qFWd8bMsgZb9rJVsh_ISXFF-sflkPG4Cr4R5X0MeES1VLlHpGFs4pldpiEi5IJsP0RqKTh48M9NkQdBe7mqr_nRBHtqdMbSAtQ1JHFv2P_3iWHSrvF7-Vtd_zxWv-CFRURveCJfE4tMYPzrCvOcR1zXglkmqKnpHS97Mq0-xifJxL18zywLLYDGtO32pqXlsayw1q4WvDLEgOgvAjmkJOr1mMX72Ls5_JosP58wJ5MoScUlGD260Sg17OUo_cdZh96hEl8sGyP0Mbimd4h_l_VAOXcsgSBU8UB3arHi8mXKkRJqtrIhJsdiq2VmMC5skF9qcwyaJZ_YRhybRP-qG2IBBwUrIeBAxHjC3GlIQf3kSKdBEvVMRTuUccOGk6a0w5YMp15ELhDaAxTUPWk-r2feXLaXuty-skWN4wSg3yBqD_EXF1UYIXhcatrpTOJtci0wPkc76V9gZdJvrPRP1aoPIEKhDQ5sAklQf9Pj_Tl55-EKqkQTT-J0LT3Y42QHfqiDNsKP-zsxo8Rc1tb92evF5LxdrxwYvf8CxXsYo7sIIMCm95r_AlkTq2JWmWGA32sfsyr-HLVVmdhssZDdqY-jdt24mdQsZGKczo3ZB_AI-tkJYbZRcok1JmOUSHLts9yAOHCQqkNzW6rHYRTYATDkVDhGWbwBSZdX3pw9AaQxP_qCuFUJgbc39bXJ5-s2ndiZDliAQkso77UEj07R-lS9zhvP_LuPvwYd6kxSbS6vIGNo4BjZRZiCb1nxTbTxy-99BjS-2rHwFZ3g8HifyXJA7CFceMPUWYwPgdRCxG_8zrYvUx4-MKdATtvjLPzGhfCZBwuYaa9UfsgVSghw49CTBJUsbi8Qfbufppu5S1x5MIbhjkDUvksFcsnIlQ2PcXT3643xbxVSiuz-xKi7FYDAAgXmoglflZ05BKYa2hzWT3uCDV3hx-rO2PrPJ4WKeV-E7PwpRlkSU-KEhsGyEDCoUsyuDQ1-6Nirmp0In8reVRgt4fU2TQWCYenOaZqDMaMkbHtTsUqirfjOcT2bmJCQjjgt2Q3M8Mavz8AIdyOtb1wLl8wEmiUM4O3b2Y3jFktxqngHspajMc60_91QARG0fGL5fK3Y6RkB4XffX6v16iQ0DvoBf64Ojr9Xw43OllyhCuz4gQ8grQ4glK6dnYCZZ-k6PyUku2nN3zyJLVUaDZgDOf-9E-IJBHBJ42May_VOu5nV4bRZZPXLp5yV6eOWrluILXi6zoUtcYhE544NcxMpowp7ZhCNQk82LvcxHnytY_vuOPcXaovotI0XK-7TCMQ5uNhNqIeHjRA0H4MaZ3lwu_gPnavIWlhRQy51qRfDihCULawKXCtd0hG_GxalAP33M6WGhsn7BY-56Y6P1NwEIe2JRzlzJ3WyHyceqGRSudx309VbfRzX0gIpXtQ3JdodcNylH2tHwrxwgS-1im2L68pqcU7glKWoeWj01HiJsWzT7-Qp0gJmaIc1hkznUfs_RwuCdVAfJ0B2mtkL_X1WF8_q26y3Uh0HcdhRMMVJTYJZumtRDa29oD9YXFofdjkPDMIf2J-noPKHPnifA-RoxiWolWysSOfwFy9C5udgH4Io1nhk4NoF-NibgDtyoFmthskOhZ8jn8ICBDCq0vu-RqXH2SXXbFqLmBotvolxDjNsRP4fDEYjXmoWT0G1VJSETEW3HqDmffrRoiQjmvxR1vwHsfw92GRxv9OKwfz4c_9-D4aYTF3D3XLjJdEpjmexXV1wML_ulF8DkCADEWt3o1IPF5z7vtRXdILV6DNoJ4frzjgA9UO0Nu4qr8ShGD0YgQmYAWpe2EA-UyylW13oMu1KQrZhbsftk31GNKo2zP4lSd5jnGjMpm4YTU0y6uF-c4kmEpoQVtG3G5jno80sD8GO-JN26uMo9KDlQIKhZhtWRXflRI3SacTl8kqf0dsqM0zxiF_AdFTYFo_cfl-w53DMpBIVrRvDMCxo5Uk76860haEERGxpRcNBj6fdOVMrYgv6ro-qju9jznQZEda4BiKZm4NAHkXixymRc321_83-fT6UNmbcTRHhPXvXdx17nkXQaardVxrIJ9gBe9SMdHSWr8Xm5bubPd4YKQ3vBcWnPnzZmN_EVNkUrvY3-8Q1o9W5Ua3k19LZjMdbXIuAQc6-l-cgvz81YgZt0o0j4QYpnNZ-DsjN5JXo7PaXdk167KBqpi4lXnHg7cIRQbbfibs4oFg3iN6Wde_0ME3yoTvqJE5pJZKYzJj2PpdTr6BcIZj5O2m07cVQQ6tCDpns6u81bzSKB559KpOWUam3UdAet5PyefloWgF1voVfgb1J9v4ys92aK4-nU3Musv8aPfC31ESDXd_rtYf6lBO6o84LjpbKrcba_1sYGL2vRQUvaj9y9wi0SDcEiSVjgykOvGPa4vx8OSlxFVsQR0Xza7xadqQA3sOm8QssyvaIL7UauTLASVvSCMUGGgyMf0QuUVSKC11q0mfqYXQTbNdfgEV9BRwLiidDWGzENA_Y-y5QskK6ZDayUp62iXcXtos_U89ITLyqxqnJrDHRj5znfhgz8GxA-xyQCSKCt_NzSqkHOAfEzfV05K9eBp5NzQlH2f31--qlcYXRiFWAGG5Hyp8ERV2gq2i8Q9qovSQXVnPrlFOd9nWgzMPA&cid=CAASEuRoxZn9FFqLLwNn3VQFrBiewQ&rfl=1%2Chttps%253A%252F%252Fwww.posthaus.com.br%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 00:40:22 GMT content-encoding gzip x-content-type-options nosniff age 2863 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Jun 2021 00:40:22 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 6AC0	22 KB 8 KB	38ms 37ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dzym_-dPobeIbSPV70LMuC_BmYlUpCR5A2e6mSqyDxkEY5T9zNZb2r5GDVNaZi3-BR3tiAh82lYO-v4EAfVdx0kLlM0sPicxTkWumzg4DEgcQ-6EAbQu6a0ZUDjKu0xF_b4g25wjdGBNSorqeTH4gk1kJwJQ&dbm_d=AKAmf-AamC3OlGM7wQa7i-ncwYDcxqzmStFuBAjBo905Ov9wy88gacqmk8ygozgGTfW6bBWWGEPDNkjHah8rlJgKAwzjL3PguzINvYcpp2MXWiD9fteoUEWS4tmjV-3RLZdWo8roZaG5A8RkMFZxSr1MXxlqZGERH33G_2tGuuZk_EK1XB02QfGgtIpr9pbqjcRWdvJ2ZruQ63UXJL2kwy8UxIFbo2DlsQvR7Z8ZwRr0V7uxS25dHvfJV0rZWzl_Apzln4QCPgiOuY9FC9KpTY7iyiTgJBzDnjZCo3AT3F_7XO0_UwJhfM9KdmpjPbyVIEeLvhggslfDdN9FuVmiKBPk1GgLV8ddNUqVmSxSV-lpjtY48Z_mimqRdCK7yB2F5qg6zqG1JxZwrozhrqHI2DEtodxV6s-e0KvHoe5Vl3YPtb6B2sR8d397i5hHSdK2FvINyXe82uIZDA00sw94_Y6h7QFSdhElc3ltRU2_rubgkXt-gd1U-nZikb7qFWd8bMsgZb9rJVsh_ISXFF-sflkPG4Cr4R5X0MeES1VLlHpGFs4pldpiEi5IJsP0RqKTh48M9NkQdBe7mqr_nRBHtqdMbSAtQ1JHFv2P_3iWHSrvF7-Vtd_zxWv-CFRURveCJfE4tMYPzrCvOcR1zXglkmqKnpHS97Mq0-xifJxL18zywLLYDGtO32pqXlsayw1q4WvDLEgOgvAjmkJOr1mMX72Ls5_JosP58wJ5MoScUlGD260Sg17OUo_cdZh96hEl8sGyP0Mbimd4h_l_VAOXcsgSBU8UB3arHi8mXKkRJqtrIhJsdiq2VmMC5skF9qcwyaJZ_YRhybRP-qG2IBBwUrIeBAxHjC3GlIQf3kSKdBEvVMRTuUccOGk6a0w5YMp15ELhDaAxTUPWk-r2feXLaXuty-skWN4wSg3yBqD_EXF1UYIXhcatrpTOJtci0wPkc76V9gZdJvrPRP1aoPIEKhDQ5sAklQf9Pj_Tl55-EKqkQTT-J0LT3Y42QHfqiDNsKP-zsxo8Rc1tb92evF5LxdrxwYvf8CxXsYo7sIIMCm95r_AlkTq2JWmWGA32sfsyr-HLVVmdhssZDdqY-jdt24mdQsZGKczo3ZB_AI-tkJYbZRcok1JmOUSHLts9yAOHCQqkNzW6rHYRTYATDkVDhGWbwBSZdX3pw9AaQxP_qCuFUJgbc39bXJ5-s2ndiZDliAQkso77UEj07R-lS9zhvP_LuPvwYd6kxSbS6vIGNo4BjZRZiCb1nxTbTxy-99BjS-2rHwFZ3g8HifyXJA7CFceMPUWYwPgdRCxG_8zrYvUx4-MKdATtvjLPzGhfCZBwuYaa9UfsgVSghw49CTBJUsbi8Qfbufppu5S1x5MIbhjkDUvksFcsnIlQ2PcXT3643xbxVSiuz-xKi7FYDAAgXmoglflZ05BKYa2hzWT3uCDV3hx-rO2PrPJ4WKeV-E7PwpRlkSU-KEhsGyEDCoUsyuDQ1-6Nirmp0In8reVRgt4fU2TQWCYenOaZqDMaMkbHtTsUqirfjOcT2bmJCQjjgt2Q3M8Mavz8AIdyOtb1wLl8wEmiUM4O3b2Y3jFktxqngHspajMc60_91QARG0fGL5fK3Y6RkB4XffX6v16iQ0DvoBf64Ojr9Xw43OllyhCuz4gQ8grQ4glK6dnYCZZ-k6PyUku2nN3zyJLVUaDZgDOf-9E-IJBHBJ42May_VOu5nV4bRZZPXLp5yV6eOWrluILXi6zoUtcYhE544NcxMpowp7ZhCNQk82LvcxHnytY_vuOPcXaovotI0XK-7TCMQ5uNhNqIeHjRA0H4MaZ3lwu_gPnavIWlhRQy51qRfDihCULawKXCtd0hG_GxalAP33M6WGhsn7BY-56Y6P1NwEIe2JRzlzJ3WyHyceqGRSudx309VbfRzX0gIpXtQ3JdodcNylH2tHwrxwgS-1im2L68pqcU7glKWoeWj01HiJsWzT7-Qp0gJmaIc1hkznUfs_RwuCdVAfJ0B2mtkL_X1WF8_q26y3Uh0HcdhRMMVJTYJZumtRDa29oD9YXFofdjkPDMIf2J-noPKHPnifA-RoxiWolWysSOfwFy9C5udgH4Io1nhk4NoF-NibgDtyoFmthskOhZ8jn8ICBDCq0vu-RqXH2SXXbFqLmBotvolxDjNsRP4fDEYjXmoWT0G1VJSETEW3HqDmffrRoiQjmvxR1vwHsfw92GRxv9OKwfz4c_9-D4aYTF3D3XLjJdEpjmexXV1wML_ulF8DkCADEWt3o1IPF5z7vtRXdILV6DNoJ4frzjgA9UO0Nu4qr8ShGD0YgQmYAWpe2EA-UyylW13oMu1KQrZhbsftk31GNKo2zP4lSd5jnGjMpm4YTU0y6uF-c4kmEpoQVtG3G5jno80sD8GO-JN26uMo9KDlQIKhZhtWRXflRI3SacTl8kqf0dsqM0zxiF_AdFTYFo_cfl-w53DMpBIVrRvDMCxo5Uk76860haEERGxpRcNBj6fdOVMrYgv6ro-qju9jznQZEda4BiKZm4NAHkXixymRc321_83-fT6UNmbcTRHhPXvXdx17nkXQaardVxrIJ9gBe9SMdHSWr8Xm5bubPd4YKQ3vBcWnPnzZmN_EVNkUrvY3-8Q1o9W5Ua3k19LZjMdbXIuAQc6-l-cgvz81YgZt0o0j4QYpnNZ-DsjN5JXo7PaXdk167KBqpi4lXnHg7cIRQbbfibs4oFg3iN6Wde_0ME3yoTvqJE5pJZKYzJj2PpdTr6BcIZj5O2m07cVQQ6tCDpns6u81bzSKB559KpOWUam3UdAet5PyefloWgF1voVfgb1J9v4ys92aK4-nU3Musv8aPfC31ESDXd_rtYf6lBO6o84LjpbKrcba_1sYGL2vRQUvaj9y9wi0SDcEiSVjgykOvGPa4vx8OSlxFVsQR0Xza7xadqQA3sOm8QssyvaIL7UauTLASVvSCMUGGgyMf0QuUVSKC11q0mfqYXQTbNdfgEV9BRwLiidDWGzENA_Y-y5QskK6ZDayUp62iXcXtos_U89ITLyqxqnJrDHRj5znfhgz8GxA-xyQCSKCt_NzSqkHOAfEzfV05K9eBp5NzQlH2f31--qlcYXRiFWAGG5Hyp8ERV2gq2i8Q9qovSQXVnPrlFOd9nWgzMPA&cid=CAASEuRoxZn9FFqLLwNn3VQFrBiewQ&rfl=1%2Chttps%253A%252F%252Fwww.posthaus.com.br%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:25:03 GMT content-encoding gzip x-content-type-options nosniff age 182 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8628 x-xss-protection 0 server cafe etag 13108869059872076478 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Jun 2021 01:25:03 GMT
GET H2	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 4ADB	111 KB 38 KB	17ms 14ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 19:21:03 GMT content-encoding gzip x-content-type-options nosniff age 22022 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 18 May 2021 19:21:03 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/ Frame 4ADB	8 KB 3 KB	10ms 8ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CK_AJY7MJ09BSPHprhq5sp1pU4eKbbD_FHg5Lki0bFgiJpTOaJoLdOs0mjWKI2pc-947rtVDQ9wWXONhKogXcusNsxAfj6qbz0f3zdUuQ7Ld-m70s2FtBA8DNmI7RUJPI1vpxTCvNBLMtEF-WJTlfcEZuHqQ&dbm_d=AKAmf-CS6T1DpWwPMVFsCUf1FrbaqqC1bwhIXi7vSOjQpXvJ8D_Uv0kBP3ZC6kxKvAU-Xyq_VK-KwNgrpNxs2K4ZNg1YWJmBaLyCJTXe7JBijtlMhO5V-py8fHLYzqg6zspZJ5iGnNbbGdKBNI6aOyxLm0s-Rep1Iff6FXBfVdxLfxsga_Zj6YfvaysHO2eRNB6tSupPUKZ7ZC1Jh6B2PZ8sCKvLXugjUrXAwd8Qi6BBwlmvqUKmmyFOoaSiZB7gQSYaRoo1TzHiWXRl1DZ1o93GUWWI8aJLSicex0ILqTIgkpzGcNRMr71bGuaPsbV3vzCUSy4YVCQrUKSUkIWej9om1q0SwTuQ0J83LMIsEDwvMg9u-xDuHsYlGNIyPHYmnDI-nAymJ_P1c-ZnV37aULha2Wulzqnfwo-oOy3C1LCf5kiBqEfKXhAJEMEID0Zl9EiZ9Cp2xa1Rgwfg4_s1qd2wnQDAPNRJj-0GhOjB0ze_7SFxr6k9dG1muGYGQbGUDk1x9jz2nF91BfaE6yLSdcxEBImAk-srTwvxih7WBefaRcg-Ca1SR48hDOixpN5niSb-uk3MT5tJFKdF1bxmUzVWEGhPxKmmS51LXXq-6_Nak9rrrx0A9RXtwjiT5m2odxHbtIPuPOtlGouz8PE7SZYTPMLEO5wPLsXawvRz06H7m8oS58eVtHJBRqJw38zAtY_r-8EaGeUgVG9YKHg3-3iwuGXuZoTH09ewhYPqdgULvf2YsFp8Sq403qbn4Y9XOuu0untgkm6wfHKVSjWJ971a9QpBCrBzpRSMmj5ED6qRE1IygV22ZcGVqiERkRZIDjoL_bg1iRQYjxtndkFuppDqmV0KcErstIhEE1GHltHDnTTlEMVlRYKkCwi5ZwmmeMeIefm67zKXMmeKK_IzdW1VK9mvFxEQ2Ban9frIzeGMPj_28617VPqnhj9lHiWEVn3loWqZ9EytVR6guloYYgVnZwPa7tBtzjs0u5TsTnkbLyl7x0-L0Avsyu4jE9kCxLSK37aNpWGqCiVkn8RmxRyR4yiLYOLyTb3mczfeYD0SjFOTSVRZgpAkA1ZTf_oXJOlMW6P6dhIkgnCmIVUM_u6Mi55XLAmT73wMaW1YvAsMF6K7c9GDGgxnm5D3S9vNirhl1iBH-F5loEx0sTpgb5qnECNzxY1Dtccjt2ir4O8Z3lxl0vyZMU3UYmjx6QIbLIqaZv4JbN9JATAsUaTOX3NV77lVSpIusm3ermV-Eu6GMOoj9GI1DApqzO7NUPvroPFO53i49WK3NJlj3pI-fEEhXr2zZdq5rDenFF8Mm08tE1HpW4J1qmRh_U1_AEbwI9dwwQt4OVrEpxSr9sXng82ZKfIHlkh_KF_4KHMdb6hlM3mOVMYZ-REQ9xjPfJqlEoh1Qt94Hwva315lXG4QpYMkYGcy7KrYH_e2n6TwrNtYclbwXSy9NLjd6UhW_6WJPUbT64_Ht9qyOfftxpfNsH_k8SqoD51HEjQtYC2kmOosnEgPcvkXlEgcNuFv16fvPlpx-axDXAKe_T2e45joiJh6MOFOu6RJfsBKyUJJZ5Cx5v_MT5KT8L19Xs1eB93qpHXMvW6KVKaDcRvrDIVReJOTthpei27tvXtqHax69qm6Y7YLLFVPqrNIupjUEY4q01q6g_GGAk_fgLDyjJOVSfxccFSgNhxtx3A9cHUpoMS7k4IeAYi1-7ynHFRbKutHuSbwqmYxK-luLqAbLfbCliyrurw6scAwX4JJqrWZJOC8r0W0Cgc-hiIUfkDORYzkdABSSxsAYlFCwvezh_hI4ZYqlirwfgdg7QzsjMIhCMIE1ekBpUtjRn_ahwWvJTnMcStbca8TM5gllMmhiWdvE627c51-HreE8DdWyOALefHgJ0TXCTXMvfKOKI2bS71bCvVA8-FVtm2JN23Zy0p7bboqbUERbq2Ef_QPg5MKzh6r3M3Su8GzHo8DQ2mowYPpkhBNTCR9JmzzCt4hoN8uP6SPM3ILEjAlODb1hLgvnjltZWf_1TQ8UJmo97FbEGHbb6Ounb9rCW0O4gvJd4jrLbEXqFpC5peV4PIUBtiZOWEX7SOvPMoZWAULxKnSA7yDjZ0t_SGwWBkFGKGROFIAbXhd9Yy_QgnlSwhz1UbbxKM1tYUdSssR94AFDBtxcGqDMv2n1tonXcdmW1O8D5Me5yJqGwV90heD-TKDICSEI09Zbq23MUa-k4aEqo1-1j4hOoE223msdOUkfV3X6G0Dm9SIwNft9Vr75OTDcPL7NP8M1HQytm3cK1Yp97JU_RCLbyyoo6ll9S0e7f16jU24HA86CpBC2VozB6SlaxoY7id10rX4c8Lg8vpYkJV_Ndb4SJOUDp94oNcBue32igMrUCx43zTLyKmN84lh_GphrJNNGKmmE5pnZbdUGVyYN9WtKnlwELFcNegbxHUB9AbybUzrGeZW_idE2VF_nOsfqbAu8Wfl3IV3BXLix5yNn-C52eHyrzqtvZNsi70Was6JPYXcemJCAaxuAQeuFo8dNkBOiILUn5KZAkI_zT93PFbbWTvaB3sWbV8z5lxtdvBZyc3yZtowKUccqGNYbmdRYssDpkfjDciXNdTJpetBGGNRkzbBA33N91HlJpsTF6WXLYgBsyfvZTfFtOa5rhU_z-VTXBWafF3hlbC6t3ZVvV9WVsZtVBRN3yAz-gMYPAvEuh4h-AIVMKhuROPdDhafrr1RrxUjr5ol9EFxjgrUK9Y9RzLUHFdz-y4h42-d_1U9oSD-xIvpsyNL7pxJEkSto3TFJHXw9n3I2dH-gCPG5w3tTfk1oYs9uRwOnWifyb2RFFyZknyYdz67tXA3LqRP1xmmb1QhSMdgoVtYCkjDIsT29JlIIQQ6z5L1BEO8O8UBTxqQipegDSB04DUM8si_zBZuHLjwvup6-LwVsmTT8-eGeLLPJU0xFcni5efR_NCeRY4m2EvxMmZc1HsYQxpOSrGfTJfVX02x6WqdX2WQtVzaFxcW7btP66bpW4Scm8cgag8KKcoNEETLYvZi9QXdeKxyo54-taSBOxfCr1E-i2it1O5FYO0IlbN9TcmFlht0mU2F5vAH0DvSRWdmKZVyKmKSLVLOHRo82ZUQceowSQ9g7iVyTorYWcUhc_6kwpB08seCqbd2iHZVig&cid=CAASEuRojc5w1WeNZAcMd_DvlT57EA&rfl=1%2Chttps%253A%252F%252Fwww.posthaus.com.br%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 00:40:22 GMT content-encoding gzip x-content-type-options nosniff age 2863 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Jun 2021 00:40:22 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 4ADB	22 KB 8 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CK_AJY7MJ09BSPHprhq5sp1pU4eKbbD_FHg5Lki0bFgiJpTOaJoLdOs0mjWKI2pc-947rtVDQ9wWXONhKogXcusNsxAfj6qbz0f3zdUuQ7Ld-m70s2FtBA8DNmI7RUJPI1vpxTCvNBLMtEF-WJTlfcEZuHqQ&dbm_d=AKAmf-CS6T1DpWwPMVFsCUf1FrbaqqC1bwhIXi7vSOjQpXvJ8D_Uv0kBP3ZC6kxKvAU-Xyq_VK-KwNgrpNxs2K4ZNg1YWJmBaLyCJTXe7JBijtlMhO5V-py8fHLYzqg6zspZJ5iGnNbbGdKBNI6aOyxLm0s-Rep1Iff6FXBfVdxLfxsga_Zj6YfvaysHO2eRNB6tSupPUKZ7ZC1Jh6B2PZ8sCKvLXugjUrXAwd8Qi6BBwlmvqUKmmyFOoaSiZB7gQSYaRoo1TzHiWXRl1DZ1o93GUWWI8aJLSicex0ILqTIgkpzGcNRMr71bGuaPsbV3vzCUSy4YVCQrUKSUkIWej9om1q0SwTuQ0J83LMIsEDwvMg9u-xDuHsYlGNIyPHYmnDI-nAymJ_P1c-ZnV37aULha2Wulzqnfwo-oOy3C1LCf5kiBqEfKXhAJEMEID0Zl9EiZ9Cp2xa1Rgwfg4_s1qd2wnQDAPNRJj-0GhOjB0ze_7SFxr6k9dG1muGYGQbGUDk1x9jz2nF91BfaE6yLSdcxEBImAk-srTwvxih7WBefaRcg-Ca1SR48hDOixpN5niSb-uk3MT5tJFKdF1bxmUzVWEGhPxKmmS51LXXq-6_Nak9rrrx0A9RXtwjiT5m2odxHbtIPuPOtlGouz8PE7SZYTPMLEO5wPLsXawvRz06H7m8oS58eVtHJBRqJw38zAtY_r-8EaGeUgVG9YKHg3-3iwuGXuZoTH09ewhYPqdgULvf2YsFp8Sq403qbn4Y9XOuu0untgkm6wfHKVSjWJ971a9QpBCrBzpRSMmj5ED6qRE1IygV22ZcGVqiERkRZIDjoL_bg1iRQYjxtndkFuppDqmV0KcErstIhEE1GHltHDnTTlEMVlRYKkCwi5ZwmmeMeIefm67zKXMmeKK_IzdW1VK9mvFxEQ2Ban9frIzeGMPj_28617VPqnhj9lHiWEVn3loWqZ9EytVR6guloYYgVnZwPa7tBtzjs0u5TsTnkbLyl7x0-L0Avsyu4jE9kCxLSK37aNpWGqCiVkn8RmxRyR4yiLYOLyTb3mczfeYD0SjFOTSVRZgpAkA1ZTf_oXJOlMW6P6dhIkgnCmIVUM_u6Mi55XLAmT73wMaW1YvAsMF6K7c9GDGgxnm5D3S9vNirhl1iBH-F5loEx0sTpgb5qnECNzxY1Dtccjt2ir4O8Z3lxl0vyZMU3UYmjx6QIbLIqaZv4JbN9JATAsUaTOX3NV77lVSpIusm3ermV-Eu6GMOoj9GI1DApqzO7NUPvroPFO53i49WK3NJlj3pI-fEEhXr2zZdq5rDenFF8Mm08tE1HpW4J1qmRh_U1_AEbwI9dwwQt4OVrEpxSr9sXng82ZKfIHlkh_KF_4KHMdb6hlM3mOVMYZ-REQ9xjPfJqlEoh1Qt94Hwva315lXG4QpYMkYGcy7KrYH_e2n6TwrNtYclbwXSy9NLjd6UhW_6WJPUbT64_Ht9qyOfftxpfNsH_k8SqoD51HEjQtYC2kmOosnEgPcvkXlEgcNuFv16fvPlpx-axDXAKe_T2e45joiJh6MOFOu6RJfsBKyUJJZ5Cx5v_MT5KT8L19Xs1eB93qpHXMvW6KVKaDcRvrDIVReJOTthpei27tvXtqHax69qm6Y7YLLFVPqrNIupjUEY4q01q6g_GGAk_fgLDyjJOVSfxccFSgNhxtx3A9cHUpoMS7k4IeAYi1-7ynHFRbKutHuSbwqmYxK-luLqAbLfbCliyrurw6scAwX4JJqrWZJOC8r0W0Cgc-hiIUfkDORYzkdABSSxsAYlFCwvezh_hI4ZYqlirwfgdg7QzsjMIhCMIE1ekBpUtjRn_ahwWvJTnMcStbca8TM5gllMmhiWdvE627c51-HreE8DdWyOALefHgJ0TXCTXMvfKOKI2bS71bCvVA8-FVtm2JN23Zy0p7bboqbUERbq2Ef_QPg5MKzh6r3M3Su8GzHo8DQ2mowYPpkhBNTCR9JmzzCt4hoN8uP6SPM3ILEjAlODb1hLgvnjltZWf_1TQ8UJmo97FbEGHbb6Ounb9rCW0O4gvJd4jrLbEXqFpC5peV4PIUBtiZOWEX7SOvPMoZWAULxKnSA7yDjZ0t_SGwWBkFGKGROFIAbXhd9Yy_QgnlSwhz1UbbxKM1tYUdSssR94AFDBtxcGqDMv2n1tonXcdmW1O8D5Me5yJqGwV90heD-TKDICSEI09Zbq23MUa-k4aEqo1-1j4hOoE223msdOUkfV3X6G0Dm9SIwNft9Vr75OTDcPL7NP8M1HQytm3cK1Yp97JU_RCLbyyoo6ll9S0e7f16jU24HA86CpBC2VozB6SlaxoY7id10rX4c8Lg8vpYkJV_Ndb4SJOUDp94oNcBue32igMrUCx43zTLyKmN84lh_GphrJNNGKmmE5pnZbdUGVyYN9WtKnlwELFcNegbxHUB9AbybUzrGeZW_idE2VF_nOsfqbAu8Wfl3IV3BXLix5yNn-C52eHyrzqtvZNsi70Was6JPYXcemJCAaxuAQeuFo8dNkBOiILUn5KZAkI_zT93PFbbWTvaB3sWbV8z5lxtdvBZyc3yZtowKUccqGNYbmdRYssDpkfjDciXNdTJpetBGGNRkzbBA33N91HlJpsTF6WXLYgBsyfvZTfFtOa5rhU_z-VTXBWafF3hlbC6t3ZVvV9WVsZtVBRN3yAz-gMYPAvEuh4h-AIVMKhuROPdDhafrr1RrxUjr5ol9EFxjgrUK9Y9RzLUHFdz-y4h42-d_1U9oSD-xIvpsyNL7pxJEkSto3TFJHXw9n3I2dH-gCPG5w3tTfk1oYs9uRwOnWifyb2RFFyZknyYdz67tXA3LqRP1xmmb1QhSMdgoVtYCkjDIsT29JlIIQQ6z5L1BEO8O8UBTxqQipegDSB04DUM8si_zBZuHLjwvup6-LwVsmTT8-eGeLLPJU0xFcni5efR_NCeRY4m2EvxMmZc1HsYQxpOSrGfTJfVX02x6WqdX2WQtVzaFxcW7btP66bpW4Scm8cgag8KKcoNEETLYvZi9QXdeKxyo54-taSBOxfCr1E-i2it1O5FYO0IlbN9TcmFlht0mU2F5vAH0DvSRWdmKZVyKmKSLVLOHRo82ZUQceowSQ9g7iVyTorYWcUhc_6kwpB08seCqbd2iHZVig&cid=CAASEuRojc5w1WeNZAcMd_DvlT57EA&rfl=1%2Chttps%253A%252F%252Fwww.posthaus.com.br%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:25:03 GMT content-encoding gzip x-content-type-options nosniff age 182 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8628 x-xss-protection 0 server cafe etag 13108869059872076478 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Jun 2021 01:25:03 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 11DA Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlQRrDwBgF28J7NCYR5VD8&google_cver=1	43 B 1014 B	53ms 49ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlQRrDwBgF28J7NCYR5VD8&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYzqmJkgEwAQ&v=APEucNW-z__4NEMkCI_NHV4ThLp6w_p-j48sCCB3qrAUH8P24AhdP1RjxhlJxPrZHnIVQouMtcYlLbl1vp1kkI9dLw7r-rI_gtsixoRIMZT31ey2ji-iCIxmsC6GDTasDPmd5vgeZt-J7onRBQKZDwFqmsDWUz-Wp-bW8Za86oAUDushN-1vV00eJ5yZvSrrJOjco4kfLqDdfRCRMdCg4bQ7Tvxq5XR_vg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 18 May 2021 01:28:05 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 18 May 2021 01:28:05 GMT Redirect headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlQRrDwBgF28J7NCYR5VD8&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 11DA Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKMYJdfL4IdRdO3D0i7h-wAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlQRrDwBgF28J7NCYR5VD8&google_cver=1	43 B 894 B	136ms 133ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlQRrDwBgF28J7NCYR5VD8&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYzqmJkgEwAQ&v=APEucNW-z__4NEMkCI_NHV4ThLp6w_p-j48sCCB3qrAUH8P24AhdP1RjxhlJxPrZHnIVQouMtcYlLbl1vp1kkI9dLw7r-rI_gtsixoRIMZT31ey2ji-iCIxmsC6GDTasDPmd5vgeZt-J7onRBQKZDwFqmsDWUz-Wp-bW8Za86oAUDushN-1vV00eJ5yZvSrrJOjco4kfLqDdfRCRMdCg4bQ7Tvxq5XR_vg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 18 May 2021 01:28:06 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 18 May 2021 01:28:06 GMT Redirect headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlQRrDwBgF28J7NCYR5VD8&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 11DA Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEFgBrRu25yIfbML6BbjHxz0&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFgBrRu25yIfbML6BbjHxz0%26google_cver%3D1	43 B 1 KB	106ms 55ms	Image image/gif	185.33.220.241 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFgBrRu25yIfbML6BbjHxz0%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYzqmJkgEwAQ&v=APEucNW-z__4NEMkCI_NHV4ThLp6w_p-j48sCCB3qrAUH8P24AhdP1RjxhlJxPrZHnIVQouMtcYlLbl1vp1kkI9dLw7r-rI_gtsixoRIMZT31ey2ji-iCIxmsC6GDTasDPmd5vgeZt-J7onRBQKZDwFqmsDWUz-Wp-bW8Za86oAUDushN-1vV00eJ5yZvSrrJOjco4kfLqDdfRCRMdCg4bQ7Tvxq5XR_vg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 18 May 2021 01:28:08 GMT X-Proxy-Origin 212.102.36.136; 212.102.36.136; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.154:80 AN-X-Request-Uuid ab68160b-1c4b-4728-9b72-c17a8b409ace Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Tue, 18 May 2021 01:28:08 GMT X-Proxy-Origin 212.102.36.136; 212.102.36.136; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.36:80 AN-X-Request-Uuid 1efe27e3-d80c-4b17-8787-0e391da6a404 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFgBrRu25yIfbML6BbjHxz0%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 11DA Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDM4NjEyNzY3NjgzNzQwNg%3D%3D	170 B 188 B	63ms 63ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDM4NjEyNzY3NjgzNzQwNg%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYzqmJkgEwAQ&v=APEucNW-z__4NEMkCI_NHV4ThLp6w_p-j48sCCB3qrAUH8P24AhdP1RjxhlJxPrZHnIVQouMtcYlLbl1vp1kkI9dLw7r-rI_gtsixoRIMZT31ey2ji-iCIxmsC6GDTasDPmd5vgeZt-J7onRBQKZDwFqmsDWUz-Wp-bW8Za86oAUDushN-1vV00eJ5yZvSrrJOjco4kfLqDdfRCRMdCg4bQ7Tvxq5XR_vg Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:08 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 18 May 2021 01:28:08 GMT X-Proxy-Origin 212.102.36.136; 212.102.36.136; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.234:80 AN-X-Request-Uuid 97e1bba0-0f32-4ac9-ba59-c089a5135a49 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDM4NjEyNzY3NjgzNzQwNg%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 6C87 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFwVF0FvcN79upJZLCpGejY&google_cver=1	43 B 106 B	60ms 59ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFwVF0FvcN79upJZLCpGejY&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYqrKJkgEwAQ&v=APEucNXld7YVinc7k-BxXn0ir4Yw2pt-oM6HGRO0JcV-Say7PRGNur-64KaMOFWl4O0Xcf6OD0Bi3IB0teW2zLubK2Gky5TRsxIT4aNax9q2yaFtOFCFqt41c1DnElXLDxKqAGZcdgb4--EXQYv14JnOTGYpJ6JExg4lYvAcaZMt80OCFa4I9RF2vch44bhKYTiIucdku-GShIB8FVvSf-UeVup54RLyeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software OXGW/16.207.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT via 1.1 google server OXGW/16.207.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFwVF0FvcN79upJZLCpGejY&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 6C87 Redirect Chain https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGZlZTE2OWEtZjJjNy0yYWQ4LWMwYTgtMTcxOWRiOWU4NDgy	170 B 188 B	64ms 63ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGZlZTE2OWEtZjJjNy0yYWQ4LWMwYTgtMTcxOWRiOWU4NDgy Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYqrKJkgEwAQ&v=APEucNXld7YVinc7k-BxXn0ir4Yw2pt-oM6HGRO0JcV-Say7PRGNur-64KaMOFWl4O0Xcf6OD0Bi3IB0teW2zLubK2Gky5TRsxIT4aNax9q2yaFtOFCFqt41c1DnElXLDxKqAGZcdgb4--EXQYv14JnOTGYpJ6JExg4lYvAcaZMt80OCFa4I9RF2vch44bhKYTiIucdku-GShIB8FVvSf-UeVup54RLyeg Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 18 May 2021 01:28:05 GMT content-encoding gzip server OXGW/16.207.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGZlZTE2OWEtZjJjNy0yYWQ4LWMwYTgtMTcxOWRiOWU4NDgy content-type image/gif alt-svc clear content-length 0 via 1.1 google
GET H2	200	um sync.teads.tv/ Frame 6C87 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm https://sync.teads.tv/um?eid=3&uid=CAESEL0vNjGkJjUAEAOeHmJ1BrA&google_cver=1	23 B 287 B	1233ms 71ms	Image image/gif	104.111.242.245 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=CAESEL0vNjGkJjUAEAOeHmJ1BrA&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYqrKJkgEwAQ&v=APEucNXld7YVinc7k-BxXn0ir4Yw2pt-oM6HGRO0JcV-Say7PRGNur-64KaMOFWl4O0Xcf6OD0Bi3IB0teW2zLubK2Gky5TRsxIT4aNax9q2yaFtOFCFqt41c1DnElXLDxKqAGZcdgb4--EXQYv14JnOTGYpJ6JExg4lYvAcaZMt80OCFa4I9RF2vch44bhKYTiIucdku-GShIB8FVvSf-UeVup54RLyeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-242-245.deploy.static.akamaitechnologies.com Software akka-http/10.2.3 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:06 GMT cache-control max-age=0, no-cache, no-store expires Tue, 18 May 2021 01:28:06 GMT server akka-http/10.2.3 content-length 23 content-type image/gif Redirect headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://sync.teads.tv/um?eid=3&uid=CAESEL0vNjGkJjUAEAOeHmJ1BrA&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 281 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 6C87 Redirect Chain https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OTUxYzNjMTctMzFhYi00NjVkLTlhMGItYTQ2MjI0YzQ3MzA1	170 B 188 B	71ms 66ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OTUxYzNjMTctMzFhYi00NjVkLTlhMGItYTQ2MjI0YzQ3MzA1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYqrKJkgEwAQ&v=APEucNXld7YVinc7k-BxXn0ir4Yw2pt-oM6HGRO0JcV-Say7PRGNur-64KaMOFWl4O0Xcf6OD0Bi3IB0teW2zLubK2Gky5TRsxIT4aNax9q2yaFtOFCFqt41c1DnElXLDxKqAGZcdgb4--EXQYv14JnOTGYpJ6JExg4lYvAcaZMt80OCFa4I9RF2vch44bhKYTiIucdku-GShIB8FVvSf-UeVup54RLyeg Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 18 May 2021 01:28:06 GMT server akka-http/10.2.3 content-type text/html; charset=UTF-8 location https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OTUxYzNjMTctMzFhYi00NjVkLTlhMGItYTQ2MjI0YzQ3MzA1 cache-control max-age=0, no-cache, no-store content-length 189 expires Tue, 18 May 2021 01:28:06 GMT
GET H3-29	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 0688	111 KB 38 KB	26ms 8ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 19:21:03 GMT content-encoding gzip x-content-type-options nosniff age 22022 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 18 May 2021 19:21:03 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/ Frame 0688	8 KB 3 KB	12ms 12ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRd1ToWT4KutZX6y9_LkFK9BZ8dt1hbmsTXdOrWaxRiFkmRPPxX7csv0wwExnqsJC6SdrzbdNOzvDU6Ex20zZo7zRra8A70i9b3h-_s8y-_VwznMNQOgQMNZAq1PnP_rH1OTCMuiwVPejYDVKlSoncVuiuyw&dbm_d=AKAmf-C3O3XCRzrK1Ta1CzwRoenFjYKWRcP9_rSAvVaj-vSaQ0CenIFtq-wtBQ_RisMJ00KxAb0pFGm3BZgrm1_WhGHw8JHI8CPY2pGt-2icWWHeWYVjXDI_CPxkbvNjL3N_-920bnTXdPT846gw2DzLQN3n3lBA-Gg3MARhafsh-CVslQ2PAwwKF6mFy50Dx1x_3SzZCXRVHBtMBMvoF8xc6ZetMdODA4Zs62IOKB7fRheslvP63gBKxxghbsexsnhLe9T_uUrUwjjWUeIJlcNu7CsUT8EDxcYQMJBOgmmftZHiT0tP6Z0tzIDUuVcSOo3jB921jcLxZMnihYaCG3wRw-ola4vI0s2m15kZ21dHINBhZdueMbSdS-9FIlPva_TnJtmDACcBJYcSqbkWTRVYgK_38Oaa2sD_9kwA7sUfj1qx33UmAk3K5_MVkVYh4ZPaL79ngFziN2W8cnb5ZrQRNRP3XtAYsPAunHIBdPCmkYfDWt5WCuO4iF7_wq67_iY8RsTQz5PYinxGDVieOSwHHBn_eEK8zgdiJGt4g87nUpOoNNDAe6kLHgFNvcwREE_FpNfuECGii9i7jVZPxc8lTW_2m_JTliGjXG3M9IM8-SnMd8if2qTWAXjxQmhEZuVCRjZyLWcigx1F4CYBqdIqualuB4OlxNngpiqT1zsjWN4h_GLbzXCWMckfvbvMD1Rxux6LefuvkBDsYA1_-sQsAzOBdlKsjRGSIooj4b7T9HNgz5lhUIuaaThnJocnKsPrh8lHMrEObdVjiJKj5hh8EG2w-gEZiRC_h_dXZPOoVLWTTsIvYEM7vNbsWhv8XU2sRyDCNdb9A1n1Zg_fx8ngJNgRCYQJ-QJTDbHvM7h_G8q_DhbYWnSnWP-BkOYJGh1JqWwR8l6zSkS49jGRQfBe3lAmJr6EqNWDh8s64tfodcYgJ0EIV5XmoqGNiN9jbFFap7LtJRe8Jrh1qvRmV20PRYVmlJcpAmDqBQynsaOTdG6sQnk3XHDKL1jkLLylQRmm7I9xCDNSD1t96oK1mNZf_MTdMuMimr0K9OCsDf13oKYfN7Q0FVQm55PAe65vDPUujxC1Ee1Zi11EF0QOXv3vXgd6zfbqLQj7R5_vZCWaUCF3kF1nNIjN59dGUCV81tizuTHukWgn71n2cDRHOpfkVMoyXFIu446ukjosE-i0qkIA0gzM_PefqyXxBa-OXtIubzzDsuNQjyV8LsXzDjtCw1vmlHtU78rr6f2akGzULhFHIFxV_OZ30UKwdY1hRbNlznmx70-er3rb6lftVOEUUtbT5M465Lkf_zULFjuV9BjHabpGH4cM1jRljHksBRFSPoT9BVLRKl_siJXbZ1mt5vS7nqT9nImB0paUGWbZ1_jxtBIoUj0icfl-m0QWMnI2MS7Ij8xPEdY68b_9jLkvF3dT4Q9vDemnwiUP8XVRHhU5DrHlx-cof5LIGWUWBF2JSaJc-CutC_J17bLg842H1L7mavWpZv7csJMs1H7pXVjKJgYpniWnKtEUYFhsKdHP7cLfQBolrrKh5Jth_kx2G2f_VO9QT2bSqQ9nUShVwA5Dk2lWu_xGo_62fNGUBrhJf46w1Ck8fY0H-VZaJew52p9Q1Shkz355HcOGoOXM-DWAbnOHPwiV2ZzT1o9VSBKaPjSsu_uAADOZmNbPN7S236dS4Fui9QyLfl5kK4o4FZwU2hIZpZiI38Vzgr5os-9hDG05fWNSpG5A7bSpfYBUgJ5yBtQwipAu7Z5twIQ_0_3QbRKl3OW878SrUU7jatGi8TDEZEE6Q50lWKjVIrNsQyreRucZPIJKf2up_gn5vXESThlTPMBp0otCZLVRJuIS8vW7fpezEoEsjeCVVZCIe2sUHlPBTEx4CpSYzKvLWDWfyIxHuApJe5qlictBp6vLJZSpDyV3HEP9RkcBotV0KCJsk62lhR6fMdEUZ-G77uNgsad2_uzitVHu8YKufqib0E4v-OaHEAxgeQkJ_7JPEB5neEDkKTK8ZtF5yLXSWlo4fT6L7gm797nn_bREIOlOHurMrq9YOWXmj3TRXlD2YcmqpzolHoePHf-6FCVGPmCNf5KEub5j_qkP1_jb2HKOAlVgt1ESCxvp0Z3VdKy5msiVN6tSWmglkaHjykGqVHNSdi6zKuKQJA5kki89V5oeuwItDZJ7Bgqe1I019Rs2rBvUk4OhwlPhGTpfFdGKwT0lJQWxB-DuUCv-eqAHbtF183jLW_VnEWvV9s3pedOmPoPlYLHEU9qT0whPww4Cah5jdt9SWI42NZtYHRo5FKQ-v9V4DCcI07YwhDAz-nRtNqd85kP5WGw2SZZMhuyKP41siQtEi5byM1lZffeUnZ1SzARz1RnxXyPxWyPVv8QPPOSV8gak9v50k6ZhIc2eTVwLfy_xQv79oO4xBBPwj-Y71pn6ortesMJOoEz_bPHdJJy_pyOXxpybgdh_dCdbcivbwqCOfAFHRKzi4JMEV9WedNlUdCZkBZzr_ci5OhSdZmonvHGeKcvVVNk73JtgUGWpDnQQGmfhlHAIocPWKykoyQqGa-MqGp7dgcS6Z94FN-1SG6lJ_g5A9twN3Md1-VYPkOj_7_40FCsZ2MkAtFSjZCFu6xmLRK7hUPai1iNcwFndJsY9UiplbRQBBP2Qg53XoJ5unBfkPLA98_UaGqKmFsC6QYYRP_Wzg-1NC7xkeSVeMAoyeHf8fEwReV7avWk3qwd9zQWLdEFm8h0SFAAEu74Y6Mg8wfg6j3nkmzLf9x5EJemH7e6DTjk_Kv9heDfmNaszxzXqVRytidiL36frUXZ_TGugc-J12fOWIa6OvWNwKQd9H4KNSnYAS9cSw_6-fG09DywlRUlkCWNtnoXJQCUKQNFLk5HRB0yjOePpvGMDOFsPDKRgb9kUF4dvPUT_--fFi3dKDytN4a6FSMahg_VuEyqVmbpozZ8EIfISzXaxtFjoXZFqQ_kTlnyEfRdL4j37nH65ZKhdr-lNcYww3QPxyPaBj26QhHgtjaU3_CLGB5LaABJNuAFlSE8m6h6soyHeOVMevvJM3V1A3XniOmPz7p59mpIY8qGc08e1rYwgA8xiudCT9Vh6jq_eEpQflEnUkgY6RFQ0B8SOYEXpvAiW501JZTWWn82e0paOu-9W9aJBOA&cid=CAASEuRoXgktIo5jNvFT5ygs48Jyvw&rfl=1%2Chttps%253A%252F%252Fwww.posthaus.com.br%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 00:40:22 GMT content-encoding gzip x-content-type-options nosniff age 2863 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Jun 2021 00:40:22 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 0688	22 KB 8 KB	20ms 6ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRd1ToWT4KutZX6y9_LkFK9BZ8dt1hbmsTXdOrWaxRiFkmRPPxX7csv0wwExnqsJC6SdrzbdNOzvDU6Ex20zZo7zRra8A70i9b3h-_s8y-_VwznMNQOgQMNZAq1PnP_rH1OTCMuiwVPejYDVKlSoncVuiuyw&dbm_d=AKAmf-C3O3XCRzrK1Ta1CzwRoenFjYKWRcP9_rSAvVaj-vSaQ0CenIFtq-wtBQ_RisMJ00KxAb0pFGm3BZgrm1_WhGHw8JHI8CPY2pGt-2icWWHeWYVjXDI_CPxkbvNjL3N_-920bnTXdPT846gw2DzLQN3n3lBA-Gg3MARhafsh-CVslQ2PAwwKF6mFy50Dx1x_3SzZCXRVHBtMBMvoF8xc6ZetMdODA4Zs62IOKB7fRheslvP63gBKxxghbsexsnhLe9T_uUrUwjjWUeIJlcNu7CsUT8EDxcYQMJBOgmmftZHiT0tP6Z0tzIDUuVcSOo3jB921jcLxZMnihYaCG3wRw-ola4vI0s2m15kZ21dHINBhZdueMbSdS-9FIlPva_TnJtmDACcBJYcSqbkWTRVYgK_38Oaa2sD_9kwA7sUfj1qx33UmAk3K5_MVkVYh4ZPaL79ngFziN2W8cnb5ZrQRNRP3XtAYsPAunHIBdPCmkYfDWt5WCuO4iF7_wq67_iY8RsTQz5PYinxGDVieOSwHHBn_eEK8zgdiJGt4g87nUpOoNNDAe6kLHgFNvcwREE_FpNfuECGii9i7jVZPxc8lTW_2m_JTliGjXG3M9IM8-SnMd8if2qTWAXjxQmhEZuVCRjZyLWcigx1F4CYBqdIqualuB4OlxNngpiqT1zsjWN4h_GLbzXCWMckfvbvMD1Rxux6LefuvkBDsYA1_-sQsAzOBdlKsjRGSIooj4b7T9HNgz5lhUIuaaThnJocnKsPrh8lHMrEObdVjiJKj5hh8EG2w-gEZiRC_h_dXZPOoVLWTTsIvYEM7vNbsWhv8XU2sRyDCNdb9A1n1Zg_fx8ngJNgRCYQJ-QJTDbHvM7h_G8q_DhbYWnSnWP-BkOYJGh1JqWwR8l6zSkS49jGRQfBe3lAmJr6EqNWDh8s64tfodcYgJ0EIV5XmoqGNiN9jbFFap7LtJRe8Jrh1qvRmV20PRYVmlJcpAmDqBQynsaOTdG6sQnk3XHDKL1jkLLylQRmm7I9xCDNSD1t96oK1mNZf_MTdMuMimr0K9OCsDf13oKYfN7Q0FVQm55PAe65vDPUujxC1Ee1Zi11EF0QOXv3vXgd6zfbqLQj7R5_vZCWaUCF3kF1nNIjN59dGUCV81tizuTHukWgn71n2cDRHOpfkVMoyXFIu446ukjosE-i0qkIA0gzM_PefqyXxBa-OXtIubzzDsuNQjyV8LsXzDjtCw1vmlHtU78rr6f2akGzULhFHIFxV_OZ30UKwdY1hRbNlznmx70-er3rb6lftVOEUUtbT5M465Lkf_zULFjuV9BjHabpGH4cM1jRljHksBRFSPoT9BVLRKl_siJXbZ1mt5vS7nqT9nImB0paUGWbZ1_jxtBIoUj0icfl-m0QWMnI2MS7Ij8xPEdY68b_9jLkvF3dT4Q9vDemnwiUP8XVRHhU5DrHlx-cof5LIGWUWBF2JSaJc-CutC_J17bLg842H1L7mavWpZv7csJMs1H7pXVjKJgYpniWnKtEUYFhsKdHP7cLfQBolrrKh5Jth_kx2G2f_VO9QT2bSqQ9nUShVwA5Dk2lWu_xGo_62fNGUBrhJf46w1Ck8fY0H-VZaJew52p9Q1Shkz355HcOGoOXM-DWAbnOHPwiV2ZzT1o9VSBKaPjSsu_uAADOZmNbPN7S236dS4Fui9QyLfl5kK4o4FZwU2hIZpZiI38Vzgr5os-9hDG05fWNSpG5A7bSpfYBUgJ5yBtQwipAu7Z5twIQ_0_3QbRKl3OW878SrUU7jatGi8TDEZEE6Q50lWKjVIrNsQyreRucZPIJKf2up_gn5vXESThlTPMBp0otCZLVRJuIS8vW7fpezEoEsjeCVVZCIe2sUHlPBTEx4CpSYzKvLWDWfyIxHuApJe5qlictBp6vLJZSpDyV3HEP9RkcBotV0KCJsk62lhR6fMdEUZ-G77uNgsad2_uzitVHu8YKufqib0E4v-OaHEAxgeQkJ_7JPEB5neEDkKTK8ZtF5yLXSWlo4fT6L7gm797nn_bREIOlOHurMrq9YOWXmj3TRXlD2YcmqpzolHoePHf-6FCVGPmCNf5KEub5j_qkP1_jb2HKOAlVgt1ESCxvp0Z3VdKy5msiVN6tSWmglkaHjykGqVHNSdi6zKuKQJA5kki89V5oeuwItDZJ7Bgqe1I019Rs2rBvUk4OhwlPhGTpfFdGKwT0lJQWxB-DuUCv-eqAHbtF183jLW_VnEWvV9s3pedOmPoPlYLHEU9qT0whPww4Cah5jdt9SWI42NZtYHRo5FKQ-v9V4DCcI07YwhDAz-nRtNqd85kP5WGw2SZZMhuyKP41siQtEi5byM1lZffeUnZ1SzARz1RnxXyPxWyPVv8QPPOSV8gak9v50k6ZhIc2eTVwLfy_xQv79oO4xBBPwj-Y71pn6ortesMJOoEz_bPHdJJy_pyOXxpybgdh_dCdbcivbwqCOfAFHRKzi4JMEV9WedNlUdCZkBZzr_ci5OhSdZmonvHGeKcvVVNk73JtgUGWpDnQQGmfhlHAIocPWKykoyQqGa-MqGp7dgcS6Z94FN-1SG6lJ_g5A9twN3Md1-VYPkOj_7_40FCsZ2MkAtFSjZCFu6xmLRK7hUPai1iNcwFndJsY9UiplbRQBBP2Qg53XoJ5unBfkPLA98_UaGqKmFsC6QYYRP_Wzg-1NC7xkeSVeMAoyeHf8fEwReV7avWk3qwd9zQWLdEFm8h0SFAAEu74Y6Mg8wfg6j3nkmzLf9x5EJemH7e6DTjk_Kv9heDfmNaszxzXqVRytidiL36frUXZ_TGugc-J12fOWIa6OvWNwKQd9H4KNSnYAS9cSw_6-fG09DywlRUlkCWNtnoXJQCUKQNFLk5HRB0yjOePpvGMDOFsPDKRgb9kUF4dvPUT_--fFi3dKDytN4a6FSMahg_VuEyqVmbpozZ8EIfISzXaxtFjoXZFqQ_kTlnyEfRdL4j37nH65ZKhdr-lNcYww3QPxyPaBj26QhHgtjaU3_CLGB5LaABJNuAFlSE8m6h6soyHeOVMevvJM3V1A3XniOmPz7p59mpIY8qGc08e1rYwgA8xiudCT9Vh6jq_eEpQflEnUkgY6RFQ0B8SOYEXpvAiW501JZTWWn82e0paOu-9W9aJBOA&cid=CAASEuRoXgktIo5jNvFT5ygs48Jyvw&rfl=1%2Chttps%253A%252F%252Fwww.posthaus.com.br%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:25:03 GMT content-encoding gzip x-content-type-options nosniff age 182 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8628 x-xss-protection 0 server cafe etag 13108869059872076478 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Jun 2021 01:25:03 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 6AC0	41 KB 15 KB	11ms 8ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 20:20:08 GMT content-encoding gzip x-content-type-options nosniff age 18477 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 17 May 2022 20:20:08 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 05C5	1 KB 749 B	8ms 7ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 17 May 2021 06:38:34 GMT expires Tue, 18 May 2021 06:38:34 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 67771 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 6AC0	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 69c51a452e41b4ee00fb21b96329d11a88a9ce252fd8c8669546e4a79b4fb419 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	index.html Show response s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/ Frame 0AFA	7 KB 3 KB	20ms 6ms	Document text/html	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 260c4fa0bb32dd09b2436f751905cdd647ede2f6eecadc2d9aa34138f6a05906 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 2693 date Mon, 17 May 2021 15:02:07 GMT expires Tue, 18 May 2021 15:02:07 GMT last-modified Wed, 16 Sep 2020 10:35:44 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 37558 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 6AC0	0 575 B	505ms 94ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssDTWlPGVT240GjO6ksgm6S3hna-FbZPfjU7xUzyIyr-2d-XDHvj8IuwrT0aTtIPIB6ba76QOlgYR95KtomRBVSPx0XP_m3kHMbjhZM7GvvbO3zYU5u59spEvYyg1f5DHrJmzao9BLX0syoqLt22xXZijoOpKRirNogNj1_8HQLLW62__o6OSdDRwl-lqHR3McGA8yor-u8GngFLNIYJmpJ789hDrlgx6x-JSkILRYeABuKuovsPJuzpVupwpYGkgc4KYAOC29hwWfJaPnU9hznQAFjx8K0-Gi-bSJnsWO8ua7k9-dMpTQZFzB-dXI9vuYhKcFPOjQdLOfGrRIiAHtml9O_L3u6btXcdkOVq96IxGuigJvTr0CRfY-T4k9WmvgKu_r4HJCDmi8ZX_SWVKy8ZO5GlfY6Zp_CBRmAsUqozQ5GU0WqGudBzV3_JbawnQ4Jd28SXWj7ETaF5RIWFk2eXdunKVlwOkmGy4pIpBHqcKeg0Uc3pUvwjt9xWXaqc259aqTtRHR0e6Mn-MZaWqO41MuyVKO17-FtjKa4idhNFazOoo_sYH6Q-DQRyWwYE4MFmB_ZBXbxhiGws9LjI5xSPxcAnhCxyuZEceoXAfEWKMLBaUBi6FO9tbdSn8tuXwKhluKudqH0Le2HYEvUKnS6Zy2PXYMLySIyxr_ncjtoqrGvAJimduScvRA9aEvPJ0FpML8bEI0qUY4L3lStcfyMyhBp2JyoewQ_6ggbgv4RNprR-qpyF3WJXJDsw_EFoEo92Mya2GYiwzRoahrwG1dttkgj-W0A6LDlzQ7PGRfKzWholKdB8KLGnK6PknV7PWw1CyUNwQCUAsB02MNbMCo7RX2Dpf7oO6Ym1DLaxk4NWhL40JbAeYG-NOhGWiu5l3rphYLQqbywwSzB41nMf-wUjOQXgJNar_3Dx0wpkdV53_lAKD0JfQQS5FaMlCrmMNvYBR_3bpDkUlipe8XnxkcbpBMNzQbHfjUkSn8QK4BG-9Xph1dk7TBidQcbjwK1USUZPpxNHZKSBeiDOt90G4m5JaAU2lwPgQe4v1BvZseme0sRCYECshwUy2Zm12XRB2qesFIcRISmRvPHNpprU6cJKsD5ZDq6cAJ2VcqAm_0-Y1GxtxkstFo4ohftzaXlqeex_uOmg9wLs_Ek&sai=AMfl-YRrensXx_iy8QfnIOqnh08sSELnQ-iG17qlc1IFqNvJIAFJ3cCIVuxmfbFZu-rPQAcTfv1Zy6XAAY1RxQ8BguckQYPd5FnwZbniF8wMp0fYaOswkgJZd6Pwho5Od7fuChYVe8vUzGxaxvT8VMg9nLGFB7-gCw&sig=Cg0ArKJSzIyWaIS5RLomEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=274&cbvp=1&cstd=267&cisv=r20210511.28779&adurl= Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Tue, 18 May 2021 01:28:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	index.html Show response s0.2mdn.net/10212278/1600249562793/ Frame 4233	6 KB 2 KB	24ms 24ms	Document text/html	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/10212278/1600249562793/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 35b84dc7de376082271b855b2228410f980624204e02cb74aec0fc1d324657b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /10212278/1600249562793/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 2308 date Mon, 17 May 2021 07:15:04 GMT expires Tue, 18 May 2021 07:15:04 GMT last-modified Wed, 16 Sep 2020 09:46:02 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 65581 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 4ADB	0 61 B	523ms 131ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4K16rkg2OegN4YKWSF1zIxx1DHC-cvuLSb0Tb3vFUDavk4pXE89aqYBb59NxGTNYhC1jbpB4lF4k1yuT6hE-EuTK3caB3zBLFvZrS7iNPFG-Q4V25f_9eSqwjEsunP-p026jzz025oEN-seHbs3w9cSPeo-2gD-i2N7sw3nQopzCeeFGb-ioWTAEWp_L2Cu2U7WiM213VOcSIgZCzWAqe8p91183FGT-Az5MS80KXPcLjnMlZG7LrbSunorelVrBCwysHXPQ12EWbskKjHG654ckmV9BwyTlaH-8UYrlKhP_gTQYUegc0cEbzYNvYAlLT9xYiHjUV8F-tALjB1jd4bGGb7M9yRlz4V_xzjL2Dm_Lb2Xec8PENXVVhGyBoYlTCEq07S2L-MIXUNSXznEeMCqYBG1jaemjo0ulpsiNxzPzd4YgEl2GJfkzvdTMvsfYoXE7KWCqzBEV9phpX5x7T288JC0d5_rF4W6Vn4bOdSLQNd7eNocCduogxvEKhB67j9SMKkGp4sFN5NCYHp_fPmacYJgp5Lttku7ibDqGR-kzD3vPFS5G7CARtL0Wu655Y2h3zLfgEJTLIp9mLc-eMSoHMgIPwyFpJZuA7wvm9Almth2YLkXBVSWbxZhiVS6-eyTNl6tnGmD-rRp-TQNcwBEhwFnFbPWjKH0SiH4yui3psKTeGhomgGOSicJaaOk8WC6S89vBEFdG4rFLtRl2WKdZddLpPIXW88uIHtzl9B1iz9zQo12htQ-ATMYdFhp8Px02vvAXy7OjVxxo_h1CA-dhaRt4RAoYgu5waN6dQiKnlHvqvW3pHKjC4KTop5ObcW7PDE4th5RUDWf_noq_GkQWX7CDVfZ9wJ0GSFovkhwBDIyQ3n44fS4VubpEC56qNpwrF-MCI9eNYBG9zdcfdyVQvcx_yTFRhKsd2AW-LO28Xihrd4T5NCJe8PHkdrCphM2hLyKCu4EMOdQZ095OpMytUnfS94PEBDCpOmIDQUjyhRYX9rEEBHOA_OkK6y-7OpfGvn37z87OL2jbINr_9wNTbk3UGpRONyY2xe7djrISzmfLwo_W7VFTB8Kny9sVsPau85wwfYixvb1_U1xxD-VMQbXgmpgeSYzuYsddyHFcLGFrUqiY_sMS32jOsGdBsashLzAxQrqT6&sai=AMfl-YQSalKZroLrAGG52Uhsj4DVbyk8l4kIX9KcGiLjlWxdsTY_RD-lFFqznIZiqaIeCeCHE97X6QM1X8VLkZFDPAmzB6sSg55qRXH3YBQZUohtE07tSsvM2EkqUoGkuNE4vtMNHMYwGVLyxvLWCK8OFVfpt2K6SA&sig=Cg0ArKJSzKMhDEAl7RmSEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=237&cbvp=1&cstd=235&cisv=r20210511.49023&adurl= Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Tue, 18 May 2021 01:28:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	sync partners.tremorhub.com/ Frame 73D3 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm https://partners.tremorhub.com/sync?UIGL=CAESELS3xn97Kx6vIwEyaLEkMYo&google_cver=1	43 B 183 B	358ms 93ms	Image image/gif	2600:1f18:612b:4264:262e:5ecd:5178:9f8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIGL=CAESELS3xn97Kx6vIwEyaLEkMYo&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYyuyblwEwAQ&v=APEucNUqJ_AEXLeInCfLaQ2LS5HYB0DN6us6DnYb-8s5y-dCnd9SiI10YeSpJsW14_pOefSWQR1lwsBynntHnmwGb3wPwYSvr4sKz6ApIjKK3sG4G0-DcFsB4gJFwtayT6YNAKPCn1vflhpGVRRfppFQzPY-VoFcfSAJyo2v51I6SO-kjtdmNtbKJA4ffl2wLqJEfSv-K5b3Sq2DUQptYjKchu-ObmGM3Q Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4264:262e:5ecd:5178:9f8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:06 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif Redirect headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://partners.tremorhub.com/sync?UIGL=CAESELS3xn97Kx6vIwEyaLEkMYo&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 283 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 73D3 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMxLydPsrZ6BjTh9h_KDlSo&google_cver=1 https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMxLydPsrZ6BjTh9h_KDlSo&google_cver=1&__user_check__=1&sync_id=4bc205f2-b778-11eb-b778-1189f5600206	43 B 548 B	109ms 52ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMxLydPsrZ6BjTh9h_KDlSo&google_cver=1&__user_check__=1&sync_id=4bc205f2-b778-11eb-b778-1189f5600206 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYyuyblwEwAQ&v=APEucNUqJ_AEXLeInCfLaQ2LS5HYB0DN6us6DnYb-8s5y-dCnd9SiI10YeSpJsW14_pOefSWQR1lwsBynntHnmwGb3wPwYSvr4sKz6ApIjKK3sG4G0-DcFsB4gJFwtayT6YNAKPCn1vflhpGVRRfppFQzPY-VoFcfSAJyo2v51I6SO-kjtdmNtbKJA4ffl2wLqJEfSv-K5b3Sq2DUQptYjKchu-ObmGM3Q Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 18 May 2021 01:28:06 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 22 Connection keep-alive Content-Length 43 Redirect headers Date Tue, 18 May 2021 01:28:05 GMT Server nginx Location /partner?adv_id=7025&uid=CAESEMxLydPsrZ6BjTh9h_KDlSo&google_cver=1&__user_check__=1&sync_id=4bc205f2-b778-11eb-b778-1189f5600206 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 99 Connection keep-alive Content-Length 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 73D3 Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i... https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGJiNDdmYTQtYjc3OC0xMWViLTljMWItMWZkNTIyZWUwNDA2	170 B 188 B	63ms 62ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGJiNDdmYTQtYjc3OC0xMWViLTljMWItMWZkNTIyZWUwNDA2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQifXSkAIYyuyblwEwAQ&v=APEucNUqJ_AEXLeInCfLaQ2LS5HYB0DN6us6DnYb-8s5y-dCnd9SiI10YeSpJsW14_pOefSWQR1lwsBynntHnmwGb3wPwYSvr4sKz6ApIjKK3sG4G0-DcFsB4gJFwtayT6YNAKPCn1vflhpGVRRfppFQzPY-VoFcfSAJyo2v51I6SO-kjtdmNtbKJA4ffl2wLqJEfSv-K5b3Sq2DUQptYjKchu-ObmGM3Q Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Tue, 18 May 2021 01:28:06 GMT Server nginx Location https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGJiNDdmYTQtYjc3OC0xMWViLTljMWItMWZkNTIyZWUwNDA2 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 81 Connection keep-alive Content-Length 0
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 4ADB	41 KB 15 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 20:20:08 GMT content-encoding gzip x-content-type-options nosniff age 18477 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 17 May 2022 20:20:08 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 7DEF	1 KB 749 B	8ms 7ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 17 May 2021 06:38:34 GMT expires Tue, 18 May 2021 06:38:34 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 67771 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 4ADB	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6e0f9591e0151f87a4da8637a9f7307b1da75c7e67cde8537278ad7e1cae29c7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 4B1F	22 KB 8 KB	11ms 7ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Mon, 17 May 2021 20:20:08 GMT expires Tue, 17 May 2022 20:20:08 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 18477 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	index.html Show response s0.2mdn.net/10212278/1606233710075/ Frame 18EA	12 KB 3 KB	11ms 7ms	Document text/html	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/10212278/1606233710075/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9763b773e94910f023aad5f47feee4f4a411eeefe6f93b797a01a59a8479350f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /10212278/1606233710075/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 3541 date Mon, 17 May 2021 16:03:22 GMT expires Tue, 18 May 2021 16:03:22 GMT last-modified Tue, 24 Nov 2020 16:01:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 33883 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 0688	0 61 B	442ms 130ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxphIOQQvcvhGTev3wlGAQDGoOA8iLCdVz9aTQkp08O9xie8GruzMTtuTIgbt8wJqw4d0oTUwVhSpkswHmQ4pnJBWXfqneMqY9oPX-HepuB6bmBNvUqdFB_apv7TWe2lv-QBu-D2jLfXe5MRkP7EZFV3ZXQ_QZ66B1J118SJ_04bSjdJahykHRPsMONkmLFC8WU3vObHIuGGUcQL1connHbm4mSC14tK3rIzRJ-nKEot8kDVYC1BR9ST5dT4LXnaRr4moikYnSz7zU5AtPV8fVS3QhbSBdJiIT7-e-RJsSLeJpfJn-gBPnp6tLbl0msLx2jP1w-ZWa7pZwYv8nQYct5AeEzL_YVW1CW4Fgw8tNOsulZIoWG07RxvLGW5UBIPnwaYo41ao3NUW7jy1RS4U8sCrfkFZk6Jsu5Ls3C-YymRPibDOV4tkxhcLuAX_XpkeJs1YaFzyeDaKZgbwZTXZuRayhzG46KEXjgGVBwHu1RrfvtsS2C2dG0uNXW9hcKnn-71Y-j-GyDSa8EE_s6sSbPYYHr2yuQ7-FnmRRtQ6QJ2khMS5dOgCg0XrlyurT4aTXVNCx8MfOaOhhcsmi48UW3TO6vJ5xNo60PC0LEjQ7NDAdoRmQxYG47mFN0j5r3zJS90WPNO09xNvNzXugVX3lKkNARqvOg2NpdCeEIitKF8Ymhobzi0TN8N491V8NUG5fJV7GaC1_hwoiaGYL2_FCcFV8R6noAGf2uw5pwjzBhPTIdJLpBMyVBg_NLq-vqe7Fc_cbxjRu9NxG79kO-cQw_M2Q_q8ojb9kSksCDlGu8pr0G5pa2hAiWpjRjE3LSsI0LjLB3B9rAYQzVzYfCHrS51K4bNRbxehZNLn6BEnvc3nGwfrOsiWdQiqKKmYQlA-li8V4ws794jF6AoCG_DDaAa9gf7IoJJCotZrPcqaUahd_kHuYgEr7zAQ74KgUMYYhlMPbiYCC-9fYloFZJ0duvaU2Fk_KI5mjIP1ubnSyza_VKCdJ8gTHScGDg8Zem6OA2Y79fiPA8xCHr8EAU4GP_46Fvsak02bjlqq0qYMbva6t-1jr6Z4HqMQ-S_PwrWccV-V4YvFy1ntaWd4tv8hBNCfLBarGBSuA-eecuNG6Tm4rl2Jtv8iCnLj3JoXlCpZ_GGPSwFPd7_Md&sai=AMfl-YS5_8GMbu3gx0Ame-xEsIYHF0HSeQ4TSZ3rxk1vNVwrpOCkWKmwIMISwILpgdYTuycMtlnCkxk0WDyCaMVtRdDDDeyDeXkFuLqJ1JXBIViHfpPyaTDmP4yoDkeHzkAl4dzy4VGZJ5MpXBkIyBZlLb_9FCaLRg&sig=Cg0ArKJSzOEPuArwSGh3EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=243&cbvp=1&cstd=240&cisv=r20210511.58296&adurl= Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Tue, 18 May 2021 01:28:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 0688	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 20:20:08 GMT content-encoding gzip x-content-type-options nosniff age 18477 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 17 May 2022 20:20:08 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 3AEE	1 KB 749 B	6ms 6ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 17 May 2021 06:38:34 GMT expires Tue, 18 May 2021 06:38:34 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 67771 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 0688	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 30f6125fff8f215f1e9dd391b2c672e3783cd595931232da5291c7f1657c2ee2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 4950	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Mon, 17 May 2021 20:20:08 GMT expires Tue, 17 May 2022 20:20:08 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 18477 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 05C5 Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESELSVFSWX7gPC_uxC5tSfsMs&google_cver=1&google_push=AQvitULDAnqVDgQzgJOnleirT66ObLTmfTs-q0WHutxN9GbIRL81aBzJZLRzB9EXnU3vMdQhrY0DQWih_EnyuVaAGxr1AtsYCJhX https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA1OTQ4Mzc5NTkyMTU1NDIyNw== https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELSVFSWX7gPC_uxC5tSfsMs&google_cver=1	43 B 407 B	20ms 13ms	Image image/gif	2001:678:cb4:bbbb::11 TURN
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELSVFSWX7gPC_uxC5tSfsMs&google_cver=1 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-type image/gif content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELSVFSWX7gPC_uxC5tSfsMs&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 301 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame 05C5	70 B 265 B	444ms 66ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEN4dc3vAZ9i0Y_C-eomm11Q&google_cver=1&google_push=AQvitUIbs6ZmdSaTsfPq1ilhuoBJx9VwXPFGcm_xSdtr-CSJAwPceo7RcO49MU5SrLZTp60KS9TclUoDRM7K9hERmw-ylWTIiwSj Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:06 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET		pixel cm.g.doubleclick.net/ Frame 05C5 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHIyVMXjvRTWp_qzh373KqM&google_cver=1&google_push=AQvitUJBcWPWLxX5xVWRVquZPNr0pvUW7CY8n7GQlTWwxvOORG9WraenSe7KwSYG47ZNWmfifk-pV6RQAsakUY... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2MzQzNjA2NDc1OTQxMjg4Ng%3D%3D&google_push=AQvitUJBcWPWLxX5xVWRVquZPNr0pvUW7CY8n7GQlTWwxvOORG9WraenSe7KwSYG47ZNWmfifk-pV6RQAsakUYj1fU...	0 0
GET		match um.wbtrk.net/doubleclick/user/ Frame 05C5	0 0
GET H3-29	200	dot.gif s0.2mdn.net/ Frame 05C5	43 B 63 B	16ms 13ms	Image image/gif	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESEEkC8ZUl3_hv2v8U9aUHBGI&google_cver=1&google_push=AQvitUIwOCxnxn1bjFs7vV33WpjzeBPbRk3-fPmTLf_yIGEsxalXZVkyzFfkm7QGSFewKBtQa1uAofkB7QJxx4BKVV1zkpk_Pm-q Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 expires Wed, 19 May 2021 01:28:05 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 05C5 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDzT9bMJDWkYO4waBFK7geo&google_cver=1&google_push=AQvitUIaGtM9LYN8tz2vsJUKeFQhl76E8HzEq9u_22lFIZbXIF-cYq1mvtaFuionm5gepZdHJlJ... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09UQ1hEOEctMjUtSUtMNQ==&google_push=AQvitUIaGtM9LYN8tz2vsJUKeFQhl76E8HzEq9u_22lFIZbXIF-cYq1mvtaFuionm5gepZdHJlJpNigKPeN4WCBkmJWNNb8lRvOp	170 B 188 B	64ms 64ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09UQ1hEOEctMjUtSUtMNQ==&google_push=AQvitUIaGtM9LYN8tz2vsJUKeFQhl76E8HzEq9u_22lFIZbXIF-cYq1mvtaFuionm5gepZdHJlJpNigKPeN4WCBkmJWNNb8lRvOp Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09UQ1hEOEctMjUtSUtMNQ==&google_push=AQvitUIaGtM9LYN8tz2vsJUKeFQhl76E8HzEq9u_22lFIZbXIF-cYq1mvtaFuionm5gepZdHJlJpNigKPeN4WCBkmJWNNb8lRvOp Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Expires 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 05C5 Redirect Chain https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC6N7SSK-SgMXcZgI9rOT5s&google_cver=1&google_push=AQvitUJhs0g2Dw-p8OaICx5Q_SkFE7uunO6P3sx8KL4sXW-bRwCh4f-F8jZDoE7WGuxZjacTYHIfIEREtPA_YOP1... https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=b5c78cfb6369fb53469a&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUJhs0g2Dw-p8OaICx5Q_SkFE7uunO6P...	170 B 188 B	63ms 62ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=b5c78cfb6369fb53469a&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUJhs0g2Dw-p8OaICx5Q_SkFE7uunO6P3sx8KL4sXW-bRwCh4f-F8jZDoE7WGuxZjacTYHIfIEREtPA_YOP1uYj6afOjyvs Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:07 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 18 May 2021 01:28:07 GMT via 1.1 747e99d9d8c5e29fdc713cf866bc3f83.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA56-C2 x-cache Miss from cloudfront p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=b5c78cfb6369fb53469a&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUJhs0g2Dw-p8OaICx5Q_SkFE7uunO6P3sx8KL4sXW-bRwCh4f-F8jZDoE7WGuxZjacTYHIfIEREtPA_YOP1uYj6afOjyvs cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id yHDvYTGseBUnLgzfqRk1auhlWaTut4ZTPwqaXmxImpyPPFPqOO6a9A==
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame 05C5	0 12 B	65ms 61ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbhYoU8Zz7ZxcY27BTYRL_RO1Y26iwtLVs23iTCjnQBAhCdyO01qQ5rSYrKepxFamaFDh9 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT server HTTP server (unknown) alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	createjs-2015.11.26.min.js Show response code.createjs.com/ Frame 0AFA	186 KB 48 KB	46ms 20ms	Script text/javascript	2a02:26f0:120::211:793a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://code.createjs.com/createjs-2015.11.26.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:120::211:793a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT content-encoding gzip server Apache cache-control max-age=900 vary Accept-Encoding content-type text/javascript x-n S accept-ranges bytes expires Tue, 18 May 2021 01:43:05 GMT
GET H3-29	200	300x250.js Show response s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/ Frame 0AFA	108 KB 22 KB	10ms 6ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/300x250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 23dab72f8b494908d8aed12f0462c7621b658033b29051a15857faeceb65ed63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 16:43:25 GMT content-encoding gzip x-content-type-options nosniff age 31480 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22934 x-xss-protection 0 last-modified Wed, 16 Sep 2020 10:35:44 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Tue, 18 May 2021 16:43:25 GMT
GET H2	200	createjs-2015.11.26.min.js Show response code.createjs.com/ Frame 4233	186 KB 48 KB	42ms 17ms	Script text/javascript	2a02:26f0:120::211:793a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://code.createjs.com/createjs-2015.11.26.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/10212278/1600249562793/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:120::211:793a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT content-encoding gzip server Apache cache-control max-age=900 vary Accept-Encoding content-type text/javascript x-n S accept-ranges bytes expires Tue, 18 May 2021 01:43:05 GMT
GET H3-29	200	300x250.js Show response s0.2mdn.net/10212278/1600249562793/ Frame 4233	43 KB 8 KB	11ms 8ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/10212278/1600249562793/300x250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/10212278/1600249562793/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4ccb4f50c44afb2f03ea8e036c362286c220a02c4a6eda0dcda6c03a897b902e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 15:16:24 GMT content-encoding gzip x-content-type-options nosniff age 36701 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8256 x-xss-protection 0 last-modified Wed, 16 Sep 2020 09:46:03 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Tue, 18 May 2021 15:16:24 GMT
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame A61F	22 KB 8 KB	7ms 7ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Mon, 17 May 2021 20:20:08 GMT expires Tue, 17 May 2022 20:20:08 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 18477 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	createjs-2015.11.26.min.js Show response code.createjs.com/ Frame 18EA	186 KB 48 KB	24ms 24ms	Script text/javascript	2a02:26f0:120::211:793a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://code.createjs.com/createjs-2015.11.26.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/10212278/1606233710075/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:120::211:793a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT content-encoding gzip server Apache cache-control max-age=900 vary Accept-Encoding content-type text/javascript x-n S accept-ranges bytes expires Tue, 18 May 2021 01:43:05 GMT
GET H3-29	200	300x250.js Show response s0.2mdn.net/10212278/1606233710075/ Frame 18EA	27 KB 5 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/10212278/1606233710075/300x250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/10212278/1606233710075/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8d7e89fa86200c4f0d21bba9c53a541b4b2899a877ffcd99b23910d0c1594578 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1606233710075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 16:03:22 GMT content-encoding gzip x-content-type-options nosniff age 33883 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5448 x-xss-protection 0 last-modified Tue, 24 Nov 2020 16:01:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Tue, 18 May 2021 16:03:22 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7DEF Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEObCvxB3fW9-wdsQtmUUtgs&google_cver=1&google_push=AQvitUIXOXd5XvGBMtg49BNgSsm2HFFfJ7jESL1gAy5BSNNCjvBiRqOmn63Suml-1EFBdAGqC9OiqNG9zVHF7JIi... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIXOXd5XvGBMtg49BNgSsm2HFFfJ7jESL1gAy5BSNNCjvBiRqOmn63Suml-1EFBdAGqC9OiqNG9zVHF7JIimKjXhlNDpbrHHg	170 B 188 B	63ms 62ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIXOXd5XvGBMtg49BNgSsm2HFFfJ7jESL1gAy5BSNNCjvBiRqOmn63Suml-1EFBdAGqC9OiqNG9zVHF7JIimKjXhlNDpbrHHg Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Tue, 18 May 2021 01:28:12 GMT Server MT3 3736 915c305 master zrh-pixel-x26 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIXOXd5XvGBMtg49BNgSsm2HFFfJ7jESL1gAy5BSNNCjvBiRqOmn63Suml-1EFBdAGqC9OiqNG9zVHF7JIimKjXhlNDpbrHHg Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 18 May 2021 01:28:11 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7DEF Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEMWtzk61sKX78gfrHRXsFfc&google_cver=1&google_push=AQvitUIQjJAPAmJwU7_Zomctl8emrTZfVwrNzhBBp1B8PoAoBIww_ufqcPmEms4BGy_20b0M1mTi_yJhlfrsLN00... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=l4qjLMLsTLezqPmdON5IIw2&google_push=AQvitUIQjJAPAmJwU7_Zomctl8emrTZfVwrNzhBBp1B8PoAoBIww_ufqcPmEms4BGy_20b0M1mTi_yJhlfrsLN00_mQIkhsk5ecvxQ https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=l4qjLMLsTLezqPmdON5IIw2&google_push=AQvitUIQjJAPAmJwU7_Zomctl8emrTZfVwrNzhBBp1B8PoAoBIww_ufqcPmEms4BGy_20b0M1mTi_yJhlfrsLN00_mQIkhsk5ecvxQ...	170 B 188 B	65ms 65ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=l4qjLMLsTLezqPmdON5IIw2&google_push=AQvitUIQjJAPAmJwU7_Zomctl8emrTZfVwrNzhBBp1B8PoAoBIww_ufqcPmEms4BGy_20b0M1mTi_yJhlfrsLN00_mQIkhsk5ecvxQ&google_tc= Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:13 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 18 May 2021 01:28:13 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=l4qjLMLsTLezqPmdON5IIw2&google_push=AQvitUIQjJAPAmJwU7_Zomctl8emrTZfVwrNzhBBp1B8PoAoBIww_ufqcPmEms4BGy_20b0M1mTi_yJhlfrsLN00_mQIkhsk5ecvxQ&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 417 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		match um.wbtrk.net/doubleclick/user/ Frame 7DEF	0 0
GET		google;c d5p.de17a.com/cookies/ Frame 7DEF Redirect Chain https://d5p.de17a.com/cookies/google?google_gid=CAESENrTLbtpsXNjfqUnRGDzPlw&google_cver=1&google_push=AQvitUKZhNv9Xxeh_w84lMF-efIVT7QDp_NVcZk_wu3H9oKY8cNQ3Vy5SomRnxzq6hRdU5lBDziZP23iyTmYEKqS51VhDcA... https://d5p.de17a.com/cookies/google;c?google_gid=CAESENrTLbtpsXNjfqUnRGDzPlw&google_cver=1&google_push=AQvitUKZhNv9Xxeh_w84lMF-efIVT7QDp_NVcZk_wu3H9oKY8cNQ3Vy5SomRnxzq6hRdU5lBDziZP23iyTmYEKqS51VhD...	0 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7DEF Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESECDcfkIiHFNz1bSPmzBl--o&google_cver=1&google_push=AQvitUJRilMUmSEw-keP4zYYdJMu0xdI5Xa3GFu_FKG9qZlJUWbWUOmcjZFfrS9PXgFRHwtTtojMsqHo4kCeRSnN67oRV-7WuKk4lg https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJRilMUmSEw-keP4zYYdJMu0xdI5Xa3GFu_FKG9qZlJUWbWUOmcjZFfrS9PXgFRHwtTtojMsqHo4kCeRSnN67oRV-7WuKk4lg&google_hm=LNdPbJI2zVIzPAEXwmVwWA==	170 B 188 B	64ms 63ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJRilMUmSEw-keP4zYYdJMu0xdI5Xa3GFu_FKG9qZlJUWbWUOmcjZFfrS9PXgFRHwtTtojMsqHo4kCeRSnN67oRV-7WuKk4lg&google_hm=LNdPbJI2zVIzPAEXwmVwWA== Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:08 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 18 May 2021 01:28:07 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJRilMUmSEw-keP4zYYdJMu0xdI5Xa3GFu_FKG9qZlJUWbWUOmcjZFfrS9PXgFRHwtTtojMsqHo4kCeRSnN67oRV-7WuKk4lg&google_hm=LNdPbJI2zVIzPAEXwmVwWA== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id l4f49b16qrqmlg0tbjchva2r8lkl5bm1
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7DEF Redirect Chain https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC6N7SSK-SgMXcZgI9rOT5s&google_cver=1&google_push=AQvitUJZMZeXYdfqHrzaN64wlUFKkcvNsGpcREf7nbpAp-0mqX9v9krR945Jn_BaCHJgY8pL8YObpOXPFmO_1ZuM... https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=94de4fb1733bf547cbeb&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUJZMZeXYdfqHrzaN64wlUFKkcvNsGpc...	170 B 188 B	64ms 63ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=94de4fb1733bf547cbeb&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUJZMZeXYdfqHrzaN64wlUFKkcvNsGpcREf7nbpAp-0mqX9v9krR945Jn_BaCHJgY8pL8YObpOXPFmO_1ZuM54o5ktzkzKk2Tw Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:07 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 18 May 2021 01:28:07 GMT via 1.1 747e99d9d8c5e29fdc713cf866bc3f83.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA56-C2 x-cache Miss from cloudfront p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=94de4fb1733bf547cbeb&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUJZMZeXYdfqHrzaN64wlUFKkcvNsGpcREf7nbpAp-0mqX9v9krR945Jn_BaCHJgY8pL8YObpOXPFmO_1ZuM54o5ktzkzKk2Tw cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id gqMrFeoaH7EIoITdixHj2hMRtXWvQ_Tn1JGG0-YmwzEtVUaNnc3nkA==
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7DEF Redirect Chain https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBFPWQWp1wfzxF_7q9XgrY0&google_cver=1&google_push=AQvitUKFhDrevQhlYPKDw9etsGfOndQ_PPQSwsu7ljaqgy9UIUvNueCWYEw7OhAjAaClHfVd8mhKyE... https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUKFhDrevQhlYPKDw9etsGfOndQ_PPQSwsu7ljaqgy9UIUvNueCWYEw7OhAjAaClHfVd8mhKyEYT40dOtYFocQ8J5p1zRIg5hw&google_hm=Mjg2NDkz...	170 B 188 B	64ms 64ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUKFhDrevQhlYPKDw9etsGfOndQ_PPQSwsu7ljaqgy9UIUvNueCWYEw7OhAjAaClHfVd8mhKyEYT40dOtYFocQ8J5p1zRIg5hw&google_hm=Mjg2NDkzMTY0OTc4MjM5NzEzNQ%3D%3D Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:07 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUKFhDrevQhlYPKDw9etsGfOndQ_PPQSwsu7ljaqgy9UIUvNueCWYEw7OhAjAaClHfVd8mhKyEYT40dOtYFocQ8J5p1zRIg5hw&google_hm=Mjg2NDkzMTY0OTc4MjM5NzEzNQ%3D%3D date Tue, 18 May 2021 01:28:06 GMT content-length 0
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame 7DEF	0 12 B	63ms 62ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KRys4MS9in-k53z9Vil9aOz-eHzy6BZC0eWkmQyxRBlLoyR22z59srhkmihixNDeILuhJl Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT server HTTP server (unknown) alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	dpixel cms.quantserve.com/ Frame 3AEE	35 B 463 B	36ms 8ms	Image image/gif	2620:116:800d:21:36a9:ecb:e518:b308 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDx9mwYsYqgc-lnEdJSPqRY&google_cver=1&google_push=AQvitUKPBc2_O_ec-29H2p5z21IKv1loAoM46cfTyDBi7H9lOV1Wy1I-QzP7Mr2-c2942qDZStfjWLuAwwRlujtz4HgQ6ItIuQh3dg Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:05 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET		pixel cm.g.doubleclick.net/ Frame 3AEE Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHznaBi6qO2EN4bA2NjwjXw&google_push=AQvitUI-u4yxSmM4b8n1VQhzp256cNBgdCKRTz_Of99pl1EYu6Osg4Jpzw...	0 0
GET H3-29	200	dot.gif s0.2mdn.net/ Frame 3AEE	43 B 63 B	22ms 16ms	Image image/gif	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESEEkC8ZUl3_hv2v8U9aUHBGI&google_cver=1&google_push=AQvitUK1OiWgoYZwHxrKgvkme-w7gtTe4kMD4oUSEf7M57b83SBbCWKLJqO1h0zmXYoA2VQkGdk5ukyZb3e97xAG8Ip8qu89dR2W Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 expires Wed, 19 May 2021 01:28:05 GMT
GET		/ c1.adform.net/serving/cookie/match/ Frame 3AEE Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGGOWx0upV0eKFx5tIzfLLg&google_cver=1&google_push=AQvitUIg1lUwHA-De5RFfaj3KQqy1iksQ2D76opEd3NdQL_nnkCn7aov54c8iJcxZWLLe6fTpBoUk7gL... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGGOWx0upV0eKFx5tIzfLLg&google_cver=1&google_push=AQvitUIg1lUwHA-De5RFfaj3KQqy1iksQ2D76opEd3NdQL_nnkCn7aov54c8iJcxZWLLe6fTpBo...	0 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 3AEE Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESECDcfkIiHFNz1bSPmzBl--o&google_cver=1&google_push=AQvitUKJmDbcaXyA8Lk0zPHVHcMYEFlmGIEiH0E-74uBiEy5V0R75Jquc3ry6hFaj6xHXD2yxpWGAYQHfQR1GqT51eyXPDgLq7dmRA https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKJmDbcaXyA8Lk0zPHVHcMYEFlmGIEiH0E-74uBiEy5V0R75Jquc3ry6hFaj6xHXD2yxpWGAYQHfQR1GqT51eyXPDgLq7dmRA&google_hm=LNdPbJI2zVIzPAEXwmVwWA==	170 B 188 B	62ms 62ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKJmDbcaXyA8Lk0zPHVHcMYEFlmGIEiH0E-74uBiEy5V0R75Jquc3ry6hFaj6xHXD2yxpWGAYQHfQR1GqT51eyXPDgLq7dmRA&google_hm=LNdPbJI2zVIzPAEXwmVwWA== Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:08 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 18 May 2021 01:28:08 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKJmDbcaXyA8Lk0zPHVHcMYEFlmGIEiH0E-74uBiEy5V0R75Jquc3ry6hFaj6xHXD2yxpWGAYQHfQR1GqT51eyXPDgLq7dmRA&google_hm=LNdPbJI2zVIzPAEXwmVwWA== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id bms5k61rfaiv9363rsq0lpvkknc310kf
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 3AEE Redirect Chain https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJQplZhv1vS7bkDy0dcWrK8&google_cver=1&google_push=AQvitULe5QcxN-yzEXUiZtJsB0O2R_xyi0wJikCYRDZZyRtF-wmvTbv9OZJYfLSMtyrrMpBNAzSwMdqApAdlJDI_c... https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJQplZhv1vS7bkDy0dcWrK8&google_cver=1&google_push=AQvitULe5QcxN-yzEXUiZtJsB0O2R_xyi0wJikCYRDZZyRtF-wmvTbv9OZJYfLSMtyrrMpBNAzSwMdqApAdlJDI_c... https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULe5QcxN-yzEXUiZtJsB0O2R_xyi0wJikCYRDZZyRtF-wmvTbv9OZJYfLSMtyrrMpBNAzSwMdqApAdlJDI_cfI39Lr4G2Xb&google_hm=4034cf027474dffd654eaf8d https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULe5QcxN-yzEXUiZtJsB0O2R_xyi0wJikCYRDZZyRtF-wmvTbv9OZJYfLSMtyrrMpBNAzSwMdqApAdlJDI_cfI39Lr4G2Xb&google_hm=4034cf027474dffd654eaf...	170 B 188 B	65ms 64ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULe5QcxN-yzEXUiZtJsB0O2R_xyi0wJikCYRDZZyRtF-wmvTbv9OZJYfLSMtyrrMpBNAzSwMdqApAdlJDI_cfI39Lr4G2Xb&google_hm=4034cf027474dffd654eaf8d&google_tc= Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:13 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 18 May 2021 01:28:13 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULe5QcxN-yzEXUiZtJsB0O2R_xyi0wJikCYRDZZyRtF-wmvTbv9OZJYfLSMtyrrMpBNAzSwMdqApAdlJDI_cfI39Lr4G2Xb&google_hm=4034cf027474dffd654eaf8d&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 419 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 3AEE Redirect Chain https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEf1k9J2tMcHTpZL5Mwf4Eo&google_cver=1&google_push=AQvitULwr3Ycf4F6l4sZNtEizIKYgZpii4Y5Lc4tqIsFb3fcJiC6X97d... https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEf1k9J2tMcHTpZL5Mwf4Eo&google_cver=1&google_push=AQvitULwr3Ycf4F6l4sZNtEizIKYgZpii4Y5Lc4tqIsFb3fcJiC6X97d... https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEf1k9J2tMcHTpZL5Mwf4Eo&google_cver=1&google_push=AQvitULwr3Ycf4F6l4sZNtEizIKYgZpii4Y5Lc4tqIsFb3fcJiC6X9... https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEf1k9J2tMcHTpZL5Mwf4Eo&google_cver=1&google_push=AQvitULwr3Ycf4F6l4sZNtEizIKYgZpii4Y5Lc4tqIsFb3fcJiC6X9... https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0YzYzYTg0OC1iNzc4LTExZWItYmU2OC0wMjk3ZjE4ZDdhOWE%3D&google_push=AQvitULwr3Ycf4F6l4sZNtEizIKYgZpii4Y5Lc4tqIsFb3fcJiC6X97dv8PitFw3L4...	170 B 188 B	64ms 63ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0YzYzYTg0OC1iNzc4LTExZWItYmU2OC0wMjk3ZjE4ZDdhOWE%3D&google_push=AQvitULwr3Ycf4F6l4sZNtEizIKYgZpii4Y5Lc4tqIsFb3fcJiC6X97dv8PitFw3L4lfScvb71B4SBzX1cZSABwgAux1Vb3JJnxLPbM Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:08 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Tue, 18 May 2021 01:28:08 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0YzYzYTg0OC1iNzc4LTExZWItYmU2OC0wMjk3ZjE4ZDdhOWE%3D&google_push=AQvitULwr3Ycf4F6l4sZNtEizIKYgZpii4Y5Lc4tqIsFb3fcJiC6X97dv8PitFw3L4lfScvb71B4SBzX1cZSABwgAux1Vb3JJnxLPbM Connection keep-alive Content-Length 0
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame 3AEE	0 12 B	65ms 61ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5nBMM5ig6_mnbHoMNVs0ycSpk0S4woCA-KkZ_5sgEbyk1VGACYxCcA76QlKv_O9xsYkRIRA Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:05 GMT server HTTP server (unknown) alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Show response pagead2.googlesyndication.com/bg/ Frame 4B1F	14 KB 6 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 14:53:17 GMT content-encoding br x-content-type-options nosniff last-modified Thu, 06 May 2021 09:28:00 GMT server sffe age 38088 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5636 x-xss-protection 0 expires Tue, 17 May 2022 14:53:17 GMT
GET H3-29	200	bg.jpg s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	13 KB 13 KB	10ms 9ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/bg.jpg?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b4e9369c2b7d5756886118ea48e59d544e7302feeab1cc6edd7d107ad3373f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:27:35 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:03 GMT server sffe age 50430 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13323 x-xss-protection 0 expires Tue, 18 May 2021 11:27:35 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 4ADB	0 60 B	283ms 121ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4K16rkg2OegN4YKWSF1zIxx1DHC-cvuLSb0Tb3vFUDavk4pXE89aqYBb59NxGTNYhC1jbpB4lF4k1yuT6hE-EuTK3caB3zBLFvZrS7iNPFG-Q4V25f_9eSqwjEsunP-p026jzz025oEN-seHbs3w9cSPeo-2gD-i2N7sw3nQopzCeeFGb-ioWTAEWp_L2Cu2U7WiM213VOcSIgZCzWAqe8p91183FGT-Az5MS80KXPcLjnMlZG7LrbSunorelVrBCwysHXPQ12EWbskKjHG654ckmV9BwyTlaH-8UYrlKhP_gTQYUegc0cEbzYNvYAlLT9xYiHjUV8F-tALjB1jd4bGGb7M9yRlz4V_xzjL2Dm_Lb2Xec8PENXVVhGyBoYlTCEq07S2L-MIXUNSXznEeMCqYBG1jaemjo0ulpsiNxzPzd4YgEl2GJfkzvdTMvsfYoXE7KWCqzBEV9phpX5x7T288JC0d5_rF4W6Vn4bOdSLQNd7eNocCduogxvEKhB67j9SMKkGp4sFN5NCYHp_fPmacYJgp5Lttku7ibDqGR-kzD3vPFS5G7CARtL0Wu655Y2h3zLfgEJTLIp9mLc-eMSoHMgIPwyFpJZuA7wvm9Almth2YLkXBVSWbxZhiVS6-eyTNl6tnGmD-rRp-TQNcwBEhwFnFbPWjKH0SiH4yui3psKTeGhomgGOSicJaaOk8WC6S89vBEFdG4rFLtRl2WKdZddLpPIXW88uIHtzl9B1iz9zQo12htQ-ATMYdFhp8Px02vvAXy7OjVxxo_h1CA-dhaRt4RAoYgu5waN6dQiKnlHvqvW3pHKjC4KTop5ObcW7PDE4th5RUDWf_noq_GkQWX7CDVfZ9wJ0GSFovkhwBDIyQ3n44fS4VubpEC56qNpwrF-MCI9eNYBG9zdcfdyVQvcx_yTFRhKsd2AW-LO28Xihrd4T5NCJe8PHkdrCphM2hLyKCu4EMOdQZ095OpMytUnfS94PEBDCpOmIDQUjyhRYX9rEEBHOA_OkK6y-7OpfGvn37z87OL2jbINr_9wNTbk3UGpRONyY2xe7djrISzmfLwo_W7VFTB8Kny9sVsPau85wwfYixvb1_U1xxD-VMQbXgmpgeSYzuYsddyHFcLGFrUqiY_sMS32jOsGdBsashLzAxQrqT6&sai=AMfl-YQSalKZroLrAGG52Uhsj4DVbyk8l4kIX9KcGiLjlWxdsTY_RD-lFFqznIZiqaIeCeCHE97X6QM1X8VLkZFDPAmzB6sSg55qRXH3YBQZUohtE07tSsvM2EkqUoGkuNE4vtMNHMYwGVLyxvLWCK8OFVfpt2K6SA&sig=Cg0ArKJSzKMhDEAl7RmSEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=468&vt=11&dtpt=231&dett=3&cstd=235&cisv=r20210511.49023&adurl= Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 18 May 2021 01:28:06 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Show response pagead2.googlesyndication.com/bg/ Frame 4950	14 KB 6 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 14:53:17 GMT content-encoding br x-content-type-options nosniff last-modified Thu, 06 May 2021 09:28:00 GMT server sffe age 38088 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5636 x-xss-protection 0 expires Tue, 17 May 2022 14:53:17 GMT
GET H3-29	200	bg2.jpg s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/ Frame 0AFA	30 KB 30 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/bg2.jpg Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 26ac3f6f49fa9327310ea37c924bd47b9efd7a599fc7bf74bb644c25daca6581 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:16:47 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 10:35:44 GMT server sffe age 54678 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31137 x-xss-protection 0 expires Tue, 18 May 2021 10:16:47 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 6AC0	0 60 B	270ms 121ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssDTWlPGVT240GjO6ksgm6S3hna-FbZPfjU7xUzyIyr-2d-XDHvj8IuwrT0aTtIPIB6ba76QOlgYR95KtomRBVSPx0XP_m3kHMbjhZM7GvvbO3zYU5u59spEvYyg1f5DHrJmzao9BLX0syoqLt22xXZijoOpKRirNogNj1_8HQLLW62__o6OSdDRwl-lqHR3McGA8yor-u8GngFLNIYJmpJ789hDrlgx6x-JSkILRYeABuKuovsPJuzpVupwpYGkgc4KYAOC29hwWfJaPnU9hznQAFjx8K0-Gi-bSJnsWO8ua7k9-dMpTQZFzB-dXI9vuYhKcFPOjQdLOfGrRIiAHtml9O_L3u6btXcdkOVq96IxGuigJvTr0CRfY-T4k9WmvgKu_r4HJCDmi8ZX_SWVKy8ZO5GlfY6Zp_CBRmAsUqozQ5GU0WqGudBzV3_JbawnQ4Jd28SXWj7ETaF5RIWFk2eXdunKVlwOkmGy4pIpBHqcKeg0Uc3pUvwjt9xWXaqc259aqTtRHR0e6Mn-MZaWqO41MuyVKO17-FtjKa4idhNFazOoo_sYH6Q-DQRyWwYE4MFmB_ZBXbxhiGws9LjI5xSPxcAnhCxyuZEceoXAfEWKMLBaUBi6FO9tbdSn8tuXwKhluKudqH0Le2HYEvUKnS6Zy2PXYMLySIyxr_ncjtoqrGvAJimduScvRA9aEvPJ0FpML8bEI0qUY4L3lStcfyMyhBp2JyoewQ_6ggbgv4RNprR-qpyF3WJXJDsw_EFoEo92Mya2GYiwzRoahrwG1dttkgj-W0A6LDlzQ7PGRfKzWholKdB8KLGnK6PknV7PWw1CyUNwQCUAsB02MNbMCo7RX2Dpf7oO6Ym1DLaxk4NWhL40JbAeYG-NOhGWiu5l3rphYLQqbywwSzB41nMf-wUjOQXgJNar_3Dx0wpkdV53_lAKD0JfQQS5FaMlCrmMNvYBR_3bpDkUlipe8XnxkcbpBMNzQbHfjUkSn8QK4BG-9Xph1dk7TBidQcbjwK1USUZPpxNHZKSBeiDOt90G4m5JaAU2lwPgQe4v1BvZseme0sRCYECshwUy2Zm12XRB2qesFIcRISmRvPHNpprU6cJKsD5ZDq6cAJ2VcqAm_0-Y1GxtxkstFo4ohftzaXlqeex_uOmg9wLs_Ek&sai=AMfl-YRrensXx_iy8QfnIOqnh08sSELnQ-iG17qlc1IFqNvJIAFJ3cCIVuxmfbFZu-rPQAcTfv1Zy6XAAY1RxQ8BguckQYPd5FnwZbniF8wMp0fYaOswkgJZd6Pwho5Od7fuChYVe8vUzGxaxvT8VMg9nLGFB7-gCw&sig=Cg0ArKJSzIyWaIS5RLomEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=540&vt=11&dtpt=266&dett=3&cstd=267&cisv=r20210511.28779&adurl= Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 18 May 2021 01:28:06 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Show response pagead2.googlesyndication.com/bg/ Frame A61F	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 14:53:17 GMT content-encoding br x-content-type-options nosniff last-modified Thu, 06 May 2021 09:28:00 GMT server sffe age 38088 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5636 x-xss-protection 0 expires Tue, 17 May 2022 14:53:17 GMT
GET H2	206	HS_COMPETITIVE_PILLAR_300x250_ONE.mp4 blzadeu-a.akamaihd.net/banners/hs/ Frame 18EA	98 KB 0	337ms 199ms	Media video/mp4	2.17.121.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://blzadeu-a.akamaihd.net/banners/hs/HS_COMPETITIVE_PILLAR_300x250_ONE.mp4 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/10212278/1606233710075/index.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.17.121.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash Request headers Referer https://s0.2mdn.net/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers date Tue, 18 May 2021 01:28:06 GMT last-modified Wed, 14 Oct 2020 14:53:28 GMT server AkamaiNetStorage etag "22dda98c7c7ee075fdf20203514b6b6f:1602687208.132739" content-type video/mp4 Content-Range bytes 0-1084635/1084636 accept-ranges bytes Content-Length 1084636
GET H3-29	200	carte_1.png s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	4 KB 4 KB	7ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/carte_1.png?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 73c8c32fe8127f68c5723f42b84f15b4b5b5816ae90ef33e33fb4d10b6049074 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:27:36 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:03 GMT server sffe age 50429 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4424 x-xss-protection 0 expires Tue, 18 May 2021 11:27:36 GMT
GET H3-29	200	BTN.png s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/ Frame 0AFA	2 KB 2 KB	6ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/BTN.png Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4cb2f23b4dd842f61c29d2b2a945b40de099e624ac079bb8be2ccdc05cb96554 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 16:43:25 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 10:35:44 GMT server sffe age 31480 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2043 x-xss-protection 0 expires Tue, 18 May 2021 16:43:25 GMT
GET H3-29	200	carte_2.png s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	5 KB 5 KB	7ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/carte_2.png?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a52a4952a670d5c6ffa3a8b834e3d1d572550b08b5a769ca710df7583d29e482 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 12:20:22 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:03 GMT server sffe age 47264 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5098 x-xss-protection 0 expires Tue, 18 May 2021 12:20:22 GMT
GET H3-29	200	BTN_txt.png s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/ Frame 0AFA	5 KB 5 KB	8ms 8ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/BTN_txt.png Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7a2c297ff10d5f0f0be5781b6c8a6f0ad80a8b1f13766e5c53a710a77cc64775 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:16:47 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 10:35:45 GMT server sffe age 54679 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4775 x-xss-protection 0 expires Tue, 18 May 2021 10:16:47 GMT
GET H3-29	200	carte_bg_1.jpg s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	3 KB 3 KB	6ms 6ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/carte_bg_1.jpg?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a5b5aa6e811610e9854e6d93061e50360c40fd2935a42cb2bc267569a590dce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 09:01:06 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:03 GMT server sffe age 59220 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2889 x-xss-protection 0 expires Tue, 18 May 2021 09:01:06 GMT
GET H3-29	200	card.png s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/ Frame 0AFA	10 KB 10 KB	6ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/card.png Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e23686b9b7141b46d74c4423b7ecc93551cf211e5aa816a1f39be7ac86377a2c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 23:03:29 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 10:35:44 GMT server sffe age 8677 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9789 x-xss-protection 0 expires Tue, 18 May 2021 23:03:29 GMT
GET H3-29	200	carte_bg_2.jpg s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	4 KB 4 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/carte_bg_2.jpg?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 72c587d23ba746a00db19b283f7310b4e8609a3ed1333f888e1b16d477224098 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:27:36 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:04 GMT server sffe age 50430 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3860 x-xss-protection 0 expires Tue, 18 May 2021 11:27:36 GMT
GET H3-29	200	footer.png s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/ Frame 0AFA	2 KB 2 KB	8ms 7ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/footer.png Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae058fc90cb1e6c5d92156d35d04a3b113efde3e8d7d851287968c33271d123b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:16:47 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 10:35:44 GMT server sffe age 54679 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1912 x-xss-protection 0 expires Tue, 18 May 2021 10:16:47 GMT
GET H3-29	200	CTA_bg.png s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	3 KB 3 KB	6ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/CTA_bg.png?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ffe3df0544ea449e7da5703549dfdee829c3c349bb46fd755da1957f32989033 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 15:16:24 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:03 GMT server sffe age 36702 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3170 x-xss-protection 0 expires Tue, 18 May 2021 15:16:24 GMT
GET H3-29	200	jaina.png s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/ Frame 0AFA	71 KB 71 KB	7ms 7ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/jaina.png Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 726b6fb7bf153e44b15f824dc8d3d985d01338bda244290d1de159d363e75296 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:16:47 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 10:35:44 GMT server sffe age 54679 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 73068 x-xss-protection 0 expires Tue, 18 May 2021 10:16:47 GMT
GET H3-29	200	CTA_txt.png s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	2 KB 2 KB	6ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/CTA_txt.png?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 40471a17c616fb98e51b4cf3b06b0b23dee19f494df2cf6d958e1ed0fc67f14d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:42:51 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:02 GMT server sffe age 49515 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2372 x-xss-protection 0 expires Tue, 18 May 2021 11:42:51 GMT
GET H3-29	200	logo.png s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/ Frame 0AFA	10 KB 10 KB	7ms 7ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/logo.png Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 26ddf54ed28a5a8527cd6349c747145b0b229115476ea2d113995c05c8580216 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:16:47 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 10:35:45 GMT server sffe age 54679 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10193 x-xss-protection 0 expires Tue, 18 May 2021 10:16:47 GMT
GET H3-29	200	footer.png s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	3 KB 3 KB	9ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/footer.png?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 266e4fc47fe392a290ac225ab6184e2a47df52b8134de322d0f74748e606e9ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 12:20:22 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:03 GMT server sffe age 47264 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2977 x-xss-protection 0 expires Tue, 18 May 2021 12:20:22 GMT
GET H3-29	200	particle.png s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/ Frame 0AFA	230 B 257 B	7ms 7ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/particle.png Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e310680af72d7e7b621a632e487dc61eb280a245446e8ef815187a2952e828d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:16:47 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 10:35:45 GMT server sffe age 54679 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 230 x-xss-protection 0 expires Tue, 18 May 2021 10:16:47 GMT
GET H3-29	200	logo.png s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	11 KB 11 KB	10ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/logo.png?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a8b1ce2579c5ffe0cb4b05044e651a5c1420e8ecc5a249a6d82f5c60f71dc64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:42:51 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:03 GMT server sffe age 49515 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11743 x-xss-protection 0 expires Tue, 18 May 2021 11:42:51 GMT
GET H3-29	200	txt1.png s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/ Frame 0AFA	4 KB 4 KB	7ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/txt1.png Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d5ef519b6fbcee933f3ef02d2e8357b9875a9bd43d61f69fd8b1ab6ee277a23a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:16:47 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 10:35:45 GMT server sffe age 54679 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3651 x-xss-protection 0 expires Tue, 18 May 2021 10:16:47 GMT
GET H3-29	200	particle.png s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	215 B 242 B	6ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/particle.png?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b61e41e7feed3847d7dfecd70b4b42061e65c9f81430063fb082577fd326044 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:42:51 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:03 GMT server sffe age 49515 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 215 x-xss-protection 0 expires Tue, 18 May 2021 11:42:51 GMT
GET H3-29	200	txt2.png s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/ Frame 0AFA	4 KB 4 KB	7ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/images/txt2.png Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e8fd8583577edf16b9f9698b830f9b20614a52427d52919925964253afd52abe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600252544730/HEARTHSTONE_Q2_DISPLAY_EN_GARROSH_300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:16:47 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 10:35:44 GMT server sffe age 54679 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4228 x-xss-protection 0 expires Tue, 18 May 2021 10:16:47 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4B1F	0 20 B	45ms 43ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUaRHJRijYPzyEpaPrATPlp7QBgAAAAA4AeAEAg&bg=!BAelB0PNAAY59bwoOfU7ACkAdvg8WoZN_eCsgklZzIfowruGdSgRQbHWiVimIYzw2Sq7D6wI3WiOvgIAAAEoUgAAAEdoAQcKALySD2KKRy0STQ8MWOf0NifpDhmiXXeQmyqCJchvODS9XIOIXjlb-X0jM7q2MnowesBp1Q6CW7dgTobaRY6_IJTjEpKEOHPqlsBO_WyuRvseeT_6YIps8cIhsDKSztJT1nKJVtDZhuRv_chTh76_exOn4QaqJFFaWJgtLwzg7PA3PszdehQCuJ1bQbqR-tlL3JFkQZRjFkmG7jM3OG0ZjzMXHs9XEB2ZlHOlVgU9Xr3vJlGlD0uy8Kq6Uj3bTZkClCS0gsFhVvUOsfHNBdy84pEumrD1kJBg9O0GEHtFZJd9mtvzvXwDvMmPbiX7aH1mIIZdtFm10FGwWnbfB2bLDbJ-QN1dnfHDl8IuAObbkoW-qhByWLY8nKMpR67JXRcNapU0QfxMLUMhvEi9zG1cR-lpT_MjECEL0m1v3DtA4iXxuCTRPopx5GJJrOutyf_WBhJ1JLirwlWK6I2tk5ttpEyK5qloRwQoD3ItK0qV5kmtOqJHLbzQBsfDcMSWWwraFpD-Ypaeq0jtkqxL31J8SBlMXY9b2WeIltCmyeO4iEQv6k1IWRMqoVHgFRI2dubXQy4uVVTW1W34wfDWPGEZMcUV7eQv6lnqeisCmQl_mxUGLQy8v73xJYla00cUtq6Iv5J7tLO1rknRIDUo_0jJLEI-9ZQ_ZyX7yORLfAY86Nr1SIElZtkkZfAwr6EU9YgChLslFJ9YSYKi5b4o7eBZPOjs4YPSVlBo5N-LZx9MPNkzqFgdbfXXXZzmG3ggNi-1H0Wpw3H0qFQpsbIeYTLGJuUTrsHKmxtx0tGwLukVQQl14XiEN1HY2mk4xea1bdKMjRWgweRNLBof95A8Wt0sjwq7A0EA3gq3jBM7KXeHZbNlLKSdo4YwUrkSh9D3oESo_TQA9i2mrAw5rNeUdpEPI21qenZw3cDnJi96Q9eFpKQ9BWT4m13vyAbM0olTkrc6JkgbumiSYDx0NaF5yooUuCdCqgp4DQAByQ6WMCvknKcM85FcccKGbamgxs_3nJLTQqbJcdmWpb9AfMRXy-g3HI-ju3ixJKULGrYLhG6WWu4ZWqQQtT9I-B-yLfviN-AW1uxIgd72DMou12tnrvh5MwTgXU6CIU1X9YjSoT57yPiBK-uUFA Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:06 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	smoke.png s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	24 KB 24 KB	7ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/smoke.png?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6f77e200610a75612d80493c985e4eb51ff6fc6064825148781ff339511d9857 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 15:16:24 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:03 GMT server sffe age 36702 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25028 x-xss-protection 0 expires Tue, 18 May 2021 15:16:24 GMT
GET H2	200	adsct t.co/i/	43 B 455 B	505ms 161ms	Image image/gif	104.244.42.197 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nx3zh&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.197 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:06 GMT content-encoding gzip x-content-type-options nosniff status 200 OK x-twitter-response-tags BouncerCompliant content-length 65 x-xss-protection 0 pragma no-cache last-modified Tue, 18 May 2021 01:28:06 GMT server tsa_o x-frame-options SAMEORIGIN strict-transport-security max-age=0 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 x-connection-hash a86808bc93b4e84fa039f483bbb8f0de93654bdaa2834830bcb30b13308370ed x-transaction c2436adf637c408f expires Tue, 31 Mar 1981 05:00:00 GMT
GET H2	206	HS_COMPETITIVE_PILLAR_300x250_ONE.mp4 blzadeu-a.akamaihd.net/banners/hs/ Frame 18EA	35 KB 35 KB	53ms 53ms	Media video/mp4	2.17.121.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://blzadeu-a.akamaihd.net/banners/hs/HS_COMPETITIVE_PILLAR_300x250_ONE.mp4 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/10212278/1606233710075/index.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.17.121.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash aee71dec1d1fc96b5ca54b06688616f758e4531fd65f4defb873d32e83aa9105 Request headers Referer https://s0.2mdn.net/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=1048576- Response headers date Tue, 18 May 2021 01:28:06 GMT last-modified Wed, 14 Oct 2020 14:53:28 GMT server AkamaiNetStorage etag "22dda98c7c7ee075fdf20203514b6b6f:1602687208.132739" content-type video/mp4 Content-Range bytes 1048576-1084635/1084636 accept-ranges bytes Content-Length 36060
GET H3-29	200	txt1.png s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	3 KB 3 KB	6ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/txt1.png?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ef2bc864443e116d07d49a184bc99ebdf3c712ad9345e45a9e1af845c2f3cc8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:42:51 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:04 GMT server sffe age 49515 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3466 x-xss-protection 0 expires Tue, 18 May 2021 11:42:51 GMT
GET H3-29	200	bg_end.jpg s0.2mdn.net/10212278/1606233710075/images/ Frame 18EA	28 KB 28 KB	13ms 6ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1606233710075/images/bg_end.jpg Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5b44cdd6c9f0d66f4574c24f888e9d0bcb666a7a1f9b1e8c2a499755e07e2c80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1606233710075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:13:21 GMT x-content-type-options nosniff last-modified Tue, 24 Nov 2020 16:01:50 GMT server sffe age 51286 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28413 x-xss-protection 0 expires Tue, 18 May 2021 11:13:21 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 0688	0 23 B	189ms 88ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxphIOQQvcvhGTev3wlGAQDGoOA8iLCdVz9aTQkp08O9xie8GruzMTtuTIgbt8wJqw4d0oTUwVhSpkswHmQ4pnJBWXfqneMqY9oPX-HepuB6bmBNvUqdFB_apv7TWe2lv-QBu-D2jLfXe5MRkP7EZFV3ZXQ_QZ66B1J118SJ_04bSjdJahykHRPsMONkmLFC8WU3vObHIuGGUcQL1connHbm4mSC14tK3rIzRJ-nKEot8kDVYC1BR9ST5dT4LXnaRr4moikYnSz7zU5AtPV8fVS3QhbSBdJiIT7-e-RJsSLeJpfJn-gBPnp6tLbl0msLx2jP1w-ZWa7pZwYv8nQYct5AeEzL_YVW1CW4Fgw8tNOsulZIoWG07RxvLGW5UBIPnwaYo41ao3NUW7jy1RS4U8sCrfkFZk6Jsu5Ls3C-YymRPibDOV4tkxhcLuAX_XpkeJs1YaFzyeDaKZgbwZTXZuRayhzG46KEXjgGVBwHu1RrfvtsS2C2dG0uNXW9hcKnn-71Y-j-GyDSa8EE_s6sSbPYYHr2yuQ7-FnmRRtQ6QJ2khMS5dOgCg0XrlyurT4aTXVNCx8MfOaOhhcsmi48UW3TO6vJ5xNo60PC0LEjQ7NDAdoRmQxYG47mFN0j5r3zJS90WPNO09xNvNzXugVX3lKkNARqvOg2NpdCeEIitKF8Ymhobzi0TN8N491V8NUG5fJV7GaC1_hwoiaGYL2_FCcFV8R6noAGf2uw5pwjzBhPTIdJLpBMyVBg_NLq-vqe7Fc_cbxjRu9NxG79kO-cQw_M2Q_q8ojb9kSksCDlGu8pr0G5pa2hAiWpjRjE3LSsI0LjLB3B9rAYQzVzYfCHrS51K4bNRbxehZNLn6BEnvc3nGwfrOsiWdQiqKKmYQlA-li8V4ws794jF6AoCG_DDaAa9gf7IoJJCotZrPcqaUahd_kHuYgEr7zAQ74KgUMYYhlMPbiYCC-9fYloFZJ0duvaU2Fk_KI5mjIP1ubnSyza_VKCdJ8gTHScGDg8Zem6OA2Y79fiPA8xCHr8EAU4GP_46Fvsak02bjlqq0qYMbva6t-1jr6Z4HqMQ-S_PwrWccV-V4YvFy1ntaWd4tv8hBNCfLBarGBSuA-eecuNG6Tm4rl2Jtv8iCnLj3JoXlCpZ_GGPSwFPd7_Md&sai=AMfl-YS5_8GMbu3gx0Ame-xEsIYHF0HSeQ4TSZ3rxk1vNVwrpOCkWKmwIMISwILpgdYTuycMtlnCkxk0WDyCaMVtRdDDDeyDeXkFuLqJ1JXBIViHfpPyaTDmP4yoDkeHzkAl4dzy4VGZJ5MpXBkIyBZlLb_9FCaLRg&sig=Cg0ArKJSzOEPuArwSGh3EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1447&vt=11&dtpt=1204&dett=3&cstd=240&cisv=r20210511.58296&adurl= Requested by Host: llinks.io URL: https://llinks.io/?fmFhB1k Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 18 May 2021 01:28:07 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	txt2.png s0.2mdn.net/10212278/1600249562793/images/ Frame 4233	3 KB 3 KB	60ms 60ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1600249562793/images/txt2.png?1584959569378 Requested by Host: fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com URL: https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 21ab8cf64cc538c9cdad301cfadfd9b496b2e3468079786800a74440ffe8fd30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1600249562793/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:42:51 GMT x-content-type-options nosniff last-modified Wed, 16 Sep 2020 09:46:03 GMT server sffe age 49516 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3457 x-xss-protection 0 expires Tue, 18 May 2021 11:42:51 GMT
GET H3-29	200	card1.png s0.2mdn.net/10212278/1606233710075/images/ Frame 18EA	10 KB 10 KB	60ms 7ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1606233710075/images/card1.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash adae110fb2d27855046082a93459e6280237532ed6336599710f118f2c513e43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1606233710075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 16:03:23 GMT x-content-type-options nosniff last-modified Tue, 24 Nov 2020 16:01:50 GMT server sffe age 33884 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10244 x-xss-protection 0 expires Tue, 18 May 2021 16:03:23 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4950	0 20 B	42ms 41ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BS75UJRijYJS1FYGl3gP9jIfYBAAAAAA4AeAEAg&bg=!MTKlMnbNAAY59bwoOfU7ACkAdvg8WiqWQ0Luh-1RCarTqKK4Ki68NWJ2krUBoVjFbcskQm_0PMl5rgIAAAFfUgAAAqpoAQcKANhjkfyelM802KBZFiomdHX-N4pz4cjKj4o-y-VBVz_f5FKHQM3dWPCqTHTlm62ZY2YZopkAYQb78e9aBF_2E-0C8D5tiGJl5Eg3ncvF3sSZK-BPpSyQrahG5XSEXNUcdbuv7qTL5XMb-9ZjQITPzruXcrMg-3z6BqTlcvrsslxiY8XvUQVUTVyMotMZhbAZc0qWpU3K8QZV2Aw_1_j9VgSI8LEsxzOEt8BC03Bgw5ni-Oxh88klLGIWzX7L51WoHx_Svye8iCqNyCgHU77PG6N9SRobDyPpl1WZAo1cm4v2ZW6-LG7ZjBEQ738HUxCmsxPaHSxi1aUE1QaZixbuNGAz3pJ9Q-ZRgrt23hU7-mRomFzL3k7li98eIY9DQQqCEuBTuYEviZ7nojBC6KH7luCGGb7UfnGGAj1Urc6MUsNKfL0Q-PAj5yjz8sEB1aejGbUOp6J8kC584z98b2w0w9uB9BsUK-U_R1aoqgqVogyGnd1qLheElNUqBKwoAdhPJ9yKnsk_2YKOzOpx89tIUeN_PuJ-Rh9pbWAhXEu_sPgS2F9T5UD6tjNmVTyEPgV_1iWVkHxdhPQlV8eMwtImf1_MQCnGRChQSOotIMUL5-leKgOI7cKPtckzBzHOcT7XTclSlTMH0GwLn9pL_dzcBg3zcdhw0jdtpge0zNVwewnT03FnAtV1I0JDhzGCpi3A-V9EhpW2ilWcaA3xV0LsiBAgvY3024ToMBItN1Hp5_TOLeTLVt_L8axjNOxcxwCuUlI0Tpgd0-yzUlqBJKNfp925sRPoc1b96vt7IXjqBNuD4IH98_ADw64TTgodkIL04japOwifzQg0KDIae_r_oGjpW1k4XGYZkrojKXizuPLb1PQGqaaFlgRB7WS_CVRhzPKlkMXlRdoEQSyVL9-yPHrS08olAZYXEPN3Rh6uoPPf_pmUMMl1fdw6_B3Y56DVJ7E68srOwYR0Gx0eJI5TpvlhJM3EpF1Nc_AyYI3uCEQLk_xEzxvgOd_bvZOBcW4NMF5j0d8hkbhPEZjAisyBWemobX3yXTeO2CfcfDmfO6oBRh3ljTVllcQDBPQ-1albqY7TfhWsJfpnyb40Mn87QjsOUl8O2nLxNQ7BzNn7bhxYn2nr4WclCP2srsLzgujGB8l0jVb-2x8eiw Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	206	HS_COMPETITIVE_PILLAR_300x250_ONE.mp4 blzadeu-a.akamaihd.net/banners/hs/ Frame 18EA	933 KB 0	48ms 46ms	Media video/mp4	2.17.121.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://blzadeu-a.akamaihd.net/banners/hs/HS_COMPETITIVE_PILLAR_300x250_ONE.mp4 Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.17.121.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash Request headers Referer https://s0.2mdn.net/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=98304- Response headers date Tue, 18 May 2021 01:28:07 GMT last-modified Wed, 14 Oct 2020 14:53:28 GMT server AkamaiNetStorage etag "22dda98c7c7ee075fdf20203514b6b6f:1602687208.132739" content-type video/mp4 Content-Range bytes 98304-1084635/1084636 accept-ranges bytes Content-Length 986332
GET H3-29	200	card2.png s0.2mdn.net/10212278/1606233710075/images/ Frame 18EA	10 KB 10 KB	6ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1606233710075/images/card2.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1bf87424d1bab4737318191c61eb5bf3a3edecf6982868f0cd3cdeeccde696cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1606233710075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:13:21 GMT x-content-type-options nosniff last-modified Tue, 24 Nov 2020 16:01:50 GMT server sffe age 51286 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10161 x-xss-protection 0 expires Tue, 18 May 2021 11:13:21 GMT
GET H3-29	200	card3.png s0.2mdn.net/10212278/1606233710075/images/ Frame 18EA	10 KB 10 KB	6ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1606233710075/images/card3.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd703f7719ffb8aa0a328f90d8ac2df37743a51c0bf5ac03e22ac0a5e90c4ebe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1606233710075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:13:21 GMT x-content-type-options nosniff last-modified Tue, 24 Nov 2020 16:01:50 GMT server sffe age 51286 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10159 x-xss-protection 0 expires Tue, 18 May 2021 11:13:21 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A61F	0 20 B	45ms 44ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6aYSJRijYOTcF7Pd7_UPlYeGqAIAAAAAOAHgBAI&bg=!Pj2lPXnNAAY59bwoOfU7ACkAdvg8Wnh09jOw8NL9JyXKW385gg5Re6PLhnII6H0sCQtfx7UjvGUJPwIAAAPUUgAAAA5oAQeZApxxDh-5Yqb8XrYCGDQGbgpI1XqqOj5w1ednknay46PJNpovclq-OY0WGw4SSLBTLWVZ7CYLLVxUG4dcGKoyes-BCGFFxlZ7yCFjzMnSrJJlKEsrJ4enpF5_V1chsEDCbbCZ-c9-eAxzOy0EZhSrMK9NBerZtTb1mg4ipK9G3TTcVPdrJctalKngm-ilavfV3PG4jOtPSfCNz61RWUtMwGoEyzl9JrIgL0ANciYuQYSTQuJYR9IhX2dZf5P3tSIjUCTXStji2DQODFWjIW7cdFpx0URfwfpfeQlSFV5-pA8carN9z7PrN2V3i9dr6TKQbbwYXBe92bwqCIhTbbhIy7pa7Fse3CY1E35kwneFgVbEAH6J2wYCYHt2ZUHvV33tQ3bqSqsRG3TRMhcK6LLpj2k5APsIvo8ma44xayuFYTFRwaYtiCjgaefZry5XlsSWTbd_51w-VrIjHWacu2-8oiJHTGFLbBBOA1nr7ukWclzv3GJRu05Lrv0SH7LbABgwQ7fp1k0i0rGlLqQOEa_0L92iTgyH8I0zibhT1jKXeVlTMyeG0YjNYP_Q4mU3FOJOKM7mO6QpN6a-LWOWjzSI5gJR6-1TO5p9Ux4sxyophbn7Laks1_vaQDOZBNqWej9fdknTBXbsdGzXwE_1w5EqGapYUxwzL-5_q5rTlt-xYsjybWOjtCsS_KJ4YE3i1rAmjlSPuW6YjQ_0Cez7g10RKTY7J-SoaY1N3EFxUgQxiR-82K2RCuhp5fPPFCB8R6f3YiSLsH_oAkhj6qalVt-MUORySZBZZa2RgzIadtmsV4sEO4hoCBLLQKU6dlbC8vyBvjIGk7eJap2Iqud8-lGE6xxOUR3GWqJgXLQLY21x933iAVIe_v6QRgoGPzKRAA Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	card4.png s0.2mdn.net/10212278/1606233710075/images/ Frame 18EA	10 KB 10 KB	7ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1606233710075/images/card4.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c84d51d4e66da790d28fddeacc15f43de09bc9d68e1f6a74f9bdb6da3ad3d3e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1606233710075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:13:21 GMT x-content-type-options nosniff last-modified Tue, 24 Nov 2020 16:01:50 GMT server sffe age 51286 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10588 x-xss-protection 0 expires Tue, 18 May 2021 11:13:21 GMT
GET H3-29	200	card5.png s0.2mdn.net/10212278/1606233710075/images/ Frame 18EA	10 KB 10 KB	7ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1606233710075/images/card5.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 465ca3c46319a9972be1d1dddd4717a87abd269e7754565ff2f0dfc45c89bacf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1606233710075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:13:21 GMT x-content-type-options nosniff last-modified Tue, 24 Nov 2020 16:01:50 GMT server sffe age 51286 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10389 x-xss-protection 0 expires Tue, 18 May 2021 11:13:21 GMT
GET H3-29	200	CTA_bg.png s0.2mdn.net/10212278/1606233710075/images/ Frame 18EA	3 KB 3 KB	7ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1606233710075/images/CTA_bg.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9913a78523518522a18d91a50557beb222dfec849b84b16cbc85fbc045f9aa20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1606233710075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 16:03:24 GMT x-content-type-options nosniff last-modified Tue, 24 Nov 2020 16:01:50 GMT server sffe age 33883 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3357 x-xss-protection 0 expires Tue, 18 May 2021 16:03:24 GMT
GET H3-29	200	etincelle.jpg s0.2mdn.net/10212278/1606233710075/images/ Frame 18EA	16 KB 16 KB	7ms 6ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1606233710075/images/etincelle.jpg Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c2e6dbad3afabd35498180acfe79eb09442af352bb0fa5e3917987bab9f4c51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1606233710075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:13:21 GMT x-content-type-options nosniff last-modified Tue, 24 Nov 2020 16:01:50 GMT server sffe age 51286 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16570 x-xss-protection 0 expires Tue, 18 May 2021 11:13:21 GMT
GET H3-29	200	frame.png s0.2mdn.net/10212278/1606233710075/images/ Frame 18EA	15 KB 15 KB	8ms 8ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1606233710075/images/frame.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3928b454faff704d922b66be630a259650bd9d79bd63a9d07f627daae580282 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1606233710075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:13:21 GMT x-content-type-options nosniff last-modified Tue, 24 Nov 2020 16:01:50 GMT server sffe age 51286 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15649 x-xss-protection 0 expires Tue, 18 May 2021 11:13:21 GMT
GET H3-29	200	logo.png s0.2mdn.net/10212278/1606233710075/images/ Frame 18EA	10 KB 10 KB	7ms 6ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1606233710075/images/logo.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89a96aee41d3e4938168871bf1f9fffcb7c09d12c154589656208c65314387c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1606233710075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 08:48:01 GMT x-content-type-options nosniff last-modified Tue, 24 Nov 2020 16:01:50 GMT server sffe age 60006 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10692 x-xss-protection 0 expires Tue, 18 May 2021 08:48:01 GMT
GET H3-29	200	all_text.png s0.2mdn.net/10212278/1606233710075/images/ Frame 18EA	26 KB 26 KB	7ms 7ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10212278/1606233710075/images/all_text.png Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b9ecee3225247e4c8ff32906ea1727f42b669222437ae6000312d81d78044cbe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/10212278/1606233710075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 16:03:24 GMT x-content-type-options nosniff last-modified Tue, 24 Nov 2020 16:01:50 GMT server sffe age 33883 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26464 x-xss-protection 0 expires Tue, 18 May 2021 16:03:24 GMT
GET H2	200	dc_oe=ChMIpIPC-YnS8AIVs-67CB2VgwElEAAYACD05dNDQhMIjcif-YnS8AIVmlrgCh1Z6g15;met=1;&timestamp=1621301297036;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame 0688	42 B 498 B	526ms 87ms	Image image/gif	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpIPC-YnS8AIVs-67CB2VgwElEAAYACD05dNDQhMIjcif-YnS8AIVmlrgCh1Z6g15;met=1;&timestamp=1621301297036;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:17 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_oe=ChMI1Nu_-YnS8AIVgZJ3Ch19xgFLEAAYACDsgddBQhMIjMif-YnS8AIVmlrgCh1Z6g15;met=1;&timestamp=1621301297071;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame 4ADB	42 B 107 B	526ms 120ms	Image image/gif	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1Nu_-YnS8AIVgZJ3Ch19xgFLEAAYACDsgddBQhMIjMif-YnS8AIVmlrgCh1Z6g15;met=1;&timestamp=1621301297071;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:17 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	identify.js Show response analytics.tiktok.com/i18n/pixel/	140 KB 39 KB	204ms 203ms	Script application/javascript	2.16.186.162 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/identify.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C24Q4CFMU8Q03RAI27R0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 420d31548250b39e9e360cdf56a6fe9b8c3143c2c09d739c4e9ae60ee22319e1 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-akamai-request-id fe121cba.34ab8ee7 date Tue, 18 May 2021 01:28:18 GMT content-encoding gzip x-cache-remote TCP_MISS from a23-53-33-182.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a2-16-186-158.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-) x-parent-response-time 156,2.16.186.158 server-timing cdn-cache; desc=MISS, edge; dur=151, origin; dur=5, inner; dur=4 pragma no-cache server nginx x-tt-logid 202105180128180102360401484072F4F0 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 5,23.53.33.182 expires Tue, 18 May 2021 01:28:18 GMT
GET H2	200	config.js Show response analytics.tiktok.com/i18n/pixel/	427 B 827 B	202ms 201ms	Script application/javascript	2.16.186.162 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C24Q4CFMU8Q03RAI27R0 Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C24Q4CFMU8Q03RAI27R0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 6ec0bcef60f394513cd9077493aee3497eac861ba8d49b3028a4d2117a0b1f9e Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-akamai-request-id 47330455.34ab8f1d date Tue, 18 May 2021 01:28:19 GMT content-encoding gzip x-cache-remote TCP_MISS from a23-53-33-212.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a2-16-186-158.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-) x-parent-response-time 157,2.16.186.158 server-timing cdn-cache; desc=MISS, edge; dur=152, origin; dur=5, inner; dur=0 content-length 256 pragma no-cache server nginx x-tt-logid 202105180128180102360412203571328A vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 5,23.53.33.212 expires Tue, 18 May 2021 01:28:19 GMT
GET H2	200	dc_oe=ChMIvJm9-YnS8AIVlgeLCh1PiwdqEAAYACCFvt5BQhMIi8if-YnS8AIVmlrgCh1Z6g15;met=1;&timestamp=1621301298887;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame 6AC0	42 B 107 B	125ms 87ms	Image image/gif	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvJm9-YnS8AIVlgeLCh1PiwdqEAAYACCFvt5BQhMIi8if-YnS8AIVmlrgCh1Z6g15;met=1;&timestamp=1621301298887;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Requested by Host: www.posthaus.com.br URL: https://www.posthaus.com.br/?awc=17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14&lnk=1458_0_0_0&ordprd=6&utm_source=ZANOX&utm_medium=AFILIADOSEXTERNOS&utm_campaign=LINKTEXTO&mkt=ZANOX054&utm_term=http%3A%2F%2Fdecoracao.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fd27cf4af46fcb03aff09c9cbd6d43d1.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 558 B	219ms 219ms	Ping application/octet-stream	2.16.186.162 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C24Q4CFMU8Q03RAI27R0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 9bf0abaf.34ab8fac date Tue, 18 May 2021 01:28:19 GMT x-cache-remote TCP_MISS from a23-53-33-215.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-) upstream-caught 1621301299213819 x-cache TCP_MISS from a2-16-186-158.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-parent-response-time 162,2.16.186.158 server-timing cdn-cache; desc=MISS, edge; dur=153, origin; dur=9, inner; dur=8 content-length 0 pragma no-cache server nginx x-tt-logid 202105180128190102360401485370F0CA content-type application/octet-stream access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 9,23.53.33.215 expires Tue, 18 May 2021 01:28:19 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 559 B	220ms 220ms	Ping application/octet-stream	2.16.186.162 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C24Q4CFMU8Q03RAI27R0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 85729525.34ab8fad date Tue, 18 May 2021 01:28:19 GMT x-cache-remote TCP_MISS from a23-53-33-221.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-) upstream-caught 1621301299213382 x-cache TCP_MISS from a2-16-186-158.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-parent-response-time 164,2.16.186.158 server-timing cdn-cache; desc=MISS, edge; dur=151, origin; dur=13, inner; dur=8 content-length 0 pragma no-cache server nginx x-tt-logid 20210518012819010236040158117409B4 content-type application/octet-stream access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 13,23.53.33.221 expires Tue, 18 May 2021 01:28:19 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	10 KB 8 KB	46ms 24ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051301&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a5d0a53ab2dd2332ab5c230bb26a0eb400c0c7fa6f7cfe60fcd963ceb043bf9d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 18 May 2021 01:28:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7659 x-xss-protection 0
GET H2	200	adsct Show response analytics.twitter.com/i/	31 B 381 B	176ms 167ms	Script application/javascript	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Full URL https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nx3zh&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.posthaus.com.br%2F%3Fawc%3D17634_1621301271_33a5f4d034ae12bd77003cfa5d055f14%26lnk%3D1458_0_0_0%26ordprd%3D6%26utm_source%3DZANOX%26utm_medium%3DAFILIADOSEXTERNOS%26utm_campaign%3DLINKTEXTO%26mkt%3DZANOX054%26utm_term%3Dhttp%253A%252F%252Fdecoracao.com Requested by Host: static.ads-twitter.com URL: https://static.ads-twitter.com/uwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:19 GMT content-encoding gzip x-content-type-options nosniff p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" status 200 OK x-twitter-response-tags BouncerCompliant content-length 57 x-xss-protection 0 pragma no-cache last-modified Tue, 18 May 2021 01:28:19 GMT server tsa_o x-frame-options SAMEORIGIN strict-transport-security max-age=631138519 content-type application/javascript;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 x-connection-hash bed14defe3d9ffaa626920aa601c5a8d2894558d04ce2cca666d8215976cc71e x-transaction 86efb17f8b11f12c expires Tue, 31 Mar 1981 05:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	74ms 15ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 01:28:19 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Tue, 18 May 2021 01:28:19 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2A4B	12 KB 5 KB	7ms 7ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.posthaus.com.br/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.posthaus.com.br/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Mon, 17 May 2021 23:36:05 GMT expires Tue, 17 May 2022 23:36:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 6734 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Show response pagead2.googlesyndication.com/bg/ Frame 2A4B	14 KB 6 KB	12ms 6ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 14:53:17 GMT content-encoding br x-content-type-options nosniff last-modified Thu, 06 May 2021 09:28:00 GMT server sffe age 38103 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5636 x-xss-protection 0 expires Tue, 17 May 2022 14:53:17 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	98ms 92ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051301&jk=3354610005030450&bg=!lpWlldHNAAY59bwoOfU7ACkAdvg8Wo51kmJkrcwFGS4ILLtAs4v4WTU5pJv3lszj8kNI3xse0apnrAIAAAILUgAAADdoAQcKAJbwPE19rsV7_tgxeoeD6kag1VMYuQFgfeecJB_1tTplKs_EYPfaPa2FLvu5wtUpjRy9cQ_siwXP6UTtPDoHuS7g92lJlvnYuBeHr4gqLMLC-qH-2jDo0Rh-SvyacuNPLyaEMZkmv21befOE5ZxeUJbOezvfDpS3J3m4T7fZMMljSCK-1M6oP3GzKSR1Tp2T-HXH3rw5UbKZAjugkEAbVFLD7CGPkmiobK9ohtrzZvS2sud5gbbxYjsgGWSgic0Kdzbl-y1Vt_cnU8BMJn-ZSoT02MKgwpDB5dOKwXQOqA2pb5ux-xpanz8kdzAWTavA8yNz9NlLd6LAw8Y2UTvJqx103pMYsSgNn2dnCB2Fca_4UUNSX-onlAhsvJqnm5_Lo1w3R8vAWW6zyni2XQrNvqoiC3uleuMMEcbIh-UKFeHXQU_UDH2aUmchSiwXoDRtW3Ds3HUYNsqe90t3cekmo4XJzwYUEA5e3Hsgvq0znUrY4gQLcV6_MJ_QQG3QTAsU3d1TjFeIeTyaA9KQPCYhkB8V68Fy-LYjYoAm-stjEsMWCqiVS8GSyM67ADaAkRJvg-6LuEQU0gp-Hf6utaTnWVuqv3mas-SY3xZwvsHFX4GuqwJlPYlxGM_asvNMob3Y4nkdiJ9waIAnCPHksJYkHNustTIc0liWaGg12onBW-9D1dGLwso5Ol35zjZcxu2pQeP4WN1uXc3jUaGUWwbB5alq1PF3JkaVee2IbLllWXZPjy0DwGh-P1IpeblDE-PQtuj7i89Cu3C1QqG1XezjkWiA5GvW0wfKz6ErcrmzrDag2lq8tTd3Fnkwv4cbdH4MXb4JxMzICNocgTepEwkeYGyP0APi4XXe_oRUbr1KFhCeJozdxmwh9NEbjMdabp9HFy5RgX2qZH7jKcbs7_QDrKs5XloeNEAqyjEfgtOqgeSOQGdarD8X4yIe6I5NDVeRFAGQsgOh Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 18 May 2021 01:28:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		blazer-com-bolsos-xadrez-preto_330764_301_1.jpg ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/blazer/	0 0
GET		blusa-azul-soltinha-com-decote-v_225220_301_1.jpg ph-cdn3.ecosweb.com.br/imagens01/foto/plus-size-feminino/blusa-manga-curta/	0 0
GET		pijama-longo-mescla_229138_301_1.jpg ph-cdn3.ecosweb.com.br/imagens01/foto/lingerie/pijama/	0 0
GET		vestido-com-capuz-preto_314125_301_1.jpg ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/vestido-curto/	0 0
GET		blusa-feminina-detalhe-com-recorte-preta_145619_301_1.jpg ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/blusas/	0 0
GET		casaco-em-moletinho-manga-longa-preto_3068_301_1.jpg ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/casacos-e-jaquetas/	0 0
GET		calca-jogger-cropped-preta-e-branca-plus-size_319102_301_1.jpg ph-cdn3.ecosweb.com.br/imagens01/foto/plus-size-feminino/calca-comfort/	0 0
GET		jaqueta-bomber-preta-e-floral_228577_301_1.jpg ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/jaqueta/	0 0
GET		blusa-manga-longa-branca-segunda-pele_51065_301_1.jpg ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/blusas-manga-longa/	0 0
GET		calca-confortavel-etnica-em-helanca_308812_301_1.jpg ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/calca-legging/	0 0
GET		vestido-evase-de-alcas-etnico_220886_301_1.jpg ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/vestido-curto/	0 0
GET		01_64.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/	0 0
GET		02_64.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/	0 0
GET		06_64.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/	0 0
GET		05_64.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/	0 0
GET		08_64.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/	0 0
GET		03_64.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/	0 0
GET		11_64.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/	0 0
GET		04_64.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/	0 0
GET		07_64.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/	0 0
GET		09_64.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/	0 0
GET		10_64.jpg ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ws-ph.ecosweb.com.br

URL

https://ws-ph.ecosweb.com.br/rest/shopping/addCampaignWithoutWarn/v1/?campaign=ZANOX054

Domain

ws-ph.ecosweb.com.br

URL

https://ws-ph.ecosweb.com.br/rest/shopping/addCampaignWithoutWarn/v1/?campaign=ZANOX054

Domain

ws-ph.ecosweb.com.br

URL

https://ws-ph.ecosweb.com.br/rest/showCase/lastViewed/v10

Domain

ws-ph.ecosweb.com.br

URL

https://ws-ph.ecosweb.com.br/rest/showCase/lastViewed/v10

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2MzQzNjA2NDc1OTQxMjg4Ng%3D%3D&google_push=AQvitUJBcWPWLxX5xVWRVquZPNr0pvUW7CY8n7GQlTWwxvOORG9WraenSe7KwSYG47ZNWmfifk-pV6RQAsakUYj1fUJxM0Zx62NP

Domain

um.wbtrk.net

URL

https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEBby-Sv-4wCphdqTUGPsD94&google_cver=1&google_push=AQvitUIthY38NnpUgzYrxdXoVHHKgzWbxlgsuwiWWJthcXXaEZejTAN3YjyEKeiY-S1Ax_-tMt35vyARBDv3hMS18KtHT2wFUE-9

Domain

um.wbtrk.net

URL

https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEBby-Sv-4wCphdqTUGPsD94&google_cver=1&google_push=AQvitUIym5WXx0cIc6mD1lk10FPKWt5k6ksmDO3pzSOwZsdjkLnTT5DonatSbKUznQp_d-J3CBnGcLghiTBWYfdqfLtvYIz-AKa3Gg

Domain

d5p.de17a.com

URL

https://d5p.de17a.com/cookies/google;c?google_gid=CAESENrTLbtpsXNjfqUnRGDzPlw&google_cver=1&google_push=AQvitUKZhNv9Xxeh_w84lMF-efIVT7QDp_NVcZk_wu3H9oKY8cNQ3Vy5SomRnxzq6hRdU5lBDziZP23iyTmYEKqS51VhDcADAECx

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHznaBi6qO2EN4bA2NjwjXw&google_push=AQvitUI-u4yxSmM4b8n1VQhzp256cNBgdCKRTz_Of99pl1EYu6Osg4JpzwZEIheDVwgq5vx8qNaoj0_qE0oOMmwghGcgPekXWcA9iQ

Domain

c1.adform.net

URL

https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGGOWx0upV0eKFx5tIzfLLg&google_cver=1&google_push=AQvitUIg1lUwHA-De5RFfaj3KQqy1iksQ2D76opEd3NdQL_nnkCn7aov54c8iJcxZWLLe6fTpBoUk7gL7TxpLdtOs1n3Pz2v3Em-Mw

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/blazer/blazer-com-bolsos-xadrez-preto_330764_301_1.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/imagens01/foto/plus-size-feminino/blusa-manga-curta/blusa-azul-soltinha-com-decote-v_225220_301_1.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/imagens01/foto/lingerie/pijama/pijama-longo-mescla_229138_301_1.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/vestido-curto/vestido-com-capuz-preto_314125_301_1.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/blusas/blusa-feminina-detalhe-com-recorte-preta_145619_301_1.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/casacos-e-jaquetas/casaco-em-moletinho-manga-longa-preto_3068_301_1.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/imagens01/foto/plus-size-feminino/calca-comfort/calca-jogger-cropped-preta-e-branca-plus-size_319102_301_1.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/jaqueta/jaqueta-bomber-preta-e-floral_228577_301_1.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/blusas-manga-longa/blusa-manga-longa-branca-segunda-pele_51065_301_1.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/calca-legging/calca-confortavel-etnica-em-helanca_308812_301_1.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/imagens01/foto/moda-feminina/vestido-curto/vestido-evase-de-alcas-etnico_220886_301_1.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/01_64.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/02_64.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/06_64.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/05_64.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/08_64.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/03_64.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/11_64.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/04_64.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/07_64.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/09_64.jpg

Domain

ph-cdn3.ecosweb.com.br

URL

https://ph-cdn3.ecosweb.com.br/Web/posthaus/mobile/menu/10_64.jpg