www.cidadesdomeubrasil.com.br Open in urlscan Pro
2606:4700:3037::ac43:c5fd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Effective URL:
https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Submission: On July 10 via api (July 10th 2021, 3:22:10 am UTC) from FR

Summary HTTP 417 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 58 IPs in 8 countries across 41 domains to perform 417 HTTP transactions. The main IP is 2606:4700:3037::ac43:c5fd, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cidadesdomeubrasil.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 23rd 2021. Valid for: a year.

This is the only time www.cidadesdomeubrasil.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 16	2606:4700:303... 2606:4700:3037::ac43:c5fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	5.150.170.4 5.150.170.4	31151 (PHG-AS) (PHG-AS)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	54.94.210.112 54.94.210.112	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	104.22.53.65 104.22.53.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	172.255.224.36 172.255.224.36	7979 (SERVERS-COM) (SERVERS-COM)
3	2606:4700:20:... 2606:4700:20::681a:12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
14	54.233.92.4 54.233.92.4	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 5	185.106.81.236 185.106.81.236	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:20:... 2606:4700:20::681a:677	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
6	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
8	2606:4700:303... 2606:4700:3039::6815:c044	13335 (CLOUDFLAR...) (CLOUDFLARENET)
70	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.172.136 18.195.172.136	16509 (AMAZON-02) (AMAZON-02)
33	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
5 5	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
8 8	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
6	2606:4700:303... 2606:4700:3032::6815:57ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3	16509 (AMAZON-02) (AMAZON-02)
1 2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	99.80.199.35 99.80.199.35	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
12	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
18	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
6	13.225.74.47 13.225.74.47	16509 (AMAZON-02) (AMAZON-02)
6	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
12	52.213.6.221 52.213.6.221	16509 (AMAZON-02) (AMAZON-02)
417	58

16 2606:4700:3037::ac43:c5fd (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.cidadesdomeubrasil.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cidadesdomeubrasil.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.150.170.4 (United Kingdom)

ASN31151 (PHG-AS, GB)

creative.prf.hn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.94.210.112 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: mail1.confidencecambio.com.br

www.confidencecambio.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.53.65 (United States)

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.255.224.36 (Netherlands)

ASN7979 (SERVERS-COM, US)

www.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:12 (United States)

ASN13335 (CLOUDFLARENET, US)

script.joinads.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

khms1.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

khms0.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.233.92.4 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-233-92-4.sa-east-1.compute.amazonaws.com

b8pybk7hl9.execute-api.sa-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.106.81.236 (Netherlands) 1 redirects

ASN7979 (SERVERS-COM, US)

avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:677 (United States)

ASN13335 (CLOUDFLARENET, US)

st.avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3039::6815:c044 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.172.136 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-172-136.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.45.99.241 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.253.211 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.189.115 (United Kingdom) 8 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.182.200.29 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.199.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-199-35.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.74.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-47.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 81.29.72.47 (Brixton, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.213.6.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-6-221.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	4 MB
55	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	167 KB
36	googleapis.com fonts.googleapis.com ajax.googleapis.com maps.googleapis.com khms1.googleapis.com khms0.googleapis.com	547 KB
31	google.com 1 redirects maps.google.com www.google.com adservice.google.com	53 KB
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	314 KB
24	webgains.com track.webgains.com diapi.webgains.com	591 KB
18	webgains.io analytics.webgains.io api.webgains.io	360 KB
16	cidadesdomeubrasil.com.br 2 redirects www.cidadesdomeubrasil.com.br cidadesdomeubrasil.com.br	266 KB
15	gstatic.com maps.gstatic.com fonts.gstatic.com www.gstatic.com	719 KB
14	amazonaws.com b8pybk7hl9.execute-api.sa-east-1.amazonaws.com	6 KB
12	awin1.com www.awin1.com	8 KB
12	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	25 KB
10	addthis.com 5 redirects s7.addthis.com api-public.addthis.com e.dlx.addthis.com	205 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	190 KB
8	pubmatic.com 8 redirects image6.pubmatic.com	4 KB
8	google-analytics.com www.google-analytics.com	39 KB
8	googletagservices.com www.googletagservices.com	274 KB
6	openx.net 6 redirects rtb.openx.net	2 KB
6	quantserve.com 4 redirects cms.quantserve.com	2 KB
6	avsplow.com 1 redirects avsplow.com st.avsplow.com	16 KB
6	confidencecambio.com.br www.confidencecambio.com.br	2 MB
5	rubiconproject.com 5 redirects pixel.rubiconproject.com	2 KB
5	google.de adservice.google.de www.google.de	681 B
5	travelpayouts.com www.travelpayouts.com	81 KB
5	facebook.com www.facebook.com	12 KB
3	joinads.me script.joinads.me	7 KB
3	googletagmanager.com www.googletagmanager.com	120 KB
2	rlcdn.com 2 redirects id.rlcdn.com	867 B
2	innovid.com 1 redirects ag.innovid.com	682 B
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	507 B
2	mookie1.com odr.mookie1.com	430 B
2	statcounter.com www.statcounter.com c.statcounter.com	13 KB
2	facebook.net connect.facebook.net	70 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	69 KB
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	agkn.com 1 redirects d.agkn.com	759 B
1	addthisedge.com v1.addthisedge.com	812 B
1	googleadservices.com partner.googleadservices.com	666 B
1	moatads.com z.moatads.com	1 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	prf.hn creative.prf.hn	56 KB
417	41

	Domain	Requested by
36	assets.ad4m.at	as.ad4m.at
33	cm.g.doubleclick.net	googleads.g.doubleclick.net
30	ad4m.at	googleads.g.doubleclick.net ad4m.at
26	www.google.com	www.cidadesdomeubrasil.com.br ajax.cloudflare.com maps.googleapis.com tpc.googlesyndication.com googleads.g.doubleclick.net
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.cidadesdomeubrasil.com.br
18	track.webgains.com	as.ad4m.at analytics.webgains.io track.webgains.com
15	www.cidadesdomeubrasil.com.br	1 redirects www.cidadesdomeubrasil.com.br ajax.cloudflare.com
14	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
14	b8pybk7hl9.execute-api.sa-east-1.amazonaws.com	www.confidencecambio.com.br
14	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	api.webgains.io	analytics.webgains.io
12	www.awin1.com	as.ad4m.at
12	as.ad4m.at	ad4m.at as.ad4m.at
12	maps.googleapis.com	www.google.com maps.googleapis.com
9	khms1.googleapis.com	www.cidadesdomeubrasil.com.br
8	image6.pubmatic.com	8 redirects
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
8	www.googletagservices.com	pagead2.googlesyndication.com script.joinads.me googleads.g.doubleclick.net
8	fonts.googleapis.com	www.cidadesdomeubrasil.com.br maps.googleapis.com www.confidencecambio.com.br
7	platform.twitter.com	s7.addthis.com platform.twitter.com
6	diapi.webgains.com	track.webgains.com
6	analytics.webgains.io	track.webgains.com
6	static-de.ad4mat.net	ad4m.at
6	rtb.openx.net	6 redirects
6	cms.quantserve.com	4 redirects googleads.g.doubleclick.net
6	prod-rtb.ad4mat.net	googleads.g.doubleclick.net www.cidadesdomeubrasil.com.br
6	www.gstatic.com	www.google.com script.joinads.me
6	fonts.gstatic.com	fonts.googleapis.com www.travelpayouts.com
6	khms0.googleapis.com	www.cidadesdomeubrasil.com.br
6	www.confidencecambio.com.br	www.cidadesdomeubrasil.com.br www.confidencecambio.com.br
5	pixel.rubiconproject.com	5 redirects
5	e.dlx.addthis.com	5 redirects
5	avsplow.com	1 redirects st.avsplow.com
5	www.travelpayouts.com	ajax.cloudflare.com www.cidadesdomeubrasil.com.br www.travelpayouts.com
5	www.facebook.com	www.cidadesdomeubrasil.com.br www.facebook.com connect.facebook.net
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	s7.addthis.com	ajax.cloudflare.com s7.addthis.com
3	maps.gstatic.com	www.google.com www.cidadesdomeubrasil.com.br
3	script.joinads.me	ajax.cloudflare.com script.joinads.me
3	www.googletagmanager.com	ajax.cloudflare.com script.joinads.me www.googletagmanager.com
2	id.rlcdn.com	2 redirects
2	syndication.twitter.com	1 redirects platform.twitter.com
2	ag.innovid.com	1 redirects googleads.g.doubleclick.net
2	googlecm.hit.gemius.pl	2 redirects
2	odr.mookie1.com	googleads.g.doubleclick.net
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	connect.facebook.net	ajax.cloudflare.com connect.facebook.net
2	maxcdn.bootstrapcdn.com	www.cidadesdomeubrasil.com.br maxcdn.bootstrapcdn.com
1	pixel.everesttech.net	1 redirects
1	d.agkn.com	1 redirects
1	api-public.addthis.com	s7.addthis.com
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	v1.addthisedge.com	s7.addthis.com
1	c.statcounter.com	www.statcounter.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	z.moatads.com	s7.addthis.com
1	st.avsplow.com	www.travelpayouts.com
1	ajax.googleapis.com	ajax.cloudflare.com
1	www.statcounter.com	ajax.cloudflare.com
1	ajax.cloudflare.com	www.cidadesdomeubrasil.com.br
1	cidadesdomeubrasil.com.br	1 redirects
1	creative.prf.hn	www.cidadesdomeubrasil.com.br
1	maps.google.com	1 redirects
417	65

This site contains links to these domains. Also see Links.

Domain
reservas.cidadesdomeubrasil.com.br
pt.wikipedia.org
www.travelpayouts.com
prf.hn
refpa.top

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-23` - `2022-06-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.prf.hn Sectigo RSA Organization Validation Secure Server CA	`2020-09-10` - `2021-10-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.confidencecambio.com.br SSL Blindado 2	`2020-03-16` - `2022-03-25`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-11-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.travelpayouts.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-02` - `2022-02-07`	2 years	crt.sh
*.joinads.me R3	`2021-07-09` - `2021-10-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.execute-api.sa-east-1.amazonaws.com Amazon	`2020-08-30` - `2021-09-29`	a year	crt.sh
avsplow.com R3	`2021-06-09` - `2021-09-07`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 52 frames:

Primary Page: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Frame ID: 166128890A3268D3481E368F59CAE29D
Requests: 99 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
Frame ID: D1EC4318BD85090BA44DAACF229406DA
Requests: 61 HTTP requests in this frame

Frame: https://www.confidencecambio.com.br/widgets-de-cambio/iframe?moedas=29,35,57&titulo=Simulador%20de%20C%C3%A2mbio&tipo-link=partnerize&partnerize-url=https://prf.hn/click/camref:1011ljirQ/creativeref:1101l45971adref:widget
Frame ID: 9AB6388F370C230044F02CBB5FEC4294
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FCidades-do-meu-Brasil%2F271585396301444&width=292&height=258&show_faces=true&colorscheme=light&stream=false&border_color&header=false
Frame ID: C2971519832C31D3BAC6C40EF2EDE64B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html
Frame ID: 41F8FCE80330FE69D114D8410DB7D59A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&adk=1812271804&adf=3025194257&lmt=1625887313&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313557&bpp=3&bdt=2852&idt=206&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8214577081489&frm=20&pv=2&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=224
Frame ID: C83CF9DEFCB70D09F1AF126F22E55911
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=90&slotname=9119378610&adk=4157693590&adf=1383187424&pi=t.ma~as.9119378610&w=728&lmt=1625887313&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313575&bpp=1&bdt=2870&idt=236&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=388&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ycVU8qR4we&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=240
Frame ID: B90AD0C09BA97D8B852E02D029C55E60
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=3130314307&adf=3677727824&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313577&bpp=1&bdt=2872&idt=246&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=292&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dHzeZUgcPk&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=248
Frame ID: 294ED7964AF73732CF152C5B4406EDD3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3947194937&adf=1087937930&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313578&bpp=1&bdt=2874&idt=256&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QmLCTSO3P7&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=258
Frame ID: 7DC9254049FF7371F63E30FC3CD76E8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=200&slotname=1775434107&adk=1558114524&adf=662687453&pi=t.ma~as.1775434107&w=920&fwrn=4&lmt=1625887313&rafmt=11&psa=0&format=920x200&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313578&bpp=1&bdt=2873&idt=279&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=292&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=UYXDUAbGp8&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=283
Frame ID: FB168BD07A87754ED2BC8CA7C9C28CBB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=200&slotname=1775434107&adk=2844375598&adf=4294484034&pi=t.ma~as.1775434107&w=940&fwrn=4&lmt=1625887313&rafmt=11&psa=0&format=940x200&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313580&bpp=1&bdt=2875&idt=287&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=2776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=Pokf3BPrJN&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=290
Frame ID: 60E51D9BB8DE4429AC73E9024B37529E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=3837193198&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313580&bpp=1&bdt=2876&idt=310&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=KMta5S0Ld1&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=312
Frame ID: 6087D29022284D6D6BE32546B489EBCE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3170137852&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=322&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=VXUdv8GzS6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=325
Frame ID: 5665F42890C8A1F356B413EAB01B89A7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337
Frame ID: D46F8B98F883A5D32146557477223182
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357
Frame ID: AE34F4A834686E6FE4C8824A0953805F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=600&slotname=2468660611&adk=2950433520&adf=4179601936&pi=t.ma~as.2468660611&w=252&fwrn=4&fwrnh=100&lmt=1625887314&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313584&bpp=1&bdt=2879&idt=445&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=1178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=j20iFPIdM7&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=448
Frame ID: DC5DCBAF1599864C3BD2DB0C43A33FA7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=144105479005126&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df42936ae731cc%26domain%3Dwww.cidadesdomeubrasil.com.br%26origin%3Dhttps%253A%252F%252Fwww.cidadesdomeubrasil.com.br%252Ff2bb6b7647268fc%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&layout=button_count&locale=pt_BR&sdk=joey&send=false&share=false&show_faces=false&width=90
Frame ID: 6F70487B83724C3CBD560130ED5452F3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=144105479005126&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fa67c77a5fecc%26domain%3Dwww.cidadesdomeubrasil.com.br%26origin%3Dhttps%253A%252F%252Fwww.cidadesdomeubrasil.com.br%252Ff2bb6b7647268fc%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&layout=button_count&locale=pt_BR&sdk=joey&send=false&share=false&show_faces=false&width=90
Frame ID: 71832865F9FE9E1AF88CCDCF52BDC059
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B0CE65957D9C744ACA08BCC52FF57422
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E9855EFC15E7EB28F04E9EA4249FEF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=600&slotname=1571090610&adk=3450609554&adf=608075586&pi=t.ma~as.1571090610&w=300&lmt=1625887314&psa=0&format=300x600&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313585&bpp=1&bdt=2880&idt=485&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250%2C300x250%2C252x600&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1266&ady=950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&fsb=1&xpc=12e2q34JVR&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=493
Frame ID: 75D2D96D1024D55E3F3A7261F4DE620A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/comments.php?app_id=144105479005126&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1639754d5e6d38%26domain%3Dwww.cidadesdomeubrasil.com.br%26origin%3Dhttps%253A%252F%252Fwww.cidadesdomeubrasil.com.br%252Ff2bb6b7647268fc%26relation%3Dparent.parent&container_width=940&height=100&href=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&locale=pt_BR&numposts=6&sdk=joey&version=v3.2&width=550
Frame ID: 1E744370C98826CB3BAD4D756E59A440
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1hcqesd7mr9tf8d9qn3yxbc6pr55q5jf5edyzzds77e2db354xfnsgkcc3qk22q7vgf7w6hzz7jaaqyt406zn5rsx91hpn01xjrvr9q6bb7z4jg59t23cn019djrknr8v8c5wyy5c4820b11q5p7dh93ppmvvf9ba48vf1e0cs57m3j6fv9y5p1xzk7j9p619yf1y0z50yzr6kzhq4s7zam0cwxwc7ck3za6d1n4g3cv6s7bfe8ytwtbgz2wawyqf7nrndsp31ryc0dtz9q4kc97ajffg7fw9at80889jwksdckxn1safkv114f8aj1p61fy4vj2hprc3zgb01aa7a5qh1fk3wn0w3287kzchhdfg180kzpfhph0ypvam&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%26client%3Dca-pub-3064385439319244%26adurl%3D
Frame ID: A78189E5A8F4DA3C0D363B2D542C3ACE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 564C70ADF16B746FC78BC9C635F5ADFC
Requests: 9 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br
Frame ID: 8891803AACE863463CCC1E8E189B5D03
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1gtga6fe7w3ty1pe0j4ecvtaatrs4f7e17jwsxp2j5x0efr7hwbkp3ktazs7dqy13mbeya7k9y9vatjtehczmrvg7zck0mj5j8mskn5gvn4h0wsekfpx1bzfs6p6zygbh314fgr11t13jt59sndra8hpsbrd0n74bchjtv3jmw46qmthfmsmmmbesm0egfha03cn2xs21gpy0kwbjf8nv7fcmrt23xzdrkerzht6jypqpyp7g37ch5vbgnkjz30p29jhkdvc7ewa207ba8gb3k49wshbhajtk0tpd0jcjds3r9fx2thf4vpqq1rp5pf4mze2azbdbgc375fbq5sgr2bd8189ypggjkxcgn75g04ztkk9eg0yr5y4x6ytg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%26client%3Dca-pub-3064385439319244%26adurl%3D
Frame ID: D2CC3FB9D452BE4FB30EF4EC988D14CA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6FD75D2B542E1AB9DEAEE2E693D0C128
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1j9escr7s46t7wyf3g3ywkhek8yst8hvw872szxnzb9yd0j48rbrax4zyv9mj4thx1bra7r26frc6rbjhq4vf5wpqhaf5zhkj54q3mswcftfdr5bkat72ya6t1nzecy7vx6zpnmdg5taxh4rdnm6hpemnmmpvd8jaafhz7pzs1dhhmaafa2529sqnr9gzbdyhmhzwac1ww2xgx2z05tztbhj5e3xqrd5cs6t4m1drz2y219m4t3kj8bts65rbawmy1b3mtb20yp1qkf8nb3e3ryyzntmkwpfxhg43847dep2qmn8q2gxd6rtzp7vef8bavx8afjbasezsycb5c7sbywd3mcdw4bz4w5a92ty1486saf440hm7mntraq18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%26client%3Dca-pub-3064385439319244%26adurl%3D
Frame ID: 21412D92BBB584814E469A754D62FB12
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0564979888736CFB9D8AE3C5CB341F60
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1g8h5c0r91bd3cdfghfddzpez12da6fcwtgv7mkjb6dz5fmgvswv8cgh78nkqh2gv18fzqe4820ry3qntmx5zb01wrrh2tqr57a0pst215bysjjw8dn6w7p5fvez14nkby3an2q2qcc948c8bpbq0vv4qw8rzgtn3197jrrawjdamyphew3346yw827nyq2b6kwkvhcfv97jtgcm2emdmzx59t3c7pw22vaqb5k35f7zmkzpk4a7x80xd2awvh6d0df92penapeyyx2h5wt3dfrdhnbh7g813jcgd72xkkvz2zmgwsprecmecd56pakwp959bmkmpmdyjnphmfdawd9cyd2g3p79wphq61602yk58480ar8swmpwcht2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%26client%3Dca-pub-3064385439319244%26adurl%3D
Frame ID: 66D52A9DA6B36F05A6130EF9C1B36BF2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AC900E9518E21E65A94692404CBE62F4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CSgJ5UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgTxAU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCDD0tsd-Wq7_8T5F-2ye_h5JvKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi0zMDY0Mzg1NDM5MzE5MjQ0&sigh=T6HVKP2zfkY
Frame ID: A98B98C411423E7B17C129F0ADFF4211
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1j983aqz7m2ds6vgg64wra5wydpq7ezrheh6gsh2c09zk2jaypgt74xccyyadgvqwgyx1hkanz5rxnygaqbdw1b8vw16z9km8wbzsr5s8mwttksgm4n3g3ah7szyzkafts8wv8fs2jeb8n4df44rmesy5cvhab4z186vqgfr2e8v6eqg0kzy7e49z4j86c08nfp236zn2v3rgh17s8ppt6ssmxw0zcb6bw2kcaqde44r7mfveza9f3ctkeres21y6vjkvznyecvzjggwbrjszze304rysbmefjrj57paz7dm2ebqhe1sy0ma3q80fvjpq3vwg657zp1mfsnrzh9bzq4xtwx3v2aamd4hax87erc6hxrsb4nby7b546j5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%26client%3Dca-pub-3064385439319244%26adurl%3D
Frame ID: DFA2D4C111410193A52EE72347ABCC40
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7C4AD3B83D8619BCD7BB01609D984677
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CQms9UhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgTxAU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb43mLNIWaFjgmmf2QnfOEP8VcE-ABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi0zMDY0Mzg1NDM5MzE5MjQ0&sigh=RLFON4S0dlY
Frame ID: 1A6AF95FADC4DFB097011EA0F731FA3D
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1ksh4e91vg2y7647pp5za351ny33my3yv03gq5yk2232c3hvxj4s0je565bev9he19d34c20f7xxdmsss3gwnx8h4e1g9zv126gv0qmdmyv1smr8zwgb75hnmvcnbj7atzv4tjtfva7k99m0fmm6hbsx04zq25dtvsentrmekvjhj9tzs0fjcc2y05wgj5y0yvtv1fp0947bs5et55mwd3d553g4k8d8fy9xrr9a3ta0t09gsjpp68h8aajh1th86mpds2pwnh59z12cv4pzcyzvwhr7dqxv589n8xfmwhje9zbk2fjbvgmy9nyntp5gjgxam7ftrgbsqxtq7t0x09tcgb8ws1rrwmc2g9hz9pgeqb5c770mqjj6zckwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%26client%3Dca-pub-3064385439319244%26adurl%3D
Frame ID: D8723F2DC4DD5DE5115DF652A2A1A7D0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2FCD66C479BA9EBEA4DEC0A1F2B51947
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F11C876ABBF16660B88E6B63447422C0
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F1CB3A3DD343F08B360CFDC1B61FD10D
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1CDD244B32AAB851C6F8334CE50A441C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 703CD00DD12F373051AE7A2E48F33097
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C418BF432E429C2AA957EE13C801E8BE
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: DE244B79A30A87EF1FCA400212EBE708
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.pt.html
Frame ID: 6A8C004E5BD8B1C8CC75FD1F2CCC3DB7
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.pt.html
Frame ID: 636B176ED22D288D97DC334F9954C3AF
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0
Frame ID: 50A34B7CAF0276E0E4FD2F6807498770
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Frame ID: 649C3BEC53FF72F5869A39A2CFE6DC44
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Frame ID: FEC4C7DD2638441AFE10280D592F2542
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Frame ID: D983FE8FC91A646C29D1972C20961720
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Frame ID: 086185F92E4EF631315E121688E571C8
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Frame ID: 7AAD096268C71C5C15032C8D6826F037
Requests: 16 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 61622731AA71426B1AACB6203C57C396
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.cidadesdomeubrasil.com.br/sc/novo_horizonte HTTP 301
https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

417
Requests

99 %
HTTPS

61 %
IPv6

41
Domains

65
Subdomains

58
IPs

8
Countries

9644 kB
Transfer

15992 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://reservas.cidadesdomeubrasil.com.br/
Title: Hoteis & Passagens Aéreas

Search URL Search Domain Scan URL

URL: https://pt.wikipedia.org/wiki/C%C3%B3digo_de_Endere%C3%A7amento_Postal
Title: CEP

Search URL Search Domain Scan URL

URL: https://www.travelpayouts.com/?marker=161378.poweredby&utm_source=powered_by&utm_medium=widget&utm_campaign=mewtwo

Search URL Search Domain Scan URL

URL: https://prf.hn/click/camref:1011ljirQ/creativeref:1101l45971

Search URL Search Domain Scan URL

URL: http://refpa.top/L?tag=d_916905m_97c__[]general[]_d46514_l42774_banner&site=916905&ad=97

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.cidadesdomeubrasil.com.br/sc/novo_horizonte HTTP 301
https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://maps.google.com/maps?t=h&hl=pt&ie=UTF8&ll=-26.44780,-52.83128&spn=0.012092,0.021415&z=13&output=embed HTTP 301
https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt

Request Chain 8

https://cidadesdomeubrasil.com.br/img/Brazil_3_sports_728x90_BR.gif HTTP 301
https://www.cidadesdomeubrasil.com.br/img/Brazil_3_sports_728x90_BR.gif

Request Chain 113

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%22608be9013ab7ea0f59c580a6584faef7%22%2C%22trace_id%22%3A%22Zzd51e76ef66a14bb4bea4e12-161378%22%2C%22promo_id%22%3A%224239%22%7D%7D%5D%7D HTTP 302
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22608be9013ab7ea0f59c580a6584faef7%22,%22trace_id%22:%22Zzd51e76ef66a14bb4bea4e12-161378%22,%22promo_id%22:%224239%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web

Request Chain 231

https://d.agkn.com/pixel/2175/?google_gid=CAESEMkjlICfYCKLiEwe5XR3Fh8&google_cver=1&google_push=AYg5qPJQfUEBc6rJ9FCcOsPg8bwiIUkhechkOLwhN8W0xafD8yNfS_CZjuigpvxEJehgMzopSUcvqWizGRkpXTBW_nk7Yp-oqqyf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJQfUEBc6rJ9FCcOsPg8bwiIUkhechkOLwhN8W0xafD8yNfS_CZjuigpvxEJehgMzopSUcvqWizGRkpXTBW_nk7Yp-oqqyf&google_hm=Q0FFU0VNa2psSUNmWUNLTGlFd2U1WFIzRmg4

Request Chain 232

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIISCsJdJZW9vUJid97XhuzXdwi3_nkzztdJ1p-H06YZ-elFgPtTMVYwkAOpL_yhwuAE3xU7K6rpLBmFD9DaLR9xJ7wff1m&google_gid=CAESENDzpQi3Hz45r_JmhCV08Y4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIISCsJdJZW9vUJid97XhuzXdwi3_nkzztdJ1p-H06YZ-elFgPtTMVYwkAOpL_yhwuAE3xU7K6rpLBmFD9DaLR9xJ7wff1m&google_gid=CAESENDzpQi3Hz45r_JmhCV08Y4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMzIxNTQwMDA2MjA0NzQ4NDcxMA%3D%3D&google_push=AYg5qPIISCsJdJZW9vUJid97XhuzXdwi3_nkzztdJ1p-H06YZ-elFgPtTMVYwkAOpL_yhwuAE3xU7K6rpLBmFD9DaLR9xJ7wff1m

Request Chain 233

https://rtb.openx.net/sync/dds?google_gid=CAESEA13_ygMH2U3AwXT2nz09MM&google_cver=1&google_push=AYg5qPIJjnIk5UmoQlyrp_yZYtshdfaQJS-43VqsGxYtGDpCXHykKUvX9CiJ4sKKAnM-nV3ysQxCkq7spZYRJWcS1chZEfoX8tQ HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEA13_ygMH2U3AwXT2nz09MM&google_cver=1&google_push=AYg5qPIJjnIk5UmoQlyrp_yZYtshdfaQJS-43VqsGxYtGDpCXHykKUvX9CiJ4sKKAnM-nV3ysQxCkq7spZYRJWcS1chZEfoX8tQ&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIJjnIk5UmoQlyrp_yZYtshdfaQJS-43VqsGxYtGDpCXHykKUvX9CiJ4sKKAnM-nV3ysQxCkq7spZYRJWcS1chZEfoX8tQ&google_hm=uTB1K3cmyfUUUNYxoGOpRA==

Request Chain 234

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENi0oUVTVS3NaLGVh7ysmUA&google_cver=1&google_push=AYg5qPIew5EiUlsbZRh0k3Zmy7604XxG7P7JVfcR028pu_4BlWUaq_KizgXgG4YRPmlf73A_SL9UoBxIWB-enqP4aWHe9itGLcqB HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENi0oUVTVS3NaLGVh7ysmUA&google_cver=1&google_push=AYg5qPIew5EiUlsbZRh0k3Zmy7604XxG7P7JVfcR028pu_4BlWUaq_KizgXgG4YRPmlf73A_SL9UoBxIWB-enqP4aWHe9itGLcqB&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HejEkUOXQeO-Vk093eIWfg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIew5EiUlsbZRh0k3Zmy7604XxG7P7JVfcR028pu_4BlWUaq_KizgXgG4YRPmlf73A_SL9UoBxIWB-enqP4aWHe9itGLcqB

Request Chain 235

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJJ-DZuWAqoSjciTjqHR-FI&google_cver=1&google_push=AYg5qPLsh9H3fzzADAgsVAIIlORjhCXme3i04D3FIWwps2wFphB2aFmX8pSzSYRfdGnENyI1_XWQ1z7fGCY_8unQL7FBEdnafRw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTVkwtMUQtSzlGSA==&google_push=AYg5qPLsh9H3fzzADAgsVAIIlORjhCXme3i04D3FIWwps2wFphB2aFmX8pSzSYRfdGnENyI1_XWQ1z7fGCY_8unQL7FBEdnafRw0

Request Chain 236

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1

Request Chain 247

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGyBz3zuQzwWNo-Clxw0ujc&google_cver=1&google_push=AYg5qPK-1doefb8x3hbomrRxMNUDqAn7NUAMLpTThI34WlIGE0R2D8KQ5tz_KqDAG26ieJ-S8TcTOL34yxVHM7_Bl2xdLQ7duZlSIQ HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK-1doefb8x3hbomrRxMNUDqAn7NUAMLpTThI34WlIGE0R2D8KQ5tz_KqDAG26ieJ-S8TcTOL34yxVHM7_Bl2xdLQ7duZlSIQ&google_hm=6D3sjouUuaRS70fDGQB3CQ

Request Chain 249

https://rtb.openx.net/sync/dds?google_gid=CAESEC912GEHYkSIL5BHqRg4NkU&google_cver=1&google_push=AYg5qPK0z0SFoc8eDVDUUAe6orQuYK5lEnMb85MYH9EKy4byWloY011uj1ENq2xGFytngdYJLFG5RCXqNpyN4mRxGMGMkbfzy__HOA HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEC912GEHYkSIL5BHqRg4NkU&google_cver=1&google_push=AYg5qPK0z0SFoc8eDVDUUAe6orQuYK5lEnMb85MYH9EKy4byWloY011uj1ENq2xGFytngdYJLFG5RCXqNpyN4mRxGMGMkbfzy__HOA&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK0z0SFoc8eDVDUUAe6orQuYK5lEnMb85MYH9EKy4byWloY011uj1ENq2xGFytngdYJLFG5RCXqNpyN4mRxGMGMkbfzy__HOA&google_hm=uTB1K3cmyfUUUNYxoGOpRA==

Request Chain 250

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPPMRVtjlFs5IFpkGCRMRC4&google_cver=1&google_push=AYg5qPLJxju_oa3WgLFUQY-cx4rAt8e4a7byOARXWlRPlWIWFtKf7GIcIWPZG8IGQ3LZhvX-N1VIGQm3aZ1U1wQOCvVFLqsESaVrUg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPPMRVtjlFs5IFpkGCRMRC4&google_cver=1&google_push=AYg5qPLJxju_oa3WgLFUQY-cx4rAt8e4a7byOARXWlRPlWIWFtKf7GIcIWPZG8IGQ3LZhvX-N1VIGQm3aZ1U1wQOCvVFLqsESaVrUg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TFTAhjEWRr64FrYj3mKvKQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLJxju_oa3WgLFUQY-cx4rAt8e4a7byOARXWlRPlWIWFtKf7GIcIWPZG8IGQ3LZhvX-N1VIGQm3aZ1U1wQOCvVFLqsESaVrUg

Request Chain 251

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC-CcKcYiPybVeXtnoQkc4A&google_cver=1&google_push=AYg5qPJ4P6kKbuTHLnNcpJAeEUd8CsCkU0WgZ7daNyd3LAMsTX0D1xawzdfjBlOFyz5uUZtDVIqrJxu4-f6qJ5m_BcIMT3EeZX4mXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTV0stMVotQVVHWA==&google_push=AYg5qPJ4P6kKbuTHLnNcpJAeEUd8CsCkU0WgZ7daNyd3LAMsTX0D1xawzdfjBlOFyz5uUZtDVIqrJxu4-f6qJ5m_BcIMT3EeZX4mXA

Request Chain 252

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ

Request Chain 253

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDjZm9uJgj9q7aiu5EovSsw&google_cver=1&google_push=AYg5qPJgulwRc5iXzI4U339wfsQUrcRpTobAF717e7HmARFuHnoZXmrXFWrMW2WNqkZwWTrKQcM7DNLFpuvqv09BKwzmOHtoyWP_Z48 HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJgulwRc5iXzI4U339wfsQUrcRpTobAF717e7HmARFuHnoZXmrXFWrMW2WNqkZwWTrKQcM7DNLFpuvqv09BKwzmOHtoyWP_Z48&google_hm=

Request Chain 256

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJBZZ7rFN7iYzTbAS6p0W4A&google_cver=1&google_push=AYg5qPKzti4OdKW3cCghs3BPXPl_o2lFmc48w1tJprnWvmigZlMlfONkXuNZ6htW3jxNI2DfaOP5o9ajDb33ZQqYu9fshuyBSTCt HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKzti4OdKW3cCghs3BPXPl_o2lFmc48w1tJprnWvmigZlMlfONkXuNZ6htW3jxNI2DfaOP5o9ajDb33ZQqYu9fshuyBSTCt&google_hm=6D3sjouUuaRS70fDGQB3CQ

Request Chain 257

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIOzjAStUCsiMnbjzuHtAgz-yixffNIWbXNqYV9x9De90mqdk_K9AtqQGO3q9TmwG008G6yX8_RuXZNSC0cza7TtzTeJxQ3&google_gid=CAESEFZG8pAMlWAubt5Lrda9Lm4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIOzjAStUCsiMnbjzuHtAgz-yixffNIWbXNqYV9x9De90mqdk_K9AtqQGO3q9TmwG008G6yX8_RuXZNSC0cza7TtzTeJxQ3&google_gid=CAESEFZG8pAMlWAubt5Lrda9Lm4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMzIxNTQwMDA4NTk5NDg3NTI1OA%3D%3D&google_push=AYg5qPIOzjAStUCsiMnbjzuHtAgz-yixffNIWbXNqYV9x9De90mqdk_K9AtqQGO3q9TmwG008G6yX8_RuXZNSC0cza7TtzTeJxQ3

Request Chain 258

https://rtb.openx.net/sync/dds?google_gid=CAESEGPE_e2Epw3cayDRHdtwAgY&google_cver=1&google_push=AYg5qPKQpF6ctnOZwBybDAOhDI4wKGZkJuP7_HL6GDa7VyNVltwnK2Pcv3-lcTppM_BOmskv9QG0K3SwN3UQFvOsidhiTPAZNLyLWw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKQpF6ctnOZwBybDAOhDI4wKGZkJuP7_HL6GDa7VyNVltwnK2Pcv3-lcTppM_BOmskv9QG0K3SwN3UQFvOsidhiTPAZNLyLWw&google_hm=4DpWzDk0xb82y4iy4AC9Uw==

Request Chain 259

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHFfRUeR-qnHj32eKnKNDYo&google_cver=1&google_push=AYg5qPLYxTW403CJ8nbGg6GblUryOVhE9cwGE6_TleFx5ETeiIBnaOTGR8XCDLpK8OU1T_WlF-hSQ-pEqPBYUGp-Y0-vHxuyt41cxQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHFfRUeR-qnHj32eKnKNDYo&google_cver=1&google_push=AYg5qPLYxTW403CJ8nbGg6GblUryOVhE9cwGE6_TleFx5ETeiIBnaOTGR8XCDLpK8OU1T_WlF-hSQ-pEqPBYUGp-Y0-vHxuyt41cxQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YOoQfDUKTvO4ZOriv7qi-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLYxTW403CJ8nbGg6GblUryOVhE9cwGE6_TleFx5ETeiIBnaOTGR8XCDLpK8OU1T_WlF-hSQ-pEqPBYUGp-Y0-vHxuyt41cxQ

Request Chain 260

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMZQz0uN0rja8sF8kJMS-zA&google_cver=1&google_push=AYg5qPJ3Mjq79AVDgXbfRnE4ZYbbjknaxwFT7c1by5I7Jk3eOYMzfvIAzEy0Sv6TL_b26d4hUtZE1AReWDaSpraow0ClbV29KDMYEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTV1MtWS1HRkk0&google_push=AYg5qPJ3Mjq79AVDgXbfRnE4ZYbbjknaxwFT7c1by5I7Jk3eOYMzfvIAzEy0Sv6TL_b26d4hUtZE1AReWDaSpraow0ClbV29KDMYEw

Request Chain 261

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI&google_cver=1&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI

Request Chain 275

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAmT5KUma21IedPm9AMU958&google_cver=1&google_push=AYg5qPLluEorXNcDk72EBf-R_TVvJUwoOuZ5anayJQux_tXs3Vf_52KGJkt1_TACXj-vZsq-5GW_VUp4dy59xp2YvIpVtH-zuz5S HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLluEorXNcDk72EBf-R_TVvJUwoOuZ5anayJQux_tXs3Vf_52KGJkt1_TACXj-vZsq-5GW_VUp4dy59xp2YvIpVtH-zuz5S&google_hm=6D3sjouUuaRS70fDGQB3CQ

Request Chain 276

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLmQ03wT_XA1hPlAjIrIe7xw4oRUKhIzAQf3r3kEOIkKpvUDEkAW7eQgsggZM_vASNC1xHffu2PBFeZ2246WKDD2EwfHNo3&google_gid=CAESECJ-u2rZ3X80jVvHHmwYRSk&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNKkpIcGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMbVEwM3dUX1hBMWhQbEFqSXJJZTd4dzRvUlVLaEl6QVFmM3Iza0VPSWtLcHZVREVrQVc3ZVFnc2dnWk1fdkFTTkMxeEhmZnUyUEJGZVoyMjQ2V0tERDJFd2ZITm8z HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWWlNYml1aWlSODRsME9jdDV2WVJVME8xSnh0T3NZZVJOck1RNmROSlRlRQ==&google_push

Request Chain 278

https://rtb.openx.net/sync/dds?google_gid=CAESEP6z-S21V-IFbllt93KORN0&google_cver=1&google_push=AYg5qPIumqI1VCndt7kqnEq-NwjVqEv9zmoTcJSSvxtyxIlFPuzZvEkRUrzpMy3i3EPNQ-j2BP99Twd_G0rKJ8ipgSBjKTE53F7X HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIumqI1VCndt7kqnEq-NwjVqEv9zmoTcJSSvxtyxIlFPuzZvEkRUrzpMy3i3EPNQ-j2BP99Twd_G0rKJ8ipgSBjKTE53F7X&google_hm=uTB1K3cmyfUUUNYxoGOpRA==

Request Chain 279

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBJqjvleo-OaYmTFKoliWHA&google_cver=1&google_push=AYg5qPJ3pDSDQ9R3bjJm60Fl_OuRPm13-9RGw4Zfic9ovVnu_UKQjfMHHENB9paLbg1egoWOuPnkafQohbem3cjY7pNZ9cmcogw1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YOoQfDUKTvO4ZOriv7qi-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ3pDSDQ9R3bjJm60Fl_OuRPm13-9RGw4Zfic9ovVnu_UKQjfMHHENB9paLbg1egoWOuPnkafQohbem3cjY7pNZ9cmcogw1

Request Chain 280

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBq_MUOIID6VefjC_osg-Ec&google_cver=1&google_push=AYg5qPLu3wlmrGB1gh4jewZnf3MrREdwXdHvr471hV8KGiJ3d4OgbojKIi94vSkSRBBUz6Va2rwb5-bxyiVZaMzlbrS0GokrDw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTWVktMTItSDQ0Qg==&google_push=AYg5qPLu3wlmrGB1gh4jewZnf3MrREdwXdHvr471hV8KGiJ3d4OgbojKIi94vSkSRBBUz6Va2rwb5-bxyiVZaMzlbrS0GokrDw

Request Chain 281

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0&google_cver=1&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0

Request Chain 294

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJBZZ7rFN7iYzTbAS6p0W4A&google_cver=1&google_push=AYg5qPI_hucUOv13ekUu8Jj438KvKiIrSZwWgqWByNdgwmYdjQE4ra-dGDF1YRgKer8dx2exfjacPLvZrViNtql2lTVJmeWsW7EC HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI_hucUOv13ekUu8Jj438KvKiIrSZwWgqWByNdgwmYdjQE4ra-dGDF1YRgKer8dx2exfjacPLvZrViNtql2lTVJmeWsW7EC&google_hm=6D3sjouUuaRS70fDGQB3CQ

Request Chain 295

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIjFn5zJu7Z3qh26-wIDZLESsu2_ReWETaCdKH8rD1lA_R_nW9Y1GHluxeBiodkBCLMWPGirH9Rpo6o3_yB7BOveKeiYL4&google_gid=CAESED-jBVIbdaMbAWL9NTMltt8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9rU1VnQUFBUmtqY0RoRg&google_push=AYg5qPIjFn5zJu7Z3qh26-wIDZLESsu2_ReWETaCdKH8rD1lA_R_nW9Y1GHluxeBiodkBCLMWPGirH9Rpo6o3_yB7BOveKeiYL4

Request Chain 296

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIKwWNtZM6lxikfv5QkiTeA7Xyjjy2q_Oy3BYtfOEyaGWFD_460I0J5mbHSK1JuK4mDmHLqNgRpwq7Eae-Dv1eOIIJf1PxD&google_gid=CAESEFZG8pAMlWAubt5Lrda9Lm4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMzIxNTQwMDA1MzA4NDI1NzQ4OQ%3D%3D&google_push=AYg5qPIKwWNtZM6lxikfv5QkiTeA7Xyjjy2q_Oy3BYtfOEyaGWFD_460I0J5mbHSK1JuK4mDmHLqNgRpwq7Eae-Dv1eOIIJf1PxD

Request Chain 297

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHFfRUeR-qnHj32eKnKNDYo&google_cver=1&google_push=AYg5qPKQbu7aWKYc5Y2xrsl_mYhfNHxt6MstfhzvnkN9s0Ma44QcbiEAZdPJ8u6Z3hoDpdYfBNgCwoAnRkYN9jxwFhwbWznHWFE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YOoQfDUKTvO4ZOriv7qi-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKQbu7aWKYc5Y2xrsl_mYhfNHxt6MstfhzvnkN9s0Ma44QcbiEAZdPJ8u6Z3hoDpdYfBNgCwoAnRkYN9jxwFhwbWznHWFE

Request Chain 298

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMZQz0uN0rja8sF8kJMS-zA&google_cver=1&google_push=AYg5qPJF0u1nK6QnzC8UIOzVEmBvjUZzrrNWiYLxNaOLvb4g0FMJpf2mKqFim3CgxEJ4gLO4RYAQgiiD1yg2IF-6LQdi78GwBa-x HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JUMUItVy1BNzk3&google_push=AYg5qPJF0u1nK6QnzC8UIOzVEmBvjUZzrrNWiYLxNaOLvb4g0FMJpf2mKqFim3CgxEJ4gLO4RYAQgiiD1yg2IF-6LQdi78GwBa-x

Request Chain 299

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHY34pyQyVO_jRjeAVYevvg&google_cver=1&google_push=AYg5qPK7PA1Xzhc5NzJFek6iUR7HQ1opmtKUamdS9rGA1hSL6mv2CT54ln0bUTOB_xbaG7VDlnfBMCt9Ww8_SG_xpVnaAamtuXpK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPK7PA1Xzhc5NzJFek6iUR7HQ1opmtKUamdS9rGA1hSL6mv2CT54ln0bUTOB_xbaG7VDlnfBMCt9Ww8_SG_xpVnaAamtuXpK&google_hm=gH_lac4lS_m1so6KLKggFw

Request Chain 300

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDFSkHEkbgikWJf7v83B33Y&google_cver=1&google_push=AYg5qPJeZzxp8-vYiAyt8_6X7KElhnZvLL3M8lb3sMyBOeRHc7ILTCGiEdDiv6YKGVJerKkGitKnGu0_hVCMaSQr56XigZ5JGMhNkQ HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJeZzxp8-vYiAyt8_6X7KElhnZvLL3M8lb3sMyBOeRHc7ILTCGiEdDiv6YKGVJerKkGitKnGu0_hVCMaSQr56XigZ5JGMhNkQ&google_hm=

Request Chain 371

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

417 HTTP transactions
25 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request novo_horizonte Show response
www.cidadesdomeubrasil.com.br/sc/
Redirect Chain

http://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

80 KB
20 KB

2760ms
2743ms

Document
text/html

2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.27
Resource Hash: c3d51a1715f24f92931d3943e76ef6497699eae9416a56a041e15767c40da15b

Request headers

:method: GET
:authority: www.cidadesdomeubrasil.com.br
:scheme: https
:path: /sc/novo_horizonte
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
vary: Accept-Encoding,User-Agent
referrer-policy
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KeMnxdi8k4DnJDzXIoajPsJYyS2Dc8gLQkoHl%2Fli5YVuUNCKT0qPjIeOy1Cb1HlzhiWjvf7BmEtD3Ylak2nPqmCm0spBJObuqo7MPl%2BXGoJqrxmLFqpgZaFj9eobEhSsQi2Yue5FhRvDR6plKFNTX%2FHGJe06cjY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66c6a9faceb6c290-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Sat, 10 Jul 2021 03:21:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 10 Jul 2021 04:21:47 GMT
Location: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
cf-request-id: 0b3008909a00004a7fb408d000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u4G9wrmws9iHSlvSCP4jsgtsj48eoj0prkj5DrYHAu4rx8rl3oGoulYEwJEjj2yi27x6SVsOcOthZfGGo5uNQdpIkW1NR%2Fhpca5w5qOPfjGkDes8SbWc44IysDixfg90GMRf2ASE0UmQpbUjQqLjN5YrB3GNVzQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 66c6a9fa99544a7f-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 logo.png
www.cidadesdomeubrasil.com.br/img/ 23 KB
24 KB 23ms
11ms Image
image/png 2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cidadesdomeubrasil.com.br/img/logo.png
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b214b1960b294d5c4044229402ee812c39e60f148adb6ccbe8d7beeb95e339fa

Request headers

:path: /img/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6601715
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23977
referrer-policy
last-modified: Mon, 24 Aug 2015 22:30:56 GMT
server: cloudflare
etag: "9923297-5da9-51e162bc50800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kczrGfQDb7iXvQuduNarBBl1nZZ1J72M9EIwwDYRDqmplvO4d7hiVQrTzxtcaPDhOKvyPorO3gllWNKsKi4gc%2Bb%2B%2BR8wuMhkCIve5r4lrzNVXMC6SRZbEjFchcArNgNqRNrSx92Mewm8ZIcRBaLk8o4DwiAhfi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66c6aa0c09c64ed9-FRA
expires: Sun, 24 Apr 2022 17:33:15 GMT

GET
H3-29 200 img.php
www.cidadesdomeubrasil.com.br/ 589 B
1 KB 641ms
630ms Image
image/png 2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cidadesdomeubrasil.com.br/img.php?jpg=Tm92byBIb3Jpem9udGU=
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.27
Resource Hash: 3f019692d116d705c8dd2b46201276f31c0963caab069da0a789f10935e6be17

Request headers

:path: /img.php?jpg=Tm92byBIb3Jpem9udGU=
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
referrer-policy
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.27
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EWvbElDVKQ%2BtqjWhC%2BvylrxtA9IW%2BkgOuvxhr7%2FbhslJCswdEmbHGr88ghi1qj9VIKlmaQx3nYO6E1WQ%2BP0KKvmQeqz0J17%2Ff3IYzpQiFaspzT9HxAz7wvLQ0Lk%2BFF9AwHZncUM8evWIl9v%2Bh0SbsNbOLdXArB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
cf-ray: 66c6aa0c09c74ed9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Sat, 10 Jul 2021 11:21:51 GMT

GET
H3-29 200 cartorios.jpg
www.cidadesdomeubrasil.com.br/img/ 8 KB
9 KB 27ms
18ms Image
image/jpeg 2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cidadesdomeubrasil.com.br/img/cartorios.jpg
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adb620ee37c3d37a2917a61950a2ec321a905b5a8d1aa96ea78a45c69bea0f6a

Request headers

:path: /img/cartorios.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6440217
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8692
referrer-policy
last-modified: Tue, 13 Jan 2015 23:11:02 GMT
server: cloudflare
etag: "9923280-21f4-50c90bc910d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Pdd2YbF1fmrl3C2P3usZNr8cY09VzCnT%2BYW3PHS37ShfMr3mYEYbUwfJvzb2rJj%2FBFc29ocZhftzgaRP9AI73pf1crc0ziHuv1w9qky7Bo%2BHW527S6X7%2FCfRT2JATfLOxEybTIFNGqUskzK8LkdRNpib0xD5%2BJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66c6aa0c09c54ed9-FRA
expires: Tue, 26 Apr 2022 14:24:53 GMT

GET
H3-29 200 hospitais.jpg
www.cidadesdomeubrasil.com.br/img/ 10 KB
10 KB 26ms
18ms Image
image/jpeg 2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cidadesdomeubrasil.com.br/img/hospitais.jpg
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5db35a2e9ec40eea7817702e18c35b63fcfbf51e360fea3b13009268d55b05e

Request headers

:path: /img/hospitais.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6440217
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9910
referrer-policy
last-modified: Tue, 13 Jan 2015 22:55:28 GMT
server: cloudflare
etag: "9923290-26b6-50c9084e55800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Nxc3U5Rmu3RxLRmsdxj1F7%2FRQ3WIhIYuIDWORSTiZH5ReirxXzev2r7%2BXkbs62tIF31xwCTV6DFlHGcUJ7THJLlTCvXTcyAMBoFKYSg0THwOT2S0aPh4anTvU2gB7MHTSWUwtYc2%2Bdfzgl%2BwGI8UWTkOeBeRrAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66c6aa0c09c44ed9-FRA
expires: Tue, 26 Apr 2022 14:24:53 GMT

GET
H3-29 200 onibus.jpg
www.cidadesdomeubrasil.com.br/img/ 10 KB
11 KB 25ms
18ms Image
image/jpeg 2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cidadesdomeubrasil.com.br/img/onibus.jpg
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8b03d71e7bdddfd266269c45fb7d204cb157f5581cea0adb93b815735c9d05f

Request headers

:path: /img/onibus.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6721625
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10565
referrer-policy
last-modified: Tue, 13 Jan 2015 22:55:22 GMT
server: cloudflare
etag: "992329f-2945-50c908489ca80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4X7yYSKiOW4axKGEOMKPnzvXdRLmCGQjD1%2BHo3NBOeY%2BuK4vcwYUrMjWQlu%2BYLvs1DBMGEsaccH6CgVZuV0j9LOwYniJ5ZrWTqFn4m2vn3YmQH7F5biRLXq04dG890ZgfX9T2OHUL8JvNjrUjPkFAdCx8SxPgLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66c6aa0c09c34ed9-FRA
expires: Sat, 23 Apr 2022 08:14:45 GMT

GET
H3-29 200 noticias.jpg
www.cidadesdomeubrasil.com.br/img/ 7 KB
8 KB 31ms
24ms Image
image/jpeg 2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cidadesdomeubrasil.com.br/img/noticias.jpg
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49b17617bdd0746bb68bde695e970a5228777a5247b9fc9793e088bd9b3eafc9

Request headers

:path: /img/noticias.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 28031
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7523
referrer-policy
last-modified: Tue, 13 Jan 2015 22:55:20 GMT
server: cloudflare
etag: "992329e-1d63-50c90846b4600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C1Oq0O5Wvt%2BFDaUzrujxWJSNAHh4ycTVPBuIHWDRKtFXy1VpnTA4wPmcjJcRwyU3jYplgtZEvbbCJjvvPoRMOeyGc5tnLblXdEu%2BfU99%2FIYK%2BPSetoO5Zcpx5Aft1C8EpRrvc5paC7vLwPrPX6YccfEkhX3FkOA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 66c6aa0c09c04ed9-FRA
expires: Sat, 10 Jul 2021 03:34:39 GMT

GET
H2

200

embed Show response
www.google.com/maps/ Frame D1EC
Redirect Chain

https://maps.google.com/maps?t=h&hl=pt&ie=UTF8&ll=-26.44780,-52.83128&spn=0.012092,0.021415&z=13&output=embed
https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt

1 KB
887 B

16ms
16ms

Document
text/html

2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

c64562e022703ad663cdef6d4176f2b7b5dcf7647bed3cb3bf64d79e89fa4ef6

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-/mP/DMauJWW0dC5RamdqUQ==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 10 Jul 2021 03:21:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-/mP/DMauJWW0dC5RamdqUQ==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 613
x-xss-protection: 0
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date: Sat, 10 Jul 2021 03:21:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
content-type: text/html; charset=UTF-8
server: mafe
content-length: 357
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK creativeref:1101l45971
creative.prf.hn/source/camref:1011ljirQ/ 56 KB
56 KB 2527ms
2461ms Image
image/gif 5.150.170.4
PHG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creative.prf.hn/source/camref:1011ljirQ/creativeref:1101l45971
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.150.170.4 , United Kingdom, ASN31151 (PHG-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e133a6e548998d84761bd97b428e6bde7deaf710bf2680cc0029763616f5b001

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 03:21:53 GMT
Server: nginx
Content-Type: image/gif
Transfer-Encoding: chunked
X-Request-ID: 92673f9ec75046f64eeeebcbe0ee38ce
P3P: CP="NOI DSP COR PSAa PSDa OUR IND UNI"

GET
H3-29

200

Brazil_3_sports_728x90_BR.gif
www.cidadesdomeubrasil.com.br/img/
Redirect Chain

https://cidadesdomeubrasil.com.br/img/Brazil_3_sports_728x90_BR.gif
https://www.cidadesdomeubrasil.com.br/img/Brazil_3_sports_728x90_BR.gif

141 KB
142 KB

18ms
17ms

Image
image/gif

2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cidadesdomeubrasil.com.br/img/Brazil_3_sports_728x90_BR.gif
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9ea87a15858e15ffa66cbc11f70b38c07bb42e54cebe376daed008f9797ab10

Request headers

:path: /img/Brazil_3_sports_728x90_BR.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 28030
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 144218
referrer-policy
last-modified: Tue, 30 Mar 2021 10:01:04 GMT
server: cloudflare
etag: "9920cec-2335a-5bebe139242d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YJeAGw4F5xxb%2B22QumgeqKYeCiG%2B6IFbCvm9F%2F9SEvwMbwxSbXNTG2OH%2Fi8cMvhOxESDQ6NGXhzlr4FtQne2VZYt%2FJ8q%2FZgmKRWk%2FfxULgPaiRT9eaaYXJMunytCdwg5RXsgJZNcb2gSXVmc2K%2Fso%2BBww4us1Ws%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 66c6aa0c6a3d4ed9-FRA
expires: Sat, 10 Jul 2021 03:34:40 GMT

Redirect headers

date: Sat, 10 Jul 2021 03:21:50 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vTaiMpq%2FnzN9Kue32CK3282P%2FNE%2F732eX%2BJq%2BHodISkZs9NMmMxwj2qseUy2RSf1MBU0O0Cn4P%2FzUTb1w5pESdXLGL%2B0beushWTNb%2B67p9%2BDb%2FPTUkQ0XD4oPTuqa%2BbCe1jqP2r8blRCvsnEnXa%2BiBJKkA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.cidadesdomeubrasil.com.br/img/Brazil_3_sports_728x90_BR.gif
cache-control: max-age=3600
cf-ray: 66c6aa0c0afdc290-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b30089b870000c290e0879000000001
expires: Sat, 10 Jul 2021 04:21:50 GMT

GET
H3-29 200 bootstrap.min.css
www.cidadesdomeubrasil.com.br/css/ 115 KB
18 KB 29ms
24ms Stylesheet
text/css 2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cidadesdomeubrasil.com.br/css/bootstrap.min.css
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 066b518157c0645441c5536641050b68bdc7db05354c17111e32b3e31d45a0f0

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 34
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy
last-modified: Sat, 02 Mar 2019 02:29:32 GMT
server: cloudflare
etag: W/"9923240-1cafc-583134b285c35-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ACTYotdzPImbtxw1soUMPIXORoNSE5Pm2Jm1yaeiRI82XIOPabHyf03%2BmIMI2%2Ff8oED%2By%2FvERtemebPDYhFvjjBVnmlfdR7S80NDeYidg11bSlB93JQbNwEnh3qsfApIhYFeEsX9tD4bfJ3DaJ%2BmWP2yGS%2BzH9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 66c6aa0c09c94ed9-FRA

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 14ms
12ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 9440192
cdn-cachedat: 2021-03-11 11:57:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 56c2b46c7a8e813a43f229e1920a3ed4
cf-ray: 66c6aa0bfcb54eb5-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 35ms
14ms Font
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,400italic,500,700,100

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b34f1321f23b0654b46a9b843808724e531a1dcc1e857791577b6ed596f33cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.cidadesdomeubrasil.com.br
Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Jul 2021 01:24:23 GMT
server: ESF
date: Sat, 10 Jul 2021 03:21:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jul 2021 03:21:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
844 B 36ms
15ms Font
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,800,300,600,700

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5188a8f33fbb436c1cee4016b445aa5680c35ed430c0fe92e78650403bcb509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.cidadesdomeubrasil.com.br
Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Jul 2021 02:10:23 GMT
server: ESF
date: Sat, 10 Jul 2021 03:21:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jul 2021 03:21:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 356 B
360 B 35ms
15ms Font
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Abel

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

966d5583825259f5acafdb1f02024fc2399fac2275e9e796d454a534013f84bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.cidadesdomeubrasil.com.br
Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Jul 2021 02:37:07 GMT
server: ESF
date: Sat, 10 Jul 2021 03:21:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jul 2021 03:21:50 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 30ms
10ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b30089b9100002bd27886a000000001
last-modified: Wed, 07 Jul 2021 15:32:55 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60e5c927-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jGhFBJ9A9iZY5dU9DzQC7%2Fb8ARFH9wyebDIGB724WKx4mREANivC8QOD3UB5nWCbp0wHEg2e38L7brKviq5UMNGLQNYHYh78J62qpqYPEq7c0Qr8cW0BfRVQ56nu4QFC1HWOkeJPMCw%2FpxJA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 66c6aa0c19242bd2-FRA
expires: Mon, 12 Jul 2021 03:21:50 GMT

GET
H/1.1 200
OK iframe Show response
www.confidencecambio.com.br/widgets-de-cambio/ Frame 9AB6 2 KB
1 KB 880ms
210ms Document
text/html 54.94.210.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.confidencecambio.com.br/widgets-de-cambio/iframe?moedas=29,35,57&titulo=Simulador%20de%20C%C3%A2mbio&tipo-link=partnerize&partnerize-url=https://prf.hn/click/camref:1011ljirQ/creativeref:1101l45971adref:widget

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.94.210.112 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

mail1.confidencecambio.com.br

Software

Resource Hash

c95757e1aa6783796e37ed7d409d3828e765017579664a1addb24a4f774f547b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.confidencecambio.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cidadesdomeubrasil.com.br/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

Date: Sat, 10 Jul 2021 03:21:51 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 05 Jul 2021 01:22:18 GMT
ETag: W/"60e25eca-8b7"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Vary: User-Agent
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame C297 14 KB
7 KB 63ms
46ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FCidades-do-meu-Brasil%2F271585396301444&width=292&height=258&show_faces=true&colorscheme=light&stream=false&border_color&header=false

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0adbf5451d0a1fadd4d02849b57bb6dc2520ef42d0ec81d0c2fe7687f88df70a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FCidades-do-meu-Brasil%2F271585396301444&width=292&height=258&show_faces=true&colorscheme=light&stream=false&border_color&header=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: DxqDC4efSk+lU/LmeOWsUIF61IRcVvzUrbx9tXny091gnppdlpe7te13OX3WS3ihwcpOqQzyAQC2T42H05/QcQ==
date: Sat, 10 Jul 2021 03:21:50 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 8ms
5ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

010f26513ba0616c47e83ee808a09f3c18f4d31a4cedeb0ad05caa13c0c02280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GzZnA1ibv6jFAIH85xyZyw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: kV3J2Y9/wR6N5Z3BfO2pwcEeghCUsSY2sV20IR+wCd7aFGvq17aoO2FnRx3n+3l4YWghQfJvcRC6/VNw038q9w==
x-fb-trip-id: 2050670934
x-fb-content-md5: ad62d7978f7db56bd2e24f9586fbfc58
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 10 Jul 2021 03:21:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0ee2311112aaa17b688129add1290ed2"
timing-allow-origin: *
expires: Sat, 10 Jul 2021 03:41:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 21ms
18ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-66877063-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04bbe8394557e5111dbc18bcb4e8649d1066cab568019973c93a42a2f7b07e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36878
x-xss-protection: 0
last-modified: Sat, 10 Jul 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Jul 2021 03:21:50 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 38 KB
12 KB 77ms
32ms Script
application/x-javascript 104.22.53.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd4667051083414e6918c646422069fdd0292fb55aff0e8b807ec4fbb496c09

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 08:51:42 GMT
server: cloudflare
age: 22463
etag: W/"60bf2f9e-9987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 66c6aa0cd8220487-CDG
expires: Sat, 10 Jul 2021 09:07:27 GMT

GET
H3-29 200 api.js Show response
www.google.com/recaptcha/ 850 B
580 B 17ms
15ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b53381303a6bc0505e09d23f4c49c2e48e90493b8b78b9f7372682d0d27ac5e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 559
x-xss-protection: 1; mode=block
expires: Sat, 10 Jul 2021 03:21:50 GMT

GET
H3-29 200 contact.js Show response
www.cidadesdomeubrasil.com.br/js/ 825 B
994 B 13ms
11ms Script
application/javascript 2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cidadesdomeubrasil.com.br/js/contact.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d4b646471724fe2c7622d7163dd3a04e8373fec809253a06b2bd91322b2383

Request headers

:path: /js/contact.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33
cf-polished: origSize=1261
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy
last-modified: Sun, 10 May 2020 03:20:34 GMT
server: cloudflare
etag: W/"98b3d5c-4ed-5a542b6a543eb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bffGsclxAQS5VL5cvX8AwShBAMNOoKzVXVE9%2FyA0nNfUQjwB%2FkkiySz6G1pBsmf65D6GDXEHqcJT2AQu%2BLMX669FbqeE8E3yx3c2yZwv1saoNvkp%2FZ5b6UB3F%2FvRf08Vyj%2Bw%2BozTu9KwjcZ9ehfXFf979n9Sk4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 66c6aa0c8a6b4ed9-FRA
cf-bgj: minify

GET
H3-29 200 validator.js Show response
www.cidadesdomeubrasil.com.br/js/ 9 KB
3 KB 16ms
14ms Script
application/javascript 2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cidadesdomeubrasil.com.br/js/validator.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa6a4739af4439a3b369f5850f634271761cad57968898a86a422bbe651f4ad

Request headers

:path: /js/validator.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33
cf-polished: origSize=11730
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy
last-modified: Sun, 10 May 2020 03:20:44 GMT
server: cloudflare
etag: W/"98b3d69-2dd2-5a542b73dfdfd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=l4DFyUdN148whqQtas0Acg66nfb8ySyE5EBCHolLWbL6ixvY2fwZR6ALhk1reWdQLWdhGeByg0SVxCDj9JuHqwM1jqReAKGp8K4rXa5kwcriBHL6daT%2FczON0rZNPW6Ub43tjiNgofYFd3ckgDmi35tuBeewqHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 66c6aa0c8a6c4ed9-FRA
cf-bgj: minify

GET
H3-29 200 social.js Show response
www.cidadesdomeubrasil.com.br/js/ 3 KB
1 KB 15ms
13ms Script
application/javascript 2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cidadesdomeubrasil.com.br/js/social.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c98a4fb705eeb1aa45aa3187b52dcb648379f0d31aaf8bbc6ade524267326da3

Request headers

:path: /js/social.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy
last-modified: Sat, 02 Mar 2019 02:33:33 GMT
server: cloudflare
etag: W/"99232c0-a57-58313598e5bdd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B7EQog4l0H0%2FXqYTlNWeLf5n%2BYvES7vaH%2BmCps7HCuyDlREZ4S2ErcK2wEH9nlU5sJigfU%2FrDuc8Xb9jKxYfnAEkI3UdFylQxLU7qYLu%2BLtRhYCthrsYYVdlA4U%2Bdh3vBmDP8CDo0KRRnHyoeNd3HyA2aaG%2Bfw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 66c6aa0c8a6d4ed9-FRA
cf-bgj: minify

GET
H3-29 200 validation.js Show response
www.cidadesdomeubrasil.com.br/js/ 25 KB
7 KB 14ms
12ms Script
application/javascript 2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cidadesdomeubrasil.com.br/js/validation.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ac98f7ae1c54282cdbdd21b577e75558cbd42cedcd72c8ebc6ce9512e39032

Request headers

:path: /js/validation.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33
cf-polished: origSize=42973
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy
last-modified: Tue, 19 Feb 2013 20:42:54 GMT
server: cloudflare
etag: W/"99232c1-a7dd-4d619e2c60f80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Hj4QO5H%2FTEMkxE5GIg4%2FcMLwPX1JR5OTh0ESbEoJ%2Bca1DK1Irkxee4GudPf4IgeOSHOSKfRRmRzokwOZt%2FlcD2FAVHTk3lWIbRvxt8kSv%2BMU6KvpkTMyNJalvQJRKb4LcOOVEdXs01Hs5FslmCI2pDzjFWWI8jw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 66c6aa0c8a6e4ed9-FRA
cf-bgj: minify

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 139ms
47ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Sat, 10 Jul 2021 03:21:50 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H3-29 200 bootstrap.min.js Show response
www.cidadesdomeubrasil.com.br/js/ 35 KB
10 KB 15ms
13ms Script
application/javascript 2606:4700:3037::ac43:c5fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cidadesdomeubrasil.com.br/js/bootstrap.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c5fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cidadesdomeubrasil.com.br
referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy
last-modified: Tue, 14 Apr 2015 23:34:52 GMT
server: cloudflare
etag: W/"99232b6-8c6f-513b7ad5c3f00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Mlxb8MklCKrMwHxG9rOBJaqcORqtDBvUz28EQYJri0Iqh6BIhQ9IkwP6W6I%2FDBExd9VtrqVI7A%2BF1Nr4YTB5xXPKKVzurHOQey%2B5Qss3fegsDVRwSKaqef3TMDVe%2B8NsfObxsfIDhMz1NPbPgBSYuyIdF2ZRo1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 66c6aa0c8a704ed9-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd140742c354c506c7bb90f383e236b9b6886581b286fa810ebdd27540181846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48619
x-xss-protection: 0
server: cafe
etag: 2461876098917531654
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 10 Jul 2021 03:21:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3064385439319244

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd140742c354c506c7bb90f383e236b9b6886581b286fa810ebdd27540181846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cidadesdomeubrasil.com.br
Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48619
x-xss-protection: 0
server: cafe
etag: 2461876098917531654
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 10 Jul 2021 03:21:50 GMT

GET
H2 200 608be9013ab7ea0f59c580a6584faef7.js Show response
www.travelpayouts.com/widgets/ 7 KB
3 KB 369ms
315ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets/608be9013ab7ea0f59c580a6584faef7.js?v=2093
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: ad4ecaaee5f8f96b64a28263a8bca25f2531d0f78fa690f76dcd484c73dedcec

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
content-encoding: gzip
server: nginx
etag: W/"ad3d6a326db5cfeac97dd2658d96a1aacfdacae0"
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=0
link: </mewtwo/styles.css?v=002>; rel=preload; as=style, </widgets_static/608be9013ab7ea0f59c580a6584faef7.js?v=2093>; rel=preload; as=script
x-request-id: 83a6b7b8d7f18317fd1ec7a3d8ff1731

GET
H2 200 push-notification.js Show response
script.joinads.me/ 1 KB
818 B 31ms
13ms Script
application/javascript 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/push-notification.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39d0fd9943a1069718bb60c51587b8a2b7711d562766565fafd8ac6050e44cdb

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 31029
cf-polished: origSize=1350
cf-bgj: minify
last-modified: Thu, 01 Apr 2021 12:59:38 GMT
server: cloudflare
etag: W/"6065c3ba-546"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w%2FbfiIlv0JB01660B2DxVDqj9MO%2BGrhg3WyKAn2jtm2FLReS1AF7vynS1YKCcYWmTfuPJHkQIlyOxgfSr3Ylhf9EsDRRlcixBwno8oXXEiCMO3u7noaotOgE13CcLXA5qt7nYK1dFc53Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 66c6aa0cad574e25-FRA
expires: Mon, 04 Jul 2022 18:44:41 GMT

GET
H2 200 ads2732.js Show response
script.joinads.me/ 21 KB
5 KB 31ms
14ms Script
application/javascript 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/ads2732.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78dccc17c6aae34a53eedb8eaf364fac37919a1960961705fa20ee8bf80def81

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33
cf-polished: origSize=21932
cf-bgj: minify
last-modified: Thu, 08 Jul 2021 19:15:41 GMT
server: cloudflare
etag: W/"60e74edd-55ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OGiLaQvvpx1ohLLrtVyUKlZZAoPuxm5ozqSDc8MNz%2BDZFzmENIEwQ2vY2eC%2FxN9nOH3RbHAP%2BQkfu%2FFzFxw6nY58DIYmYLeMCR8oBgKO%2FzI%2BanqFlzXaEbLo4e5yiDi2DRUzT1MNsca5YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 66c6aa0cad5a4e25-FRA
expires: Tue, 05 Jul 2022 03:21:17 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 20:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Jul 2022 20:13:15 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 20ms
16ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.cidadesdomeubrasil.com.br
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 1872867
cdn-cachedat: 2021-06-08 21:28:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 64464
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c132ea8d8ba6b65634d8fd237d4c6f12
accept-ranges: bytes
cf-ray: 66c6aa0c9b57c290-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame D1EC 139 KB
46 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=pt&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

18f37e27d83b099a8e2f574e034874835aec95a932d90a8c202a5a7cc856f56d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:12:46 GMT
content-encoding: gzip
server: mafe
age: 544
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46640
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:42:46 GMT

GET
H3-29 200 BavUA8YcXXX.css
www.facebook.com/rsrc.php/v3/yG/l/0,cross/ Frame C297 25 KB
5 KB 7ms
6ms Stylesheet
text/css 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yG/l/0,cross/BavUA8YcXXX.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FCidades-do-meu-Brasil%2F271585396301444&width=292&height=258&show_faces=true&colorscheme=light&stream=false&border_color&header=false

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd86e74f1fb2ecbdf19c9e23db2f9213001ecc7e40737a562d7b919391fbd4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FCidades-do-meu-Brasil%2F271585396301444&width=292&height=258&show_faces=true&colorscheme=light&stream=false&border_color&header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 18:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Y6OXviEASHykPvz0+BBYYg==
cross-origin-resource-policy: cross-origin
content-length: 5578
x-fb-rlafr: 0
x-fb-debug: Ei8InnG+h/v6Ra9WPIqBkg3Qq1hxKebeX7Eychuu6pgvR5ndAa3dQjJZcVyUwuXrxM9P7cn6D9L7CNqwyrVzSQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 09 Jul 2022 18:00:22 GMT

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/45/5/intl/pt_ALL/ Frame D1EC 236 KB
66 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/45/5/intl/pt_ALL/init_embed.js

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

401f27c1231fa2c6521f3ef34c35501129f9a1b80431acd133b086ca97a44dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 18:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67359
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 01:12:49 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 18:22:02 GMT

GET
H3-29 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/ Frame D1EC 90 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=pt&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfea56ae43b4bf295f24053fb772a67c26e1a7e40f4c54af80552f063c7416c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33340
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 01:13:07 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 14:35:46 GMT

GET
H3-29 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/ Frame D1EC 287 KB
88 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=pt&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1492fc36bdc0b0ea67d7e32fdd81b4c7814610865b1a7eaad9a1d62da188947e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89930
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 01:13:07 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 00:35:45 GMT

GET
H3-29 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/ Frame D1EC 60 KB
60 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=pt&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9f9512ae57b104255fac5d1443ea3a9c89e9c1ec1c3fcef5d2571fb41149aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 18:43:25 GMT
vary: Accept-Encoding, Origin
last-modified: Tue, 29 Jun 2021 01:13:07 GMT
server: sffe
x-content-type-options: nosniff
age: 290306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61121
x-xss-protection: 0
expires: Wed, 06 Jul 2022 18:43:25 GMT

GET
H3-29 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/ Frame D1EC 4 KB
4 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=pt&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bd35cc4401a0578e841358a217037ef301fc9e13b24283f3aea8c1531a7b127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 02:23:07 GMT
vary: Accept-Encoding, Origin
last-modified: Tue, 29 Jun 2021 01:13:07 GMT
server: sffe
x-content-type-options: nosniff
age: 349124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3689
x-xss-protection: 0
expires: Wed, 06 Jul 2022 02:23:07 GMT

GET
H3-29 200 google4.png
maps.gstatic.com/mapfiles/embed/images/ Frame D1EC 2 KB
2 KB 28ms
14ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/embed/images/google4.png

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:51 GMT

GET
H3-29 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame D1EC 326 B
348 B 14ms
14ms Image
image/bmp 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:51 GMT

GET
H3-29 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/ Frame D1EC 25 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=pt&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7523c6178bc8af066c135d6dfb7191d269d486581c0032fefa46f8278a45a6e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 20:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 370237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9417
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 01:13:07 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 20:31:14 GMT

GET
H3-29 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame D1EC 26 KB
3 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-26.517064019811134&2d-53.07101493097307&2m2&1d-26.374127315826758&2d-52.591485343412586&2u13&4spt&5e3&6sm%40563000000&7b0&8e0&11e289&12e2&callback=_xdc_._d9wygu&client=google-maps-embed&token=61486

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

2b90695fcb7d616d9614711b7425564093d426acb6f38ea9a6122fc355054d7c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:51 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=14
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame D1EC 5 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-26.52019939111626&2d-52.90957327431299&2m2&1d-26.375356864491067&2d-52.750713728982134&2u10&4spt&5e0&6sm%40563000000&7b0&8e0&11e289&12e2&callback=_xdc_._rmhdjr&client=google-maps-embed&token=35744

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

ecaea3a98a7bcc09c7b092a3263675f0360dd07db27b6550d1c80cf71488592f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:51 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1208
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 13 KB
13 KB 30ms
29ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i10!2i361!3i590!4i256!2m3!1e0!2sm!3i563288212!3m17!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmx8cC52Om9mZg!4e0&client=google-maps-embed&token=96317

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

732b8383e938e3c1cd52ad1b39ed9d8649ca3a5c9acd67fc55a237064ccb2a26

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13603
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 17 KB
17 KB 57ms
57ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i10!2i361!3i589!4i256!2m3!1e0!2sm!3i563288212!3m17!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmx8cC52Om9mZg!4e0&client=google-maps-embed&token=110646

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

9433e12c60d527ae1ca8a4b35cb20ed5047b10685a15fe9b1c64f753cc704b22

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=49
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17072
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H3-29 200 vt Show response
www.google.com/maps/ Frame D1EC 119 B
110 B 24ms
24ms XHR
application/json 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/vt?pb=!1m4!1m3!1i10!2i361!3i589!1m4!1m3!1i10!2i361!3i590!2m3!1e0!2sm!3i563288296!3m17!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmx8cC52Om9mZg!4e3!12m1!5b1&client=google-maps-embed&token=110686

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/util.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

387a24eba1d0ec72de48c07da1e702c82ec6d21dbf50bc3fd0c70d34534117f4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
server-timing: gfet4t7; dur=19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85
x-xss-protection: 0
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: private, max-age=22222222
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Sat, 10 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt Show response
www.google.com/maps/ Frame D1EC 3 KB
658 B 29ms
29ms XHR
application/json 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/vt?pb=!1m4!1m3!1i13!2i2891!3i4719!1m4!1m3!1i13!2i2892!3i4719!1m4!1m3!1i13!2i2893!3i4719!1m4!1m3!1i13!2i2894!3i4719!1m4!1m3!1i13!2i2895!3i4719!1m4!1m3!1i13!2i2891!3i4720!1m4!1m3!1i13!2i2891!3i4721!1m4!1m3!1i13!2i2892!3i4720!1m4!1m3!1i13!2i2892!3i4721!1m4!1m3!1i13!2i2893!3i4720!1m4!1m3!1i13!2i2893!3i4721!1m4!1m3!1i13!2i2894!3i4720!1m4!1m3!1i13!2i2894!3i4721!1m4!1m3!1i13!2i2895!3i4720!1m4!1m3!1i13!2i2895!3i4721!2m3!1e0!2sm!3i563288452!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e3!12m1!5b1&client=google-maps-embed&token=27105

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/util.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

1cc789bb41a456c0cf7803309faa9335baccc4ec281468f9db3de37eab21799c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
server-timing: gfet4t7; dur=23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 633
x-xss-protection: 0
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: private, max-age=22222222
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Sat, 10 Jul 2021 03:21:51 GMT

GET
H2 200 kh
khms1.googleapis.com/ Frame D1EC 16 KB
16 KB 106ms
76ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms1.googleapis.com/kh?v=904&hl=pt&x=2893&y=4720&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

821250767bd50524ed67253ee376cdf68171e1ae23439b99feee338bd330e023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=70
vary: Origin
content-length: 16080
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 2 KB
2 KB 24ms
19ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2893!3i4720!4i256!2m3!1e0!2sm!3i563287324!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=100712

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

ba5778135c0d9d70f2b481f1f97fc2931aa772070653326bb4fc1cfa8caf52a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1664
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms0.googleapis.com/ Frame D1EC 15 KB
15 KB 200ms
170ms Image
image/jpeg 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms0.googleapis.com/kh?v=904&hl=pt&x=2892&y=4720&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

ad44ef6451353b0c8f82201b360e7f26081ae82976d23b7e2b5aa3cb598a1404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=164
vary: Origin
content-length: 15286
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 191 B
215 B 30ms
24ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2892!3i4720!4i256!2m3!1e0!2sm!3i563287324!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=18413

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

4b9278d6c532856fe45e8d1d89f6dd05a3c5a58117af23468143437ec6796225

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=18
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms0.googleapis.com/ Frame D1EC 16 KB
16 KB 170ms
140ms Image
image/jpeg 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms0.googleapis.com/kh?v=904&hl=pt&x=2892&y=4719&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

8a8b7a584816c18bde614bf83972afca3c729e0838d264a8808ad131e1008cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=135
vary: Origin
content-length: 16806
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 3 KB
3 KB 36ms
31ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2892!3i4719!4i256!2m3!1e0!2sm!3i563288440!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=94754

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

fee2e6a6d1da0c81720666bad60f56e963168d93bbf9defb07fd8cceb68bacce

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2787
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms1.googleapis.com/ Frame D1EC 17 KB
17 KB 90ms
61ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms1.googleapis.com/kh?v=904&hl=pt&x=2893&y=4719&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

cbcd4116f12539e1e298f25b8b48c1364fa427460f76e7e98f5b9cc84f9bb045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=55
vary: Origin
content-length: 17454
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 1 KB
1 KB 38ms
33ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2893!3i4719!4i256!2m3!1e0!2sm!3i563288440!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=45982

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

307870ffa14933218396c5b286cfcdfdf82d2c086a6683f1d5eee0e3474f8b78

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=25
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1135
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms0.googleapis.com/ Frame D1EC 17 KB
17 KB 160ms
131ms Image
image/jpeg 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms0.googleapis.com/kh?v=904&hl=pt&x=2894&y=4719&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

a5fbcee8b913220df7e5e701d1dba54f06aabe3394fa2b7fd950f65f44e653e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=125
vary: Origin
content-length: 17000
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 2 KB
2 KB 34ms
28ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2894!3i4719!4i256!2m3!1e0!2sm!3i563288440!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=128281

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

1911f0c9e8166e98871232d515bd1348dc8004dec5ad139f96bb4a623b4cea88

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1780
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms0.googleapis.com/ Frame D1EC 16 KB
16 KB 190ms
162ms Image
image/jpeg 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms0.googleapis.com/kh?v=904&hl=pt&x=2894&y=4720&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e25b2a3ae03d6577d99ac134cf69470643cf1f82070381369cee1f165e7481f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=156
vary: Origin
content-length: 16606
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 804 B
828 B 31ms
26ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2894!3i4720!4i256!2m3!1e0!2sm!3i563287324!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=51940

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

2a7cda1b9885b1dc864fe64017c2b274814357246160b7c491bcb0c1454abe8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 804
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms0.googleapis.com/ Frame D1EC 17 KB
17 KB 196ms
168ms Image
image/jpeg 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms0.googleapis.com/kh?v=904&hl=pt&x=2894&y=4721&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

f5027ece6fa5082e3668404f1ed69b8883b51b3e03cb43d2f98370c0b8629dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=162
vary: Origin
content-length: 17008
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 2 KB
2 KB 34ms
29ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2894!3i4721!4i256!2m3!1e0!2sm!3i563287324!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=129358

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

2fbae60bd2c5fed95215cf55c261f3600de7d533c123377547a1273475255e51

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1941
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms1.googleapis.com/ Frame D1EC 16 KB
16 KB 102ms
75ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms1.googleapis.com/kh?v=904&hl=pt&x=2893&y=4721&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

6d0e83e2b334f34aafcbb4fc618c336353f980a10ce712202cc1a71b8d153f8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=69
vary: Origin
content-length: 16414
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 1 KB
2 KB 32ms
27ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2893!3i4721!4i256!2m3!1e0!2sm!3i563287324!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=47059

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

426abaacef5963d5c7868178ef4e7e062cad87f793f3fb18ced0fca05937febf

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms0.googleapis.com/ Frame D1EC 15 KB
15 KB 199ms
171ms Image
image/jpeg 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms0.googleapis.com/kh?v=904&hl=pt&x=2892&y=4721&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

18ca32a214b6a47e363f7b40179f34d9d8c2de0fb3545315d0241a0713bc08e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=164
vary: Origin
content-length: 15660
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 1 KB
1 KB 34ms
29ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2892!3i4721!4i256!2m3!1e0!2sm!3i563287324!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=95831

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

1dad2ea3fa922940fcb1bf197555c4d4e11f39bdf5a1cbcc500b1891e55fb14b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms1.googleapis.com/ Frame D1EC 15 KB
15 KB 144ms
117ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms1.googleapis.com/kh?v=904&hl=pt&x=2891&y=4721&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

c3ab0e3b33d9d8629c5d476b3b1a50b751c6fa8cf19192382ec623ccb8faeec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=111
vary: Origin
content-length: 15280
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 1 KB
1 KB 34ms
29ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2891!3i4721!4i256!2m3!1e0!2sm!3i563288452!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=17605

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

e71d0a022f57311929fb9ed766c263631d49919e64c85326aeedc9a11c613101

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1190
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms1.googleapis.com/ Frame D1EC 16 KB
16 KB 102ms
102ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms1.googleapis.com/kh?v=904&hl=pt&x=2891&y=4720&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

96aacb896bfb0120ff20bf9c7f4ac233cadd0da2da9cc0d45ffba5b0cb228fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=96
vary: Origin
content-length: 16017
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 739 B
763 B 36ms
31ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2891!3i4720!4i256!2m3!1e0!2sm!3i563288452!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=71258

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

33a6e8e90248fa8f50908bb96043603e1ff9f87099532e342c611100818dfb46

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 739
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms1.googleapis.com/ Frame D1EC 15 KB
16 KB 114ms
113ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms1.googleapis.com/kh?v=904&hl=pt&x=2891&y=4719&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

022968a324e32bedab30714b0884debe6a10258ce97a1edb8897283d0aa848ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=107
vary: Origin
content-length: 15862
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 3 KB
3 KB 34ms
30ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2891!3i4719!4i256!2m3!1e0!2sm!3i563288452!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=80434

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

90285159d99fd521affa03a3d6a6623343cdd8364f9e9d029a316cc7486c402a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2597
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms1.googleapis.com/ Frame D1EC 16 KB
16 KB 77ms
76ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms1.googleapis.com/kh?v=904&hl=pt&x=2895&y=4719&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

43e36249e360515a38cfc9b02e137404deeb30fd9c36bf6a34f69b108a36e839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=68
vary: Origin
content-length: 16181
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 1 KB
1 KB 33ms
28ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2895!3i4719!4i256!2m3!1e0!2sm!3i563287288!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=42565

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

433d4360b965818dbc575bf820d459881c6ddff7be1a5b7c84fbbd31d06b6755

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1287
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms1.googleapis.com/ Frame D1EC 14 KB
14 KB 140ms
140ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms1.googleapis.com/kh?v=904&hl=pt&x=2895&y=4720&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

6e1003dd31684349e0d97d9f8e03f7578af1755a2e5dc386a15f10ef6805d868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=134
vary: Origin
content-length: 14739
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 191 B
215 B 31ms
26ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2895!3i4720!4i256!2m3!1e0!2sm!3i563287288!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=33389

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

4b9278d6c532856fe45e8d1d89f6dd05a3c5a58117af23468143437ec6796225

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 kh
khms1.googleapis.com/ Frame D1EC 15 KB
15 KB 141ms
140ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms1.googleapis.com/kh?v=904&hl=pt&x=2895&y=4721&z=13

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

09122f2fbd64bca8a77e3d6e1244dae9e4353dd7151484b8125b2d6252695c0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
access-control-allow-credentials: true
server-timing: gfet4t7; dur=134
vary: Origin
content-length: 15692
x-xss-protection: 0
expires: Sun, 11 Jul 2021 03:21:51 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame D1EC 191 B
215 B 33ms
29ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i13!2i2895!3i4721!4i256!2m3!1e0!2sm!3i563287288!3m12!2spt!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmapSatellite!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=110807

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

4b9278d6c532856fe45e8d1d89f6dd05a3c5a58117af23468143437ec6796225

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?origin=mfe&pb=!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0
expires: Thu, 24 Mar 2022 08:12:13 GMT

GET
H2 200 styles.css
www.travelpayouts.com/mewtwo/ 169 KB
12 KB 16ms
0ms Stylesheet
text/css 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f90ca8086e3a8827af8a77f407a2a9533d6c507b22c369f8741b6b83133db66

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
content-encoding: br
last-modified: Mon, 14 Jun 2021 12:01:12 GMT
server: nginx
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=600
content-length: 12051

GET
H2 200 608be9013ab7ea0f59c580a6584faef7.js Show response
www.travelpayouts.com/widgets_static/ 317 KB
62 KB 23ms
0ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets_static/608be9013ab7ea0f59c580a6584faef7.js?v=2093
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: fc7a34d9649e1ef0f17a6fd80b90bfb4575f47aaac8e257f23deebea53c3e52c

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:51 GMT
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 11:26:28 GMT
server: nginx
etag: W/"5fe08664-4f2c6"
content-type: application/javascript; charset=utf-8

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame D1EC 62 B
83 B 14ms
14ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%3Forigin%3Dmfe%26pb%3D!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt&2sgoogle-maps-embed&callback=_xdc_._1w48df&client=google-maps-embed&token=73166

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

e8cfa5abd83b58ff66423b3a04e94a9dcf0a2beca8ad2dbad90f395ed7497ef7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:51 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame D1EC 62 B
83 B 16ms
16ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%3Forigin%3Dmfe%26pb%3D!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt&2sgoogle-maps-embed&7sx7bqlb&10e1&callback=_xdc_._73hyfa&client=google-maps-embed&token=73079

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

78fa740b517c49d5ae7a5661324e5e3f0ae0cdc686602342ae96f0bf1961e500

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:51 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/ Frame D1EC 91 KB
27 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=pt&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c8c497862985eceb10e1b15204723018ea888199f13e30f28191379c2355c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 11:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28082
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 01:13:07 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 11:57:18 GMT

GET
H3-29 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame D1EC 62 B
83 B 16ms
16ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%3Forigin%3Dmfe%26pb%3D!1m11!1m8!1m3!1d57155.933450511926!2d-52.83128!3d-26.4478!3m2!1i1024!2i768!4f13.1!5e1!6i13!3m1!1spt!5m1!1spt&2sgoogle-maps-embed&7sx7bqp1&10e1&callback=_xdc_._o3k14q&client=google-maps-embed&token=39646

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

fb4775089ecb485af391046549d2e1f25587e295fd814a61ae7c2c1fba03191c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:51 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame D1EC 302 B
285 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/util.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f33db46e0e9c76a6349531a5e9d38eb2ac889a55a2e22e8e8ba5039cb5bbd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Jul 2021 03:16:55 GMT
server: ESF
date: Sat, 10 Jul 2021 03:21:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jul 2021 03:21:51 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame D1EC 14 KB
1014 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/5/intl/pt_ALL/util.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e9b05e5c8c113f2f1455100df8c7672b9da25c21ab5cdafe2ed64867e54ad10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Jul 2021 03:18:13 GMT
server: ESF
date: Sat, 10 Jul 2021 03:21:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jul 2021 03:21:51 GMT

GET
DATA 200
OK truncated
/ Frame D1EC 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D1EC 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 745cd249aa9496dd24c88ae597827d4e82ea76e53eeb890fb85ce2a56a4863d8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D1EC 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D1EC 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D1EC 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D1EC 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D1EC 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D1EC 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame D1EC 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 332973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:52:18 GMT

GET
H/1.1 200
OK main.9fe93f57.chunk.css
www.confidencecambio.com.br/widgets-de-cambio/iframe/static/css/ Frame 9AB6 1 MB
816 KB 208ms
207ms Stylesheet
text/css 54.94.210.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/css/main.9fe93f57.chunk.css

Requested by

Host: www.confidencecambio.com.br
URL: https://www.confidencecambio.com.br/widgets-de-cambio/iframe?moedas=29,35,57&titulo=Simulador%20de%20C%C3%A2mbio&tipo-link=partnerize&partnerize-url=https://prf.hn/click/camref:1011ljirQ/creativeref:1101l45971adref:widget

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.94.210.112 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

mail1.confidencecambio.com.br

Software

Resource Hash

cd4a1945959373df60660d935adc75dd48f6eaf4f442c4d7abae6ba90827a971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.confidencecambio.com.br/widgets-de-cambio/iframe?moedas=29,35,57&titulo=Simulador%20de%20C%C3%A2mbio&tipo-link=partnerize&partnerize-url=https://prf.hn/click/camref:1011ljirQ/creativeref:1101l45971adref:widget
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 03:21:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Jul 2021 01:22:18 GMT
ETag: W/"60e25eca-11267e"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=300
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=15, max=99
Expires: Sat, 10 Jul 2021 03:26:51 GMT

GET
H/1.1 200
OK 2.519f1a0a.chunk.js Show response
www.confidencecambio.com.br/widgets-de-cambio/iframe/static/js/ Frame 9AB6 2 MB
802 KB 627ms
219ms Script
application/javascript 54.94.210.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/js/2.519f1a0a.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.94.210.112 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

mail1.confidencecambio.com.br

Software

Resource Hash

14522f456985c573b657c454560d83db2e7dac42716d420cfe9e7094090b3ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.confidencecambio.com.br/widgets-de-cambio/iframe?moedas=29,35,57&titulo=Simulador%20de%20C%C3%A2mbio&tipo-link=partnerize&partnerize-url=https://prf.hn/click/camref:1011ljirQ/creativeref:1101l45971adref:widget
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 03:21:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Jul 2021 01:22:18 GMT
ETag: "60e25eca-182f26"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Cache-Control: max-age=300
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=15, max=100
Expires: Sat, 10 Jul 2021 03:26:52 GMT

GET
H/1.1 200
OK main.8cb7404d.chunk.js Show response
www.confidencecambio.com.br/widgets-de-cambio/iframe/static/js/ Frame 9AB6 45 KB
12 KB 633ms
215ms Script
application/javascript 54.94.210.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/js/main.8cb7404d.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.94.210.112 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

mail1.confidencecambio.com.br

Software

Resource Hash

0b4b219ae6070f4d43d7dce59917096e1aeda2de69480c7b3ddf64799554ebfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.confidencecambio.com.br/widgets-de-cambio/iframe?moedas=29,35,57&titulo=Simulador%20de%20C%C3%A2mbio&tipo-link=partnerize&partnerize-url=https://prf.hn/click/camref:1011ljirQ/creativeref:1101l45971adref:widget
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 03:21:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Jul 2021 01:22:18 GMT
ETag: "60e25eca-b384"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Cache-Control: max-age=300
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Length: 11409
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=15, max=100
Expires: Sat, 10 Jul 2021 03:26:52 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9AB6 2 KB
540 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato|Ubuntu&display=swap

Requested by

Host: www.confidencecambio.com.br
URL: https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/css/main.9fe93f57.chunk.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c8ea1db2ee81ff3ac3de6a2c22eb8d1ad49e7c2fa11fd49bfa95f3d8c8a98f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.confidencecambio.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Jul 2021 03:21:52 GMT
server: ESF
date: Sat, 10 Jul 2021 03:21:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jul 2021 03:21:52 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9AB6 2 KB
426 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,900&display=swap

Requested by

Host: www.confidencecambio.com.br
URL: https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/css/main.9fe93f57.chunk.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b217e1110eb30ab95f4650617bdd136996ad9547f5bacfada3c6704874a6e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.confidencecambio.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Jul 2021 03:10:46 GMT
server: ESF
date: Sat, 10 Jul 2021 03:21:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jul 2021 03:21:52 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9AB6 4 KB
566 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=swap

Requested by

Host: www.confidencecambio.com.br
URL: https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/css/main.9fe93f57.chunk.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1498880ff28e0ff18146cad873b5939c151368f6bffd83f5656b97741dbc07b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.confidencecambio.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Jul 2021 03:05:49 GMT
server: ESF
date: Sat, 10 Jul 2021 03:21:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jul 2021 03:21:52 GMT

OPTIONS
H2 200 cidades
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/ Frame 0
0 615ms
207ms Preflight
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/cidades?cidade=S%C3%A3o%20Paulo
Protocol: H2
Server: 54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-233-92-4.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: auth
Origin: https://www.confidencecambio.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:53 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 407ed3ce-9b1d-4f3b-acd0-394ea8dfb0c8
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,auth,agent-id
x-amz-apigw-id: CO_M0FOkmjQFgqw=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-expose-headers: agent-id

GET
H/1.1 200
OK logo.c9ef9dbd.svg
www.confidencecambio.com.br/widgets-de-cambio/iframe/static/media/ Frame 9AB6 13 KB
5 KB 205ms
204ms Image
image/svg+xml 54.94.210.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/media/logo.c9ef9dbd.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.94.210.112 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

mail1.confidencecambio.com.br

Software

Resource Hash

814b03088e76da2284b3da0dc507c9128f024a958d54eb187149df085d0f0149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.confidencecambio.com.br/widgets-de-cambio/iframe?moedas=29,35,57&titulo=Simulador%20de%20C%C3%A2mbio&tipo-link=partnerize&partnerize-url=https://prf.hn/click/camref:1011ljirQ/creativeref:1101l45971adref:widget
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 03:21:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Jul 2021 01:22:18 GMT
ETag: "60e25eca-3537"
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 4900
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon_drop.8025de91.svg
www.confidencecambio.com.br/widgets-de-cambio/iframe/static/media/ Frame 9AB6 391 B
696 B 205ms
205ms Image
image/svg+xml 54.94.210.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/media/icon_drop.8025de91.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.94.210.112 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

mail1.confidencecambio.com.br

Software

Resource Hash

a27cbfc2213236a7d92860429dbbf1eede2002978cb1353c77716126eff0ac2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.confidencecambio.com.br/widgets-de-cambio/iframe?moedas=29,35,57&titulo=Simulador%20de%20C%C3%A2mbio&tipo-link=partnerize&partnerize-url=https://prf.hn/click/camref:1011ljirQ/creativeref:1101l45971adref:widget
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 03:21:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Jul 2021 01:22:18 GMT
ETag: "60e25eca-187"
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 275
X-XSS-Protection: 1; mode=block

GET
H2 200 cidades Show response
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/ Frame 9AB6 302 B
917 B 275ms
275ms XHR
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/cidades?cidade=S%C3%A3o%20Paulo

Requested by

Host: www.confidencecambio.com.br
URL: https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/js/2.519f1a0a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-233-92-4.sa-east-1.compute.amazonaws.com

Software

Resource Hash

e0774d23cf392d1cddade29911104cef31c88233d58c4451f7cc001ddf102c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.confidencecambio.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
auth: $2y$12$M4fgZx/W7r9yRWtkqZ7yx.cBlfZjRgvGzVmwOXrUEBiA8BMCn88Bq

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
x-content-type-options: nosniff
x-amzn-remapped-content-length: 302
x-amzn-remapped-date: Sat, 10 Jul 2021 03:21:54 GMT
x-amzn-requestid: 6ccb5ab3-5165-48e1-a975-fa655b1aba54
x-amz-apigw-id: CO_M2El6mjQFgKQ=
content-length: 302
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
access-control-max-age: 3600
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: *
x-amzn-remapped-server
x-amzn-remapped-connection: close
expires: 0

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 9AB6 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Ubuntu&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.confidencecambio.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 05:37:01 GMT
x-content-type-options: nosniff
age: 337492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:37:01 GMT

GET
H3-29 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 9AB6 22 KB
22 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,900&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.confidencecambio.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:01:03 GMT
x-content-type-options: nosniff
age: 357650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:01:03 GMT

GET
H3-29 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame 9AB6 33 KB
33 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Ubuntu&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.confidencecambio.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 01:32:38 GMT
x-content-type-options: nosniff
age: 352155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34260
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 01:32:38 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/ 240 KB
89 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064385439319244&plah=www.cidadesdomeubrasil.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4119835228203de3978d98f27c2d326dd14f7d0fb412f9a05f4d1589cc83111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91202
x-xss-protection: 0
server: cafe
etag: 7944902488587866712
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Jul 2021 03:21:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/ Frame 41F8 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210701/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Jul 2021 22:29:07 GMT
expires: Fri, 23 Jul 2021 22:29:07 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 17566
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd140742c354c506c7bb90f383e236b9b6886581b286fa810ebdd27540181846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48619
x-xss-protection: 0
server: cafe
etag: 2461876098917531654
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 10 Jul 2021 03:21:53 GMT

GET
H2

200

j.gif
avsplow.com/a/
Redirect Chain

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%2...
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22608be9013ab7ea0f59c580a6584faef7%22,%22trace_...

43 B
388 B

27ms
25ms

Image
image/gif

185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22608be9013ab7ea0f59c580a6584faef7%22,%22trace_id%22:%22Zzd51e76ef66a14bb4bea4e12-161378%22,%22promo_id%22:%224239%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:53 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 43

Redirect headers

date: Sat, 10 Jul 2021 03:21:53 GMT
server: nginx
location: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22608be9013ab7ea0f59c580a6584faef7%22,%22trace_id%22:%22Zzd51e76ef66a14bb4bea4e12-161378%22,%22promo_id%22:%224239%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 0

GET
H2 200 sp.js Show response
st.avsplow.com/19.18.9/ 42 KB
14 KB 34ms
18ms Script
application/javascript 2606:4700:20::681a:677
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://st.avsplow.com/19.18.9/sp.js
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/608be9013ab7ea0f59c580a6584faef7.js?v=2093
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:677 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 953af01affd97621869fdb141a98da9fd0e2a1417ae0e3f27c0c3cd49032f5af

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Nov 2020 04:17:16 GMT
server: cloudflare
age: 10505
etag: W/"5fb0abcc-a686"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HlIiF0O%2Fn8cw3hK9OM5zA5FILB97d17gPaqNQvkbO%2BUKaP%2FNLD%2FuZbOduh6VtPmru0FQC1STqGmdKlVpIXXSurStZG1mN730KmsZm0EAkCNQArtiarUpUWoGh5xC2QS%2BwO4U0S4ysg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c6aa1e384f4ec8-FRA
expires: Sat, 10 Jul 2021 04:26:48 GMT

GET
H2 200 whereami Show response
www.travelpayouts.com/ 130 B
303 B 49ms
49ms Script
text/plain 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/whereami?locale=pt_BR&callback=mewtwoForms.geoIPSetter.lang_pt_BR
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/608be9013ab7ea0f59c580a6584faef7.js?v=2093
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 5eada88b2579d5a38393f58cfd7bea6f8386c3baad4103471e1b098a736daf39

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Jul 2021 03:21:53 GMT
context-type: application/x-javascript; charset=utf-8
server: nginx
content-length: 130
x-request-id: e51474e3418d94c38343c3c9fd643895
content-type: text/plain; charset=utf-8

GET
H3-29 200 cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v13/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cidadesdomeubrasil.com.br
Referer: https://www.travelpayouts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:47:39 GMT
x-content-type-options: nosniff
age: 333254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10352
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:29 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:47:39 GMT

GET
DATA 200
OK truncated
/ 635 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd338f829b37a85daaccdfd14453413263221708c477ff625bd998a16c7482f8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd67ee7ca8d8e8492d61c34033243e78d6f478551aaba5ee30367cc47c53f4e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 129 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aba1186b73911d9422fbdef504b34963dc896c16c53daacb94c06d304b3653c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f16e1cb28067e3d13d953e07794d6b724aa73a2965e68ea7373259c1b8ec5dbf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v13/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cidadesdomeubrasil.com.br
Referer: https://www.travelpayouts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 02:41:33 GMT
x-content-type-options: nosniff
age: 348020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10328
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 02:41:33 GMT

GET
H2 200 tp_white.png
www.travelpayouts.com/powered_by/img/ 4 KB
4 KB 48ms
48ms Image
image/png 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelpayouts.com/powered_by/img/tp_white.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 69e3cc6ecc85577ba972970520d0a4abc0c253ad2b714ac4ed0429025bf959ba

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:53 GMT
last-modified: Fri, 28 May 2021 07:47:24 GMT
server: nginx
accept-ranges: bytes
etag: "60b0a00c-107d"
content-length: 4221
content-type: image/png

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 73ms
24ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=53090
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
666 B 38ms
15ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.cidadesdomeubrasil.com.br&callback=_gfp_s_&client=ca-pub-3064385439319244

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064385439319244&plah=www.cidadesdomeubrasil.com.br&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

8ef0511010576851872bfece2d54ac4966c569b7cb7302b339453f6e3a3fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
13ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cidadesdomeubrasil.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cidadesdomeubrasil.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C83C 14 KB
1 KB 98ms
97ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&adk=1812271804&adf=3025194257&lmt=1625887313&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313557&bpp=3&bdt=2852&idt=206&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8214577081489&frm=20&pv=2&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=224

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee2fbe0a1c5c5a427598a86fc8b061de7e6e6675f3e1c19a808c0d85b5539dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064385439319244&output=html&adk=1812271804&adf=3025194257&lmt=1625887313&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313557&bpp=3&bdt=2852&idt=206&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8214577081489&frm=20&pv=2&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=224
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 03:21:53 GMT
server: cafe
content-length: 1058
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Jul-2021 03:36:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 03:21:53 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830134516437"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27897
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:53 GMT

POST
H2 200 j
avsplow.com/a/ 2 B
347 B 1050ms
1050ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.9/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.cidadesdomeubrasil.com.br
date: Sat, 10 Jul 2021 03:21:54 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

POST
H2 200 j
avsplow.com/a/ 2 B
347 B 28ms
28ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.9/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.cidadesdomeubrasil.com.br
date: Sat, 10 Jul 2021 03:21:53 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B90A 436 B
234 B 120ms
120ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=90&slotname=9119378610&adk=4157693590&adf=1383187424&pi=t.ma~as.9119378610&w=728&lmt=1625887313&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313575&bpp=1&bdt=2870&idt=236&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=388&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ycVU8qR4we&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=240

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af8a5195147a1d810e1f51d7a70a35f25d351013d8e7c5d5049a164cd471ea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064385439319244&output=html&h=90&slotname=9119378610&adk=4157693590&adf=1383187424&pi=t.ma~as.9119378610&w=728&lmt=1625887313&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313575&bpp=1&bdt=2870&idt=236&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=388&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ycVU8qR4we&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=240
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 03:21:53 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Jul-2021 03:36:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 03:21:53 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 294E 436 B
235 B 104ms
104ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=3130314307&adf=3677727824&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313577&bpp=1&bdt=2872&idt=246&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=292&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dHzeZUgcPk&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=248

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c24cc889553f5aab2f690d53a52bfa7c65d57f3fc7053278b933ca3523865c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=3130314307&adf=3677727824&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313577&bpp=1&bdt=2872&idt=246&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=292&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dHzeZUgcPk&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=248
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 03:21:53 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Jul-2021 03:36:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 03:21:53 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7DC9 436 B
235 B 109ms
109ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3947194937&adf=1087937930&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313578&bpp=1&bdt=2874&idt=256&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QmLCTSO3P7&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=258

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b646254c38519b4d5de682f9ac8ba2871e87f8a4e2941b7c991245796af87f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3947194937&adf=1087937930&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313578&bpp=1&bdt=2874&idt=256&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QmLCTSO3P7&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=258
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 03:21:53 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Jul-2021 03:36:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 03:21:53 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cidadesdomeubrasil.com.br

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
20ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cidadesdomeubrasil.com.br

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB16 436 B
236 B 127ms
127ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=200&slotname=1775434107&adk=1558114524&adf=662687453&pi=t.ma~as.1775434107&w=920&fwrn=4&lmt=1625887313&rafmt=11&psa=0&format=920x200&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313578&bpp=1&bdt=2873&idt=279&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=292&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=UYXDUAbGp8&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=283

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90ae02b9cb1f71c8a81d7a4144030b14c41dc35032c88f1f77077ca49057f046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064385439319244&output=html&h=200&slotname=1775434107&adk=1558114524&adf=662687453&pi=t.ma~as.1775434107&w=920&fwrn=4&lmt=1625887313&rafmt=11&psa=0&format=920x200&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313578&bpp=1&bdt=2873&idt=279&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=292&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=UYXDUAbGp8&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=283
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 03:21:53 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Jul-2021 03:36:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 03:21:53 GMT
cache-control: private

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 341 KB
133 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cidadesdomeubrasil.com.br
Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 20:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 20:50:27 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 60E5 436 B
235 B 115ms
114ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=200&slotname=1775434107&adk=2844375598&adf=4294484034&pi=t.ma~as.1775434107&w=940&fwrn=4&lmt=1625887313&rafmt=11&psa=0&format=940x200&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313580&bpp=1&bdt=2875&idt=287&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=2776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=Pokf3BPrJN&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=290

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

feaa469fe4eec30dea7fee1f7123821a7c45404a6e6df4202e733b2dd87265b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064385439319244&output=html&h=200&slotname=1775434107&adk=2844375598&adf=4294484034&pi=t.ma~as.1775434107&w=940&fwrn=4&lmt=1625887313&rafmt=11&psa=0&format=940x200&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313580&bpp=1&bdt=2875&idt=287&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=2776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=Pokf3BPrJN&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=290
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 03:21:53 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Jul-2021 03:36:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 03:21:53 GMT
cache-control: private

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
492 B 166ms
165ms XHR
application/json 104.22.53.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=8601283&u1=E067050239394FF45A98E21B9A5C3FCD&java=1&security=a5c89b79&sc_snum=1&sess=8987a3&p=0&rcat=d&rdom=d&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.cidadesdomeubrasil.com.br/sc/novo_horizonte&t=Tudo%20sobre%20o%20munic%C3%ADpio%20de%20Novo%20Horizonte%20-%20Estado%20de%20Santa%20Catarina%20%7C%20Cidades%20do%20Meu%20Brasil&invisible=1&sc_rum_e_s=5973&sc_rum_e_e=5976&sc_rum_f_s=0&sc_rum_f_e=2982&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 66c6aa1fcdfd0487-CDG
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://www.cidadesdomeubrasil.com.br
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4dee370d58e4346c/ 2 KB
812 B 52ms
51ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4dee370d58e4346c/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c986e944563550b0e775551e4d18fa43ca0e0eccd97593a36f80b38635c7b0d4

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
etag: 524190373--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=27, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 637

GET
H3-29 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.3.1/ 20 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-app.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aade4473b4c7427f41a5b3aeacddf7a2e3532f2b7fece88a77644ec0e27d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 02:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6586
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 02:57:45 GMT

GET
H3-29 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/8.3.1/ 35 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-analytics.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bda00a5ec63e26748b9f40cf1356b3823db279199d74813874255c748657d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 07:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10746
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 07:43:18 GMT

GET
H3-29 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/8.3.1/ 173 KB
56 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-auth.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0460dfa53507eb6b050b3035d367ab5ddd0d2c7ccb31fe7a68fc6ac1cfbb2c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 05:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56866
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 05:08:04 GMT

GET
H3-29 200 firebase-firestore.js Show response
www.gstatic.com/firebasejs/8.3.1/ 320 KB
320 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-firestore.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d73b123cd2ef3afda65cb6e76579341b1bb1f27faddb0dfc54875e7a05b0114b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 01:07:37 GMT
vary: Accept-Encoding
last-modified: Thu, 18 Mar 2021 20:14:48 GMT
server: sffe
x-content-type-options: nosniff
age: 353656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327420
x-xss-protection: 0
expires: Wed, 06 Jul 2022 01:07:37 GMT

GET
H3-29 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.3.1/ 40 KB
11 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-messaging.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5243470d2be31f9aaf768f030f06b894aad081801460b75f6b396aca06fd8dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 21:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10884
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 21:29:19 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ 68 KB
24 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/ads2732.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b01f1d4f25f792a5aeaf377e16c55ac53a94ea3e5696d98ee6de29e74934d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "926 / 929 of 1000 / last-modified: 1625868492"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24112
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:53 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 26ms
25ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210701&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

398cf020437e1ae1ae467570864c2ff8a5a60b52bf4e60964ff767b9eeb2a09e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8490
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6087 13 KB
7 KB 122ms
116ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=3837193198&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313580&bpp=1&bdt=2876&idt=310&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=KMta5S0Ld1&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=312

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1c9a62d606eeb1adf03687f31b32e2f73d52108fba102965b296da39bea9533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=3837193198&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313580&bpp=1&bdt=2876&idt=310&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=KMta5S0Ld1&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=312
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 03:21:54 GMT
server: cafe
content-length: 6905
x-xss-protection: 0
set-cookie: IDE=AHWqTUkq9VrvOX__waNn5Xd8BxBLKQ_6uAgebdpG8ryqcc2c0Dbiq2yot5s8yAhX7hM; expires=Thu, 04-Aug-2022 03:21:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: private

GET
H3-29 200 sdk.js Show response
connect.facebook.net/pt_BR/ 234 KB
68 KB 14ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=e85aed71f59bcd9a96b19a8e3c25e86f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d9369282c828335f45400c6c62faf94a6d95b2d4b839eb126db2341d5c904369

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.cidadesdomeubrasil.com.br
Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GTDjp3kSuFGiKf0gk17gtA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69355
x-fb-rlafr: 0
x-fb-debug: 2vxLC16loASv2oZfZqpAVccUqQAmwlMAiQDatPLd46jPbytQGPEIqUigQ93V7VlhCA8mx/X3D+mk7hDeXbEaUg==
x-fb-content-md5: 98781b935e4ff84abad5847318f409e3
x-frame-options: DENY
date: Sat, 10 Jul 2021 03:21:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "67830946e2a7495f902bc3884d98b96a"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 10 Jul 2022 02:26:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-66877063-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 2044
date: Sat, 10 Jul 2021 02:47:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sat, 10 Jul 2021 04:47:49 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5665 13 KB
7 KB 148ms
148ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3170137852&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=322&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=VXUdv8GzS6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=325

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

717f64a3d076670980a6f9fb174d2140f64c9b22069a99bc487936ab2946fb7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3170137852&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=322&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=VXUdv8GzS6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=325
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 03:21:54 GMT
server: cafe
content-length: 6904
x-xss-protection: 0
set-cookie: IDE=AHWqTUm_5waOFwK4HfG5WhnEYp9MPmpqugWVxix5OjA4Tp4qSr9k64jmPoyIlycGkW0; expires=Thu, 04-Aug-2022 03:21:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D46F 13 KB
7 KB 153ms
153ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90d6848aaa2bf0aac1fc5852d38aaea7f8f69b05c830390d7bb1488dbea5e0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 03:21:54 GMT
server: cafe
content-length: 6950
x-xss-protection: 0
set-cookie: IDE=AHWqTUlsw6G40AcWDe2f7vTr1wGGhpDYTNtFqRmmszHDgQkgOXQiNtFWLbjUqQTJK98; expires=Thu, 04-Aug-2022 03:21:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:53 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cidadesdomeubrasil.com.br

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cidadesdomeubrasil.com.br

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 03:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE34 13 KB
7 KB 174ms
173ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35040c45a22ad6d3dbb05e5e7f9860d7833340defa46ad39afa7ac3d5982e59c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 03:21:54 GMT
server: cafe
content-length: 6775
x-xss-protection: 0
set-cookie: IDE=AHWqTUmlJ35KqzrcNiD5eAsaH4pVONGgPoPWtejCKr1Gzmch6LeKHQCszne3AN-lbqg; expires=Thu, 04-Aug-2022 03:21:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: private

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
97 B 12ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=2071803087&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&ul=en-us&de=UTF-8&dt=Tudo%20sobre%20o%20munic%C3%ADpio%20de%20Novo%20Horizonte%20-%20Estado%20de%20Santa%20Catarina%20%7C%20Cidades%20do%20Meu%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=415441611&gjid=2006004307&cid=1755381569.1625887314&tid=UA-66877063-1&_gid=1253955624.1625887314&_r=1&gtm=2ou770&z=955447643

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cidadesdomeubrasil.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
154 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=2071803087&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&ul=en-us&de=UTF-8&dt=Tudo%20sobre%20o%20munic%C3%ADpio%20de%20Novo%20Horizonte%20-%20Estado%20de%20Santa%20Catarina%20%7C%20Cidades%20do%20Meu%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20article%20milestone&ea=25%25&el=Tudo%20sobre%20o%20munic%C3%ADpio%20de%20Novo%20Horizonte%20-%20Estado%20de%20Santa%20Catarina%20%7C%20Cidades%20do%20Meu%20Brasil&_u=YAhAAUABAAAAAC~&jid=&gjid=&cid=1755381569.1625887314&tid=UA-66877063-1&_gid=1253955624.1625887314&gtm=2ou770&z=118195174

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 01:09:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7949
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=2071803087&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&ul=en-us&de=UTF-8&dt=Tudo%20sobre%20o%20munic%C3%ADpio%20de%20Novo%20Horizonte%20-%20Estado%20de%20Santa%20Catarina%20%7C%20Cidades%20do%20Meu%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20social&ea=social%20share&el=facebook&_u=YAhAAUABAAAAAC~&jid=&gjid=&cid=1755381569.1625887314&tid=UA-66877063-1&_gid=1253955624.1625887314&gtm=2ou770&z=1700757007

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 01:09:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7949
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=2071803087&t=event&ni=0&_s=4&dl=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&ul=en-us&de=UTF-8&dt=Tudo%20sobre%20o%20munic%C3%ADpio%20de%20Novo%20Horizonte%20-%20Estado%20de%20Santa%20Catarina%20%7C%20Cidades%20do%20Meu%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20social&ea=social%20share&el=whatsapp&_u=YAhAAUABAAAAAC~&jid=&gjid=&cid=1755381569.1625887314&tid=UA-66877063-1&_gid=1253955624.1625887314&gtm=2ou770&z=882399090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 01:09:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7949
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021070101.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 39ms
14ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jul 2021 08:37:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117092
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:54 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 161 B
778 B 38ms
16ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cidadesdomeubrasil.com.br

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e08459c59f8e297697e056546ae0624160fe6a6055a8f1455b0c88e0e702e48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:54 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC5D 13 KB
6 KB 112ms
112ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=600&slotname=2468660611&adk=2950433520&adf=4179601936&pi=t.ma~as.2468660611&w=252&fwrn=4&fwrnh=100&lmt=1625887314&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313584&bpp=1&bdt=2879&idt=445&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=1178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=j20iFPIdM7&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=448

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2f45ef83c69197060e287517c16df9cc502e35157e11c264cc8ed7765b832d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064385439319244&output=html&h=600&slotname=2468660611&adk=2950433520&adf=4179601936&pi=t.ma~as.2468660611&w=252&fwrn=4&fwrnh=100&lmt=1625887314&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313584&bpp=1&bdt=2879&idt=445&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=1178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=j20iFPIdM7&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=448
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkq9VrvOX__waNn5Xd8BxBLKQ_6uAgebdpG8ryqcc2c0Dbiq2yot5s8yAhX7hM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 03:21:54 GMT
server: cafe
content-length: 5728
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 j
avsplow.com/a/ 2 B
347 B 26ms
26ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.9/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.cidadesdomeubrasil.com.br
date: Sat, 10 Jul 2021 03:21:54 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
98 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-66877063-1&cid=1755381569.1625887314&jid=415441611&gjid=2006004307&_gid=1253955624.1625887314&_u=YAhAAUAAAAAAAC~&z=700553357

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/plain
access-control-allow-origin: https://www.cidadesdomeubrasil.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 51ms
50ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 10 Jul 2021 03:21:54 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 like.php
www.facebook.com/v3.2/plugins/ Frame 6F70 0
0 24ms
23ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=144105479005126&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df42936ae731cc%26domain%3Dwww.cidadesdomeubrasil.com.br%26origin%3Dhttps%253A%252F%252Fwww.cidadesdomeubrasil.com.br%252Ff2bb6b7647268fc%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&layout=button_count&locale=pt_BR&sdk=joey&send=false&share=false&show_faces=false&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=e85aed71f59bcd9a96b19a8e3c25e86f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/like.php?action=like&app_id=144105479005126&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df42936ae731cc%26domain%3Dwww.cidadesdomeubrasil.com.br%26origin%3Dhttps%253A%252F%252Fwww.cidadesdomeubrasil.com.br%252Ff2bb6b7647268fc%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&layout=button_count&locale=pt_BR&sdk=joey&send=false&share=false&show_faces=false&width=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: kENlN9FYCrZslDzhRetukm9fkLs7edZeDigR9wG0j/zmYe6zchVmZse9nQXmktRIzh3RfCwM5WSYD4+tR0IL3Q==
content-length: 0
date: Sat, 10 Jul 2021 03:21:54 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 8ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 03:21:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/67BA)
Age: 985
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2 200 like.php
www.facebook.com/v3.2/plugins/ Frame 7183 0
0 25ms
24ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=144105479005126&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fa67c77a5fecc%26domain%3Dwww.cidadesdomeubrasil.com.br%26origin%3Dhttps%253A%252F%252Fwww.cidadesdomeubrasil.com.br%252Ff2bb6b7647268fc%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&layout=button_count&locale=pt_BR&sdk=joey&send=false&share=false&show_faces=false&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=e85aed71f59bcd9a96b19a8e3c25e86f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/like.php?action=like&app_id=144105479005126&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fa67c77a5fecc%26domain%3Dwww.cidadesdomeubrasil.com.br%26origin%3Dhttps%253A%252F%252Fwww.cidadesdomeubrasil.com.br%252Ff2bb6b7647268fc%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&layout=button_count&locale=pt_BR&sdk=joey&send=false&share=false&show_faces=false&width=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 3rapFaau4H8uoF4N9cJUCgacOSwiwk5u4gL9fhganZKFpaXldIylsoCCOaN0F6esZ3qn/XoSI4Zpcw9YNB88QQ==
content-length: 0
date: Sat, 10 Jul 2021 03:21:54 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 counter.d27508c102582d608697.js Show response
s7.addthis.com/static/ 24 KB
8 KB 56ms
56ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/counter.d27508c102582d608697.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e4f924eac92aa3cc4ea64f2891447e8bd3af49e1a5c0bcd04b7356e2f7f1c04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5fd2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 10 Jul 2021 03:21:54 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 8265

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B0CE 12 KB
5 KB 8ms
5ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 09 Jul 2021 23:28:41 GMT
expires: Sat, 09 Jul 2022 23:28:41 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6E98 783 B
786 B 17ms
15ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7148bc21f3607804de61641a2fbcaef4898923cf112dc206085497556c938006

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XkXLbV7WKiXqb8ZN2+3dOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

expires: Sat, 10 Jul 2021 03:21:54 GMT
date: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XkXLbV7WKiXqb8ZN2+3dOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 75D2 16 KB
7 KB 146ms
145ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=600&slotname=1571090610&adk=3450609554&adf=608075586&pi=t.ma~as.1571090610&w=300&lmt=1625887314&psa=0&format=300x600&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313585&bpp=1&bdt=2880&idt=485&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250%2C300x250%2C252x600&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1266&ady=950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&fsb=1&xpc=12e2q34JVR&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=493

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dcd1f8e4969e28fdbdb5e6294be4b2dbf14805d2eab1b4d4fb9afd1498bd92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064385439319244&output=html&h=600&slotname=1571090610&adk=3450609554&adf=608075586&pi=t.ma~as.1571090610&w=300&lmt=1625887314&psa=0&format=300x600&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313585&bpp=1&bdt=2880&idt=485&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250%2C300x250%2C252x600&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1266&ady=950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&fsb=1&xpc=12e2q34JVR&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=493
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlsw6G40AcWDe2f7vTr1wGGhpDYTNtFqRmmszHDgQkgOXQiNtFWLbjUqQTJK98
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 03:21:54 GMT
server: cafe
content-length: 7280
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 comments.php
www.facebook.com/v3.2/plugins/ Frame 1E74 0
0 31ms
31ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/comments.php?app_id=144105479005126&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1639754d5e6d38%26domain%3Dwww.cidadesdomeubrasil.com.br%26origin%3Dhttps%253A%252F%252Fwww.cidadesdomeubrasil.com.br%252Ff2bb6b7647268fc%26relation%3Dparent.parent&container_width=940&height=100&href=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&locale=pt_BR&numposts=6&sdk=joey&version=v3.2&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=e85aed71f59bcd9a96b19a8e3c25e86f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/comments.php?app_id=144105479005126&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1639754d5e6d38%26domain%3Dwww.cidadesdomeubrasil.com.br%26origin%3Dhttps%253A%252F%252Fwww.cidadesdomeubrasil.com.br%252Ff2bb6b7647268fc%26relation%3Dparent.parent&container_width=940&height=100&href=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&locale=pt_BR&numposts=6&sdk=joey&version=v3.2&width=550
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cidadesdomeubrasil.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: B45PRWbyMYgx67wkMr9HHKJV2xvMD2RuYY1d5KTvTNTlZxUzARNC339KR3XPf2CXv9CQSMCfyDGnKxr9u15ZSA==
content-length: 0
date: Sat, 10 Jul 2021 03:21:54 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
65 B 17ms
17ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-66877063-1&cid=1755381569.1625887314&jid=415441611&_u=YAhAAUAAAAAAAC~&z=1942343002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-66877063-1&cid=1755381569.1625887314&jid=415441611&_u=YAhAAUAAAAAAAC~&z=1942343002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 6087 3 KB
1 KB 22ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=3837193198&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313580&bpp=1&bdt=2876&idt=310&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=KMta5S0Ld1&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=312

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 03:15:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6087 123 KB
37 KB 22ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:54 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 6087 14 KB
6 KB 21ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 03:19:00 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 6087 0
0 24ms
13ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUCfLG2nZTFdPlQ9WJDM2NglkS-dxADN8yYvBKuK34XgaHtZX-2gjzU5FHhXPNOv13z4yUvPLzN_Q9_nyNlnbi037wnQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=3837193198&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313580&bpp=1&bdt=2876&idt=310&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=KMta5S0Ld1&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=312
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6087 0
0 26ms
19ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Chkd6URLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgTxAU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbcKlKCD2Mg7sake1r1TCVWIjmCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi0zMDY0Mzg1NDM5MzE5MjQ0&sigh=mbt_CYcVpjY

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=3837193198&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313580&bpp=1&bdt=2876&idt=310&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=KMta5S0Ld1&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=312
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Jul 2021 03:21:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 6087 0
0 41ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k7wskbtxbn2rfzdbamrmq7dnny67xp41t3v4m6f6bgwdfk9aapvr5qffr7hgb25dg086frv2pxrcpcg86g5840gf46mf4nw64h8ck841mtpd2mksmxb5cdwk26t8cxfm65pge4sa4vjxjdahhhx0nhzkr5wvx404786ng8dvv40rhxqzgf9wc4w7hzy8sxsgtkr37p1zt0w620a731c63srdmya2m0pp74nhc61v41m0w3yb3mh1zw5wq907kvqsrgy38qhetc83kqts4qqhvw3f6z1grbdy8c0t5ajwajgz7y6wkr9rmj6b4xabmpbe6vvdgtwg6c2drvn3e60b3qgv0zfwp1zjbbqm3p3k2rrrm1nx1pbejpc6xkwrmn83y9sadwn&b=YOkSUQAOAo4Ke6PWAA1S9CKFIVG088NasInw-Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=3837193198&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313580&bpp=1&bdt=2876&idt=310&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=KMta5S0Ld1&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame A781 2 KB
1 KB 26ms
19ms Document
text/html 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1hcqesd7mr9tf8d9qn3yxbc6pr55q5jf5edyzzds77e2db354xfnsgkcc3qk22q7vgf7w6hzz7jaaqyt406zn5rsx91hpn01xjrvr9q6bb7z4jg59t23cn019djrknr8v8c5wyy5c4820b11q5p7dh93ppmvvf9ba48vf1e0cs57m3j6fv9y5p1xzk7j9p619yf1y0z50yzr6kzhq4s7zam0cwxwc7ck3za6d1n4g3cv6s7bfe8ytwtbgz2wawyqf7nrndsp31ryc0dtz9q4kc97ajffg7fw9at80889jwksdckxn1safkv114f8aj1p61fy4vj2hprc3zgb01aa7a5qh1fk3wn0w3287kzchhdfg180kzpfhph0ypvam&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%26client%3Dca-pub-3064385439319244%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa56af49433977037108c60e8496fca0d233b078a72f10d9a16a95ee029b0a65

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1hcqesd7mr9tf8d9qn3yxbc6pr55q5jf5edyzzds77e2db354xfnsgkcc3qk22q7vgf7w6hzz7jaaqyt406zn5rsx91hpn01xjrvr9q6bb7z4jg59t23cn019djrknr8v8c5wyy5c4820b11q5p7dh93ppmvvf9ba48vf1e0cs57m3j6fv9y5p1xzk7j9p619yf1y0z50yzr6kzhq4s7zam0cwxwc7ck3za6d1n4g3cv6s7bfe8ytwtbgz2wawyqf7nrndsp31ryc0dtz9q4kc97ajffg7fw9at80889jwksdckxn1safkv114f8aj1p61fy4vj2hprc3zgb01aa7a5qh1fk3wn0w3287kzchhdfg180kzpfhph0ypvam&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%26client%3Dca-pub-3064385439319244%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c6aa214ffb4e80-FRA
content-encoding: br

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 564C 1 KB
864 B 9ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Jul 2021 11:56:19 GMT
expires: Sat, 10 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 55535
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 8891 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cidadesdomeubrasil.com.br/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 712419
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 10 Jul 2021 03:21:54 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 5665 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3170137852&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=322&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=VXUdv8GzS6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=325

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 03:15:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5665 123 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:54 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 5665 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 03:19:00 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5665 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkQO1F7AMhT2OlDkna8u1xALACCP2J2aznLCH0Cz7RdPPJWFeXPHtc_KeFHiJ9uaK2mhPUxQbtUz_CQcRmo--JTkesZA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3170137852&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=322&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=VXUdv8GzS6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=325
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5665 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNP-UURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT3AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-SH2IdbAibfWsWQZqg26uQV6XeABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi0zMDY0Mzg1NDM5MzE5MjQ0&sigh=5zpDexa3LAA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3170137852&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=322&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=VXUdv8GzS6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=325
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Jul 2021 03:21:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5665 0
0 17ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jd5vgtnscnc3b89551bx8e54hvphqmf7bx9jjc07x65xx06c6aw62pwem1xq08femrrmkse6zmhhq264vxzt9tfre726h2knp9ptvebe92w2r6z9ape4fxf0zk619t983j4rbmv9vgkrbbz5sy7rgk1dz6kcte00pndwy2zdab611cgqhvc2vsj4mf9z68czwdw160hhr4xqrnam8ddpa5s7s40k2jxfk59gchdsrn4tfcb560j1gg7rtnpxebg8xpnq0n1s7nz2q51kjaes4thjcj313tjjky5j21h9z0axw0paqjc1ze1y0z3a2wwprwjrbp3hgavnseragrmk4hmkw57jb9hc92x6h4gzbmg6p12pc032x58nqd6nzsqgt0zedra&b=YOkSUQAOGZ0K4EtGAAovcF5KLRpiS9SP3TJSiA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3170137852&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=322&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=VXUdv8GzS6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=325
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3-29 200 dr Show response
ad4m.at/ad/ Frame D2CC 2 KB
2 KB 33ms
30ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1gtga6fe7w3ty1pe0j4ecvtaatrs4f7e17jwsxp2j5x0efr7hwbkp3ktazs7dqy13mbeya7k9y9vatjtehczmrvg7zck0mj5j8mskn5gvn4h0wsekfpx1bzfs6p6zygbh314fgr11t13jt59sndra8hpsbrd0n74bchjtv3jmw46qmthfmsmmmbesm0egfha03cn2xs21gpy0kwbjf8nv7fcmrt23xzdrkerzht6jypqpyp7g37ch5vbgnkjz30p29jhkdvc7ewa207ba8gb3k49wshbhajtk0tpd0jcjds3r9fx2thf4vpqq1rp5pf4mze2azbdbgc375fbq5sgr2bd8189ypggjkxcgn75g04ztkk9eg0yr5y4x6ytg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%26client%3Dca-pub-3064385439319244%26adurl%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4631d490c145371201806b625cdc220cff52cad4b995ac42c62aea80cf82397

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1gtga6fe7w3ty1pe0j4ecvtaatrs4f7e17jwsxp2j5x0efr7hwbkp3ktazs7dqy13mbeya7k9y9vatjtehczmrvg7zck0mj5j8mskn5gvn4h0wsekfpx1bzfs6p6zygbh314fgr11t13jt59sndra8hpsbrd0n74bchjtv3jmw46qmthfmsmmmbesm0egfha03cn2xs21gpy0kwbjf8nv7fcmrt23xzdrkerzht6jypqpyp7g37ch5vbgnkjz30p29jhkdvc7ewa207ba8gb3k49wshbhajtk0tpd0jcjds3r9fx2thf4vpqq1rp5pf4mze2azbdbgc375fbq5sgr2bd8189ypggjkxcgn75g04ztkk9eg0yr5y4x6ytg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%26client%3Dca-pub-3064385439319244%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c6aa217ef12c19-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6FD7 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Jul 2021 11:56:19 GMT
expires: Sat, 10 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 55535
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame D46F 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 03:15:06 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame D46F 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 03:19:00 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D46F 0
0 14ms
14ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2xXN4R6Yqy6bBaITNN30Z9vF796uo8_BAguUhBBOBPP5cQVGhobWbgUWcX-F-SYfwqzlDq2eyOfp_N5ewS1q0ZoS9JQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D46F 123 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:54 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D46F 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CI2a_URLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgTxAU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xo0rlLGdXJbYKXKeUkw2ByjTvCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi0zMDY0Mzg1NDM5MzE5MjQ0&sigh=LGeiEOlHQBI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Jul 2021 03:21:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D46F 0
0 16ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k8aezvjgj2x9bvch0rsygtt968fchpt7frqw0v8454ay2vwhd7m1r1rr1tyyjvm1e8e4na5dfwx314rs9423qkd8d7anretp9mbjzam6r0aknkakeszvtv93mnj23npznvpn6xctppxefccdj2az49vje3vwcghmm1b6jjhmbwx2y6c9n516ep3zg8z99ac7ayd66df1r5tx98yszchh0c83r78wgdmsz5vytjs08akwrns553wv4w48gxeyagkaz59zxcdjtcqjzydrkk8qjhbxrqvf02vv6z1gv10ddfgkbqaqkjjq0bq188enn8tt4mv61yem5m1ng06n6bbprxyb28ced54nypd84k2hx0cvg6zbpfm7hr9vbz0bjesvyqmzag3&b=YOkSUQAOT5kKe4VMAAsLYe3FjJRV7Pr4esZEfg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3-29 200 dr Show response
ad4m.at/ad/ Frame 2141 2 KB
2 KB 20ms
20ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1j9escr7s46t7wyf3g3ywkhek8yst8hvw872szxnzb9yd0j48rbrax4zyv9mj4thx1bra7r26frc6rbjhq4vf5wpqhaf5zhkj54q3mswcftfdr5bkat72ya6t1nzecy7vx6zpnmdg5taxh4rdnm6hpemnmmpvd8jaafhz7pzs1dhhmaafa2529sqnr9gzbdyhmhzwac1ww2xgx2z05tztbhj5e3xqrd5cs6t4m1drz2y219m4t3kj8bts65rbawmy1b3mtb20yp1qkf8nb3e3ryyzntmkwpfxhg43847dep2qmn8q2gxd6rtzp7vef8bavx8afjbasezsycb5c7sbywd3mcdw4bz4w5a92ty1486saf440hm7mntraq18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%26client%3Dca-pub-3064385439319244%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ce70cf64511a1633c4225f1a1a44fbb1ce908beed8e2f7977d77cb537068b2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1j9escr7s46t7wyf3g3ywkhek8yst8hvw872szxnzb9yd0j48rbrax4zyv9mj4thx1bra7r26frc6rbjhq4vf5wpqhaf5zhkj54q3mswcftfdr5bkat72ya6t1nzecy7vx6zpnmdg5taxh4rdnm6hpemnmmpvd8jaafhz7pzs1dhhmaafa2529sqnr9gzbdyhmhzwac1ww2xgx2z05tztbhj5e3xqrd5cs6t4m1drz2y219m4t3kj8bts65rbawmy1b3mtb20yp1qkf8nb3e3ryyzntmkwpfxhg43847dep2qmn8q2gxd6rtzp7vef8bavx8afjbasezsycb5c7sbywd3mcdw4bz4w5a92ty1486saf440hm7mntraq18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%26client%3Dca-pub-3064385439319244%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c6aa21af0f2c19-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0564 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Jul 2021 11:56:19 GMT
expires: Sat, 10 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 55535
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.pt.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 64ms
22ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.pt.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-e24"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Sat, 10 Jul 2021 03:21:54 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1747

GET
DATA 200
OK truncated
/ Frame 6087 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 016b9d9fb52f78feb437e7d91a50552aa98e5b95878db374619f4fef2eb9b508

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 74 B
342 B 195ms
193ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&callback=_ate.cbs.sc_httpswwwcidadesdomeubrasilcombrscnovohorizonte0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

70cf5635dd38c801dfab033f852f0eea3cc63a148f47be16855705c495af385b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.cidadesdomeubrasil.com.br/sc/novo_horizonte
last-modified: Sat, 10 Jul 2021 03:21:54 GMT
server: nginx/1.15.8
date: Sat, 10 Jul 2021 03:21:54 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 91

GET
DATA 200
OK truncated
/ Frame 5665 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2ff60d3b1b11151cb6e05ef063e4c607501ba1b4af8a7a0e733e648e07bbae9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 29 Show response
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/moedas-operacionais/ Frame 9AB6 173 B
790 B 276ms
276ms XHR
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/moedas-operacionais/29

Requested by

Host: www.confidencecambio.com.br
URL: https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/js/2.519f1a0a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-233-92-4.sa-east-1.compute.amazonaws.com

Software

Resource Hash

c2b6ac1099559f5403bed316b0c1272efb0b6adfa66f43bddba9ade1e2739f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.confidencecambio.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
auth: $2y$12$M4fgZx/W7r9yRWtkqZ7yx.cBlfZjRgvGzVmwOXrUEBiA8BMCn88Bq

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
x-content-type-options: nosniff
x-amzn-remapped-content-length: 173
x-amzn-remapped-date: Sat, 10 Jul 2021 03:21:54 GMT
x-amzn-requestid: 43295a91-717e-42c4-afbc-04b7a50583cd
x-amz-apigw-id: CO_M7E5YmjQFsmQ=
content-length: 173
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
access-control-max-age: 3600
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: *
x-amzn-remapped-server
x-amzn-remapped-connection: close
expires: 0

OPTIONS
H2 200 29
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/moedas-operacionais/ Frame 0
0 206ms
206ms Preflight
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/moedas-operacionais/29
Protocol: H2
Server: 54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-233-92-4.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: auth
Origin: https://www.confidencecambio.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 57203eaa-6ebe-4849-9b12-5208408e2927
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,auth,agent-id
x-amz-apigw-id: CO_M5HqGmjQFl3g=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-expose-headers: agent-id

GET
DATA 200
OK truncated
/ Frame D46F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95496ca3ede696d642cbd818643834d0aa556c690dc4565e5576ed3b5dcd11a0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame AE34 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 03:15:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE34 123 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:54 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame AE34 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 03:19:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame AE34 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyJkAURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgTxAU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX2102Ti1CcC3OEbkZh4HLmMuWuABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi0zMDY0Mzg1NDM5MzE5MjQ0&sigh=SLvFDmvwf4k

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Jul 2021 03:21:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame AE34 0
0 17ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j6qzsdj2gepa5m9tdfm2rmhqrawztcjxjst07wqwpg23v2m59930zxzgr4srtw6rfw0dmwv81c4wwasce18m2pmrp59m0fakrgdd8jxd5a12j59s3vx5txaczgpw337t3h1z0bkc5x0wy1mqapt7ttejpwdnbvm9pfq0n70ya8rztv91bhk07n15cv24enfm8s1jf05yftdhhdqzwv7tmke121ykkaeqse7zc8me4pkfz2ztdezaqaanj0jth5cnp3yxvk9pkcyawpzrbvg4zzbf5q25vna1t2s28gs5b4v1zg6z56zdbe3y4mz0yyee91mh2njnj7cap4qb1v7k7172tebe07q9ffsk3xvnacbaqfa0dvas0gb5qvjm13gvqyeypgk&b=YOkSUQAOp-IKe6OKAAv5IbUx2RlCHmU5eIJcbA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3-29 200 dr Show response
ad4m.at/ad/ Frame 66D5 2 KB
2 KB 18ms
18ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1g8h5c0r91bd3cdfghfddzpez12da6fcwtgv7mkjb6dz5fmgvswv8cgh78nkqh2gv18fzqe4820ry3qntmx5zb01wrrh2tqr57a0pst215bysjjw8dn6w7p5fvez14nkby3an2q2qcc948c8bpbq0vv4qw8rzgtn3197jrrawjdamyphew3346yw827nyq2b6kwkvhcfv97jtgcm2emdmzx59t3c7pw22vaqb5k35f7zmkzpk4a7x80xd2awvh6d0df92penapeyyx2h5wt3dfrdhnbh7g813jcgd72xkkvz2zmgwsprecmecd56pakwp959bmkmpmdyjnphmfdawd9cyd2g3p79wphq61602yk58480ar8swmpwcht2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%26client%3Dca-pub-3064385439319244%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9eac97ead5cbc5b0d0e26d7bbb71aa023fa12acdfa121a5c06cb050284f7ee27

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1g8h5c0r91bd3cdfghfddzpez12da6fcwtgv7mkjb6dz5fmgvswv8cgh78nkqh2gv18fzqe4820ry3qntmx5zb01wrrh2tqr57a0pst215bysjjw8dn6w7p5fvez14nkby3an2q2qcc948c8bpbq0vv4qw8rzgtn3197jrrawjdamyphew3346yw827nyq2b6kwkvhcfv97jtgcm2emdmzx59t3c7pw22vaqb5k35f7zmkzpk4a7x80xd2awvh6d0df92penapeyyx2h5wt3dfrdhnbh7g813jcgd72xkkvz2zmgwsprecmecd56pakwp959bmkmpmdyjnphmfdawd9cyd2g3p79wphq61602yk58480ar8swmpwcht2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%26client%3Dca-pub-3064385439319244%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c6aa225fbb2c19-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AC90 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Jul 2021 11:56:19 GMT
expires: Sat, 10 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 55535
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame A781 58 KB
7 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hcqesd7mr9tf8d9qn3yxbc6pr55q5jf5edyzzds77e2db354xfnsgkcc3qk22q7vgf7w6hzz7jaaqyt406zn5rsx91hpn01xjrvr9q6bb7z4jg59t23cn019djrknr8v8c5wyy5c4820b11q5p7dh93ppmvvf9ba48vf1e0cs57m3j6fv9y5p1xzk7j9p619yf1y0z50yzr6kzhq4s7zam0cwxwc7ck3za6d1n4g3cv6s7bfe8ytwtbgz2wawyqf7nrndsp31ryc0dtz9q4kc97ajffg7fw9at80889jwksdckxn1safkv114f8aj1p61fy4vj2hprc3zgb01aa7a5qh1fk3wn0w3287kzchhdfg180kzpfhph0ypvam&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%26client%3Dca-pub-3064385439319244%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hcqesd7mr9tf8d9qn3yxbc6pr55q5jf5edyzzds77e2db354xfnsgkcc3qk22q7vgf7w6hzz7jaaqyt406zn5rsx91hpn01xjrvr9q6bb7z4jg59t23cn019djrknr8v8c5wyy5c4820b11q5p7dh93ppmvvf9ba48vf1e0cs57m3j6fv9y5p1xzk7j9p619yf1y0z50yzr6kzhq4s7zam0cwxwc7ck3za6d1n4g3cv6s7bfe8ytwtbgz2wawyqf7nrndsp31ryc0dtz9q4kc97ajffg7fw9at80889jwksdckxn1safkv114f8aj1p61fy4vj2hprc3zgb01aa7a5qh1fk3wn0w3287kzchhdfg180kzpfhph0ypvam&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1010976
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6688
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TQjPFZAp0m3F1jIO7BHTPYzRTE%2FJj0PbA%2BBOcf7RMOCW3At7FvEGhqO8BDPHZOkWJwjvJ3doiShzH7BoC5%2BZFVbCJjMMs%2F1UyQfo6qnShpo39YgCO5%2Bkv9GSEBRMSbg%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 66c6aa228ff02c19-FRA
expires: Tue, 28 Jun 2022 10:32:18 GMT

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame A781 36 KB
12 KB 15ms
15ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hcqesd7mr9tf8d9qn3yxbc6pr55q5jf5edyzzds77e2db354xfnsgkcc3qk22q7vgf7w6hzz7jaaqyt406zn5rsx91hpn01xjrvr9q6bb7z4jg59t23cn019djrknr8v8c5wyy5c4820b11q5p7dh93ppmvvf9ba48vf1e0cs57m3j6fv9y5p1xzk7j9p619yf1y0z50yzr6kzhq4s7zam0cwxwc7ck3za6d1n4g3cv6s7bfe8ytwtbgz2wawyqf7nrndsp31ryc0dtz9q4kc97ajffg7fw9at80889jwksdckxn1safkv114f8aj1p61fy4vj2hprc3zgb01aa7a5qh1fk3wn0w3287kzchhdfg180kzpfhph0ypvam&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%26client%3Dca-pub-3064385439319244%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hcqesd7mr9tf8d9qn3yxbc6pr55q5jf5edyzzds77e2db354xfnsgkcc3qk22q7vgf7w6hzz7jaaqyt406zn5rsx91hpn01xjrvr9q6bb7z4jg59t23cn019djrknr8v8c5wyy5c4820b11q5p7dh93ppmvvf9ba48vf1e0cs57m3j6fv9y5p1xzk7j9p619yf1y0z50yzr6kzhq4s7zam0cwxwc7ck3za6d1n4g3cv6s7bfe8ytwtbgz2wawyqf7nrndsp31ryc0dtz9q4kc97ajffg7fw9at80889jwksdckxn1safkv114f8aj1p61fy4vj2hprc3zgb01aa7a5qh1fk3wn0w3287kzchhdfg180kzpfhph0ypvam&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 54760
x-guploader-uploadid: ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:08:33 GMT
server: cloudflare
etag: W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aYxm16v8dHpeKmuzg7poWCvMWBaWTirkOXpiEPO8yrseooN1L4hed%2Fvq4Kzr6dWftPJYhfMF6npycJBrjY0tUQmu98CV3BKwQTS3Kf%2BOdPUODiTmELlDWUIfyN8V2TUD"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672513020985
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11953
cf-ray: 66c6aa228ff42c19-FRA
expires: Fri, 09 Jul 2021 12:09:14 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A98B 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSgJ5UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgTxAU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCDD0tsd-Wq7_8T5F-2ye_h5JvKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi0zMDY0Mzg1NDM5MzE5MjQ0&sigh=T6HVKP2zfkY

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=600&slotname=2468660611&adk=2950433520&adf=4179601936&pi=t.ma~as.2468660611&w=252&fwrn=4&fwrnh=100&lmt=1625887314&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313584&bpp=1&bdt=2879&idt=445&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=1178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=j20iFPIdM7&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=448
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Jul 2021 03:21:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame A98B 0
0 15ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jwc5pvrpw2ckrshpbjw6w9b033fs0spdpnjbhryc343stvgftewwegncd0a3vp7xmfhktfy2tdnxddrptd9p2hmap1q3q964a3b5267m34jyd26e8xj47ygqa9csqmxz1xw8abj7ytg52b8d6f7hcars21tfpt2b5ms46yn1q7590p8fgbq6gnx5bdn8xjspsnnef57xceybwd3rartc6g8q86p046c3aq0a4mngxfs0wmkw03509dfkhm03d0heb96xsd977z6rwgrm3y5zhtaqfc6qhtseqbt2jhf4e3aqya5c2g0ees333z1kax15vskspne4dxmnhn970xak2zfp39qkh2andtfveqmjda1rc49yhyda3jmk1de7rjbwyj43srq&b=YOkSUgAAweQK4DsaAAEO22ICLgv2XqSYMJm9dw
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3-29 200 dr Show response
ad4m.at/ad/ Frame DFA2 2 KB
2 KB 18ms
17ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1j983aqz7m2ds6vgg64wra5wydpq7ezrheh6gsh2c09zk2jaypgt74xccyyadgvqwgyx1hkanz5rxnygaqbdw1b8vw16z9km8wbzsr5s8mwttksgm4n3g3ah7szyzkafts8wv8fs2jeb8n4df44rmesy5cvhab4z186vqgfr2e8v6eqg0kzy7e49z4j86c08nfp236zn2v3rgh17s8ppt6ssmxw0zcb6bw2kcaqde44r7mfveza9f3ctkeres21y6vjkvznyecvzjggwbrjszze304rysbmefjrj57paz7dm2ebqhe1sy0ma3q80fvjpq3vwg657zp1mfsnrzh9bzq4xtwx3v2aamd4hax87erc6hxrsb4nby7b546j5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%26client%3Dca-pub-3064385439319244%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=600&slotname=2468660611&adk=2950433520&adf=4179601936&pi=t.ma~as.2468660611&w=252&fwrn=4&fwrnh=100&lmt=1625887314&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313584&bpp=1&bdt=2879&idt=445&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=1178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=j20iFPIdM7&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=448

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfadb071f1c8b7bf547bc6384603797cb8199b22e6fa2c62352625368899aae0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1j983aqz7m2ds6vgg64wra5wydpq7ezrheh6gsh2c09zk2jaypgt74xccyyadgvqwgyx1hkanz5rxnygaqbdw1b8vw16z9km8wbzsr5s8mwttksgm4n3g3ah7szyzkafts8wv8fs2jeb8n4df44rmesy5cvhab4z186vqgfr2e8v6eqg0kzy7e49z4j86c08nfp236zn2v3rgh17s8ppt6ssmxw0zcb6bw2kcaqde44r7mfveza9f3ctkeres21y6vjkvznyecvzjggwbrjszze304rysbmefjrj57paz7dm2ebqhe1sy0ma3q80fvjpq3vwg657zp1mfsnrzh9bzq4xtwx3v2aamd4hax87erc6hxrsb4nby7b546j5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%26client%3Dca-pub-3064385439319244%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c6aa228ffc2c19-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame A98B 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 03:15:06 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7C4A 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Jul 2021 11:56:19 GMT
expires: Sat, 10 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 55535
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A98B 123 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:54 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame A98B 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 03:19:00 GMT

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame D2CC 58 KB
7 KB 22ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gtga6fe7w3ty1pe0j4ecvtaatrs4f7e17jwsxp2j5x0efr7hwbkp3ktazs7dqy13mbeya7k9y9vatjtehczmrvg7zck0mj5j8mskn5gvn4h0wsekfpx1bzfs6p6zygbh314fgr11t13jt59sndra8hpsbrd0n74bchjtv3jmw46qmthfmsmmmbesm0egfha03cn2xs21gpy0kwbjf8nv7fcmrt23xzdrkerzht6jypqpyp7g37ch5vbgnkjz30p29jhkdvc7ewa207ba8gb3k49wshbhajtk0tpd0jcjds3r9fx2thf4vpqq1rp5pf4mze2azbdbgc375fbq5sgr2bd8189ypggjkxcgn75g04ztkk9eg0yr5y4x6ytg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%26client%3Dca-pub-3064385439319244%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gtga6fe7w3ty1pe0j4ecvtaatrs4f7e17jwsxp2j5x0efr7hwbkp3ktazs7dqy13mbeya7k9y9vatjtehczmrvg7zck0mj5j8mskn5gvn4h0wsekfpx1bzfs6p6zygbh314fgr11t13jt59sndra8hpsbrd0n74bchjtv3jmw46qmthfmsmmmbesm0egfha03cn2xs21gpy0kwbjf8nv7fcmrt23xzdrkerzht6jypqpyp7g37ch5vbgnkjz30p29jhkdvc7ewa207ba8gb3k49wshbhajtk0tpd0jcjds3r9fx2thf4vpqq1rp5pf4mze2azbdbgc375fbq5sgr2bd8189ypggjkxcgn75g04ztkk9eg0yr5y4x6ytg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1010976
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6688
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mVkvWDS6u17avZTpec3mH2T%2FjR%2FvngJIA2foiMwId5U3J2JaGxOEzq6pARLk19FeSM%2ByT%2Bu6nTKTLKaIx7Ls%2FpOqf%2FHtDIwPT%2BbCC6AP413zP%2BdmkeqK2QhpWp1NE611"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 66c6aa22a80e2c19-FRA
expires: Tue, 28 Jun 2022 10:32:18 GMT

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame D2CC 36 KB
12 KB 18ms
15ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gtga6fe7w3ty1pe0j4ecvtaatrs4f7e17jwsxp2j5x0efr7hwbkp3ktazs7dqy13mbeya7k9y9vatjtehczmrvg7zck0mj5j8mskn5gvn4h0wsekfpx1bzfs6p6zygbh314fgr11t13jt59sndra8hpsbrd0n74bchjtv3jmw46qmthfmsmmmbesm0egfha03cn2xs21gpy0kwbjf8nv7fcmrt23xzdrkerzht6jypqpyp7g37ch5vbgnkjz30p29jhkdvc7ewa207ba8gb3k49wshbhajtk0tpd0jcjds3r9fx2thf4vpqq1rp5pf4mze2azbdbgc375fbq5sgr2bd8189ypggjkxcgn75g04ztkk9eg0yr5y4x6ytg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%26client%3Dca-pub-3064385439319244%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gtga6fe7w3ty1pe0j4ecvtaatrs4f7e17jwsxp2j5x0efr7hwbkp3ktazs7dqy13mbeya7k9y9vatjtehczmrvg7zck0mj5j8mskn5gvn4h0wsekfpx1bzfs6p6zygbh314fgr11t13jt59sndra8hpsbrd0n74bchjtv3jmw46qmthfmsmmmbesm0egfha03cn2xs21gpy0kwbjf8nv7fcmrt23xzdrkerzht6jypqpyp7g37ch5vbgnkjz30p29jhkdvc7ewa207ba8gb3k49wshbhajtk0tpd0jcjds3r9fx2thf4vpqq1rp5pf4mze2azbdbgc375fbq5sgr2bd8189ypggjkxcgn75g04ztkk9eg0yr5y4x6ytg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 54760
x-guploader-uploadid: ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:08:33 GMT
server: cloudflare
etag: W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AxpwFnuAH%2B5Ns8eJqgbOW3TuxV2tBzotarwv4mxEdx2G7zJEmqh3yNc%2BJH3c3l57EfFpldiJlWJ5B0w0MBrJ5FAwKc7C9C8T8k8F7mKgtFMdbARqV7JdQ%2FA6KFKMpaYj"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672513020985
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11953
cf-ray: 66c6aa22a8132c19-FRA
expires: Fri, 09 Jul 2021 12:09:14 GMT

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 2141 58 KB
7 KB 14ms
13ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j9escr7s46t7wyf3g3ywkhek8yst8hvw872szxnzb9yd0j48rbrax4zyv9mj4thx1bra7r26frc6rbjhq4vf5wpqhaf5zhkj54q3mswcftfdr5bkat72ya6t1nzecy7vx6zpnmdg5taxh4rdnm6hpemnmmpvd8jaafhz7pzs1dhhmaafa2529sqnr9gzbdyhmhzwac1ww2xgx2z05tztbhj5e3xqrd5cs6t4m1drz2y219m4t3kj8bts65rbawmy1b3mtb20yp1qkf8nb3e3ryyzntmkwpfxhg43847dep2qmn8q2gxd6rtzp7vef8bavx8afjbasezsycb5c7sbywd3mcdw4bz4w5a92ty1486saf440hm7mntraq18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%26client%3Dca-pub-3064385439319244%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j9escr7s46t7wyf3g3ywkhek8yst8hvw872szxnzb9yd0j48rbrax4zyv9mj4thx1bra7r26frc6rbjhq4vf5wpqhaf5zhkj54q3mswcftfdr5bkat72ya6t1nzecy7vx6zpnmdg5taxh4rdnm6hpemnmmpvd8jaafhz7pzs1dhhmaafa2529sqnr9gzbdyhmhzwac1ww2xgx2z05tztbhj5e3xqrd5cs6t4m1drz2y219m4t3kj8bts65rbawmy1b3mtb20yp1qkf8nb3e3ryyzntmkwpfxhg43847dep2qmn8q2gxd6rtzp7vef8bavx8afjbasezsycb5c7sbywd3mcdw4bz4w5a92ty1486saf440hm7mntraq18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1010976
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6688
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ypDPTBH5aC%2BZPZ8NkpA58gAxHoPJMCKDBWzXnlOtqrBR4grSWvaCb4F1rxiGsPDXsIOl54U3NoKYtAZ1BWgiUlxoHo4PpjGpZOLBQYtFxhvjUST4P7XztNKnvQ95QMDR"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 66c6aa22a8122c19-FRA
expires: Tue, 28 Jun 2022 10:32:18 GMT

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 2141 36 KB
12 KB 21ms
20ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j9escr7s46t7wyf3g3ywkhek8yst8hvw872szxnzb9yd0j48rbrax4zyv9mj4thx1bra7r26frc6rbjhq4vf5wpqhaf5zhkj54q3mswcftfdr5bkat72ya6t1nzecy7vx6zpnmdg5taxh4rdnm6hpemnmmpvd8jaafhz7pzs1dhhmaafa2529sqnr9gzbdyhmhzwac1ww2xgx2z05tztbhj5e3xqrd5cs6t4m1drz2y219m4t3kj8bts65rbawmy1b3mtb20yp1qkf8nb3e3ryyzntmkwpfxhg43847dep2qmn8q2gxd6rtzp7vef8bavx8afjbasezsycb5c7sbywd3mcdw4bz4w5a92ty1486saf440hm7mntraq18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%26client%3Dca-pub-3064385439319244%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j9escr7s46t7wyf3g3ywkhek8yst8hvw872szxnzb9yd0j48rbrax4zyv9mj4thx1bra7r26frc6rbjhq4vf5wpqhaf5zhkj54q3mswcftfdr5bkat72ya6t1nzecy7vx6zpnmdg5taxh4rdnm6hpemnmmpvd8jaafhz7pzs1dhhmaafa2529sqnr9gzbdyhmhzwac1ww2xgx2z05tztbhj5e3xqrd5cs6t4m1drz2y219m4t3kj8bts65rbawmy1b3mtb20yp1qkf8nb3e3ryyzntmkwpfxhg43847dep2qmn8q2gxd6rtzp7vef8bavx8afjbasezsycb5c7sbywd3mcdw4bz4w5a92ty1486saf440hm7mntraq18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 54760
x-guploader-uploadid: ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:08:33 GMT
server: cloudflare
etag: W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=j7hyyGVJZ7tu5fvjJY5qoThbGUpAmzfGtwKwHbmy8FP%2FyqBZc%2FX89f6NrOyVkZYm6jXET3dBMeNjMDL2%2B36UrBZqbtnrhE1n1btFGZ2HmqoYVxr6jYT1h4SLSJGLAhEB"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672513020985
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11953
cf-ray: 66c6aa22a8152c19-FRA
expires: Fri, 09 Jul 2021 12:09:14 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 564C 35 B
463 B 28ms
7ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAjC518HKLuJgTYsVHHYDK8&google_cver=1&google_push=AYg5qPLqqLfNnLjxeFUoZHpxkckegtrFsZds6HzcB7IIhJSRbd_ryBErqiP2CkIuICQCtmOt94OFZS2q_9DbItDNpfKWn8xx-OU

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 564C
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEMkjlICfYCKLiEwe5XR3Fh8&google_cver=1&google_push=AYg5qPJQfUEBc6rJ9FCcOsPg8bwiIUkhechkOLwhN8W0xafD8yNfS_CZjuigpvxEJehgMzopSUcvqWizGRkpXTBW_nk7Yp-oqqyf
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJQfUEBc6rJ9FCcOsPg8bwiIUkhechkOLwhN8W0xafD8yNfS_CZjuigpvxEJehgMzopSUcvqWizGRkpXTBW_nk7Yp-oqqyf&google_hm=Q0FFU0VNa2psSUNmWUNLT...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJQfUEBc6rJ9FCcOsPg8bwiIUkhechkOLwhN8W0xafD8yNfS_CZjuigpvxEJehgMzopSUcvqWizGRkpXTBW_nk7Yp-oqqyf&google_hm=Q0FFU0VNa2psSUNmWUNLTGlFd2U1WFIzRmg4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:53 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJQfUEBc6rJ9FCcOsPg8bwiIUkhechkOLwhN8W0xafD8yNfS_CZjuigpvxEJehgMzopSUcvqWizGRkpXTBW_nk7Yp-oqqyf&google_hm=Q0FFU0VNa2psSUNmWUNLTGlFd2U1WFIzRmg4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 564C
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIISCsJ...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIISCsJ...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMzIxNTQwMDA2MjA0NzQ4NDcxMA%3D%3D&google_push=AYg5qPIISCsJdJZW9vUJid97XhuzXdwi3_nkzztdJ1p-H06YZ-elFgPtTMVYwkAOpL_yhw...

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMzIxNTQwMDA2MjA0NzQ4NDcxMA%3D%3D&google_push=AYg5qPIISCsJdJZW9vUJid97XhuzXdwi3_nkzztdJ1p-H06YZ-elFgPtTMVYwkAOpL_yhwuAE3xU7K6rpLBmFD9DaLR9xJ7wff1m

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMzIxNTQwMDA2MjA0NzQ4NDcxMA%3D%3D&google_push=AYg5qPIISCsJdJZW9vUJid97XhuzXdwi3_nkzztdJ1p-H06YZ-elFgPtTMVYwkAOpL_yhwuAE3xU7K6rpLBmFD9DaLR9xJ7wff1m
pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 10 Jul 2021 03:21:54 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 564C
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEA13_ygMH2U3AwXT2nz09MM&google_cver=1&google_push=AYg5qPIJjnIk5UmoQlyrp_yZYtshdfaQJS-43VqsGxYtGDpCXHykKUvX9CiJ4sKKAnM-nV3ysQxCkq7spZYRJWcS1chZEfoX8tQ
https://rtb.openx.net/sync/dds?google_gid=CAESEA13_ygMH2U3AwXT2nz09MM&google_cver=1&google_push=AYg5qPIJjnIk5UmoQlyrp_yZYtshdfaQJS-43VqsGxYtGDpCXHykKUvX9CiJ4sKKAnM-nV3ysQxCkq7spZYRJWcS1chZEfoX8tQ&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIJjnIk5UmoQlyrp_yZYtshdfaQJS-43VqsGxYtGDpCXHykKUvX9CiJ4sKKAnM-nV3ysQxCkq7spZYRJWcS1chZEfoX8tQ&google_hm=uTB1K3cmyfUUUNYxoGOpRA==

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIJjnIk5UmoQlyrp_yZYtshdfaQJS-43VqsGxYtGDpCXHykKUvX9CiJ4sKKAnM-nV3ysQxCkq7spZYRJWcS1chZEfoX8tQ&google_hm=uTB1K3cmyfUUUNYxoGOpRA==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:53 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIJjnIk5UmoQlyrp_yZYtshdfaQJS-43VqsGxYtGDpCXHykKUvX9CiJ4sKKAnM-nV3ysQxCkq7spZYRJWcS1chZEfoX8tQ&google_hm=uTB1K3cmyfUUUNYxoGOpRA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: i2787qvvnukjs2bdv28suulrv2umfkqm

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 564C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HejEkUOXQeO-Vk093eIWfg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HejEkUOXQeO-Vk093eIWfg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIew5EiUlsbZRh0k3Zmy7604XxG7P7JVfcR028pu_4BlWUaq_KizgXgG4YRPmlf73A_SL9UoBxIWB-enqP4aWHe9itGLcqB

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HejEkUOXQeO-Vk093eIWfg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIew5EiUlsbZRh0k3Zmy7604XxG7P7JVfcR028pu_4BlWUaq_KizgXgG4YRPmlf73A_SL9UoBxIWB-enqP4aWHe9itGLcqB
date: Sat, 10 Jul 2021 03:21:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 564C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJJ-DZuWAqoSjciTjqHR-FI&google_cver=1&google_push=AYg5qPLsh9H3fzzADAgsVAIIlORjhCXme3i04D3FIWwps2wFphB2aFmX8pSzSYRfdGnENyI1_XW...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTVkwtMUQtSzlGSA==&google_push=AYg5qPLsh9H3fzzADAgsVAIIlORjhCXme3i04D3FIWwps2wFphB2aFmX8pSzSYRfdGnENyI1_XWQ1z7fGCY_8unQL7FBEdnafRw0

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTVkwtMUQtSzlGSA==&google_push=AYg5qPLsh9H3fzzADAgsVAIIlORjhCXme3i04D3FIWwps2wFphB2aFmX8pSzSYRfdGnENyI1_XWQ1z7fGCY_8unQL7FBEdnafRw0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTVkwtMUQtSzlGSA==&google_push=AYg5qPLsh9H3fzzADAgsVAIIlORjhCXme3i04D3FIWwps2wFphB2aFmX8pSzSYRfdGnENyI1_XWQ1z7fGCY_8unQL7FBEdnafRw0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 564C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 564C 0
253 B 40ms
14ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJaWSXJK6uGEdvybyEDm73nLW3rA4e0AT8fVKGLt5l68qQ3gQfozX-JIEECwVC54lNRuoy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1A6A 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQms9UhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgTxAU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb43mLNIWaFjgmmf2QnfOEP8VcE-ABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi0zMDY0Mzg1NDM5MzE5MjQ0&sigh=RLFON4S0dlY

Requested by

Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=600&slotname=1571090610&adk=3450609554&adf=608075586&pi=t.ma~as.1571090610&w=300&lmt=1625887314&psa=0&format=300x600&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313585&bpp=1&bdt=2880&idt=485&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250%2C300x250%2C252x600&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1266&ady=950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&fsb=1&xpc=12e2q34JVR&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Jul 2021 03:21:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 1A6A 0
0 16ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1khhc6q1zc7ytvxe0h6zejv979we46gd5t85mn3yw66gkhbxg3gnhc1m3x75ggp22ds2zt82hdkeqwkzhah8kb73f4qrsqvpnh3vk97epb1e9g8qj6byp02qw5jcrmrgyzcpaj1b2pvwzzc686ry3cngehb986ba6q77akswe63nq2b9s4rbmqngzmc44bwsvycmxfty4ebmdrqm8f476d43ps1vmrycrhygxzp9djgxb4r90r5ngexpazxfj0rvz85xrgfj1yxkvhrhgfnxwe6q0eqfjjcy8tdkxvb0t18jrm6wm8ehy1f9zc110pcdxm0f1q91aecf9vwvdxhgeehd75sfmpzdvpvbn2ngq523egqw7jb9wdj0txq5j9yp4r8tb7ky&b=YOkSUgABejYKe4DRAAp1SZ7-nIZNgYmhDl5_Lw
Requested by: Host: www.cidadesdomeubrasil.com.br
URL: https://www.cidadesdomeubrasil.com.br/sc/novo_horizonte
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3-29 200 dr Show response
ad4m.at/ad/ Frame D872 2 KB
2 KB 31ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1ksh4e91vg2y7647pp5za351ny33my3yv03gq5yk2232c3hvxj4s0je565bev9he19d34c20f7xxdmsss3gwnx8h4e1g9zv126gv0qmdmyv1smr8zwgb75hnmvcnbj7atzv4tjtfva7k99m0fmm6hbsx04zq25dtvsentrmekvjhj9tzs0fjcc2y05wgj5y0yvtv1fp0947bs5et55mwd3d553g4k8d8fy9xrr9a3ta0t09gsjpp68h8aajh1th86mpds2pwnh59z12cv4pzcyzvwhr7dqxv589n8xfmwhje9zbk2fjbvgmy9nyntp5gjgxam7ftrgbsqxtq7t0x09tcgb8ws1rrwmc2g9hz9pgeqb5c770mqjj6zckwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%26client%3Dca-pub-3064385439319244%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=600&slotname=1571090610&adk=3450609554&adf=608075586&pi=t.ma~as.1571090610&w=300&lmt=1625887314&psa=0&format=300x600&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313585&bpp=1&bdt=2880&idt=485&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250%2C300x250%2C252x600&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1266&ady=950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&fsb=1&xpc=12e2q34JVR&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=493

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f86a6b444db2db30a5f282abed5dff3e9f5c4e4050edb828159eb3e4bbf326

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1ksh4e91vg2y7647pp5za351ny33my3yv03gq5yk2232c3hvxj4s0je565bev9he19d34c20f7xxdmsss3gwnx8h4e1g9zv126gv0qmdmyv1smr8zwgb75hnmvcnbj7atzv4tjtfva7k99m0fmm6hbsx04zq25dtvsentrmekvjhj9tzs0fjcc2y05wgj5y0yvtv1fp0947bs5et55mwd3d553g4k8d8fy9xrr9a3ta0t09gsjpp68h8aajh1th86mpds2pwnh59z12cv4pzcyzvwhr7dqxv589n8xfmwhje9zbk2fjbvgmy9nyntp5gjgxam7ftrgbsqxtq7t0x09tcgb8ws1rrwmc2g9hz9pgeqb5c770mqjj6zckwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%26client%3Dca-pub-3064385439319244%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c6aa22c82a2c19-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 1A6A 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 03:15:06 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2FCD 1 KB
749 B 10ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Jul 2021 11:56:19 GMT
expires: Sat, 10 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 55535
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 1A6A 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 03:19:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A6A 123 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:54 GMT

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B0CE 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Jul 2022 03:20:21 GMT

GET
DATA 200
OK truncated
/ Frame AE34 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8b0f6d014a6aa8c6fddcbbbf72b5f76a9c2f4f2776675455f4e49727f8b5634

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6FD7
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGyBz3zuQzwWNo-Clxw0ujc&google_cver=1&google_push=AYg5qPK-1doefb8x3hbomrRxMNUDqAn7NUAMLpTThI34WlIGE0R2D8KQ5t...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK-1doefb8x3hbomrRxMNUDqAn7NUAMLpTThI34WlIGE0R2D8KQ5tz_KqDAG26ieJ-S8TcTOL34yxVHM7_Bl2xdLQ7duZlSIQ&google_hm=6D3s...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK-1doefb8x3hbomrRxMNUDqAn7NUAMLpTThI34WlIGE0R2D8KQ5tz_KqDAG26ieJ-S8TcTOL34yxVHM7_Bl2xdLQ7duZlSIQ&google_hm=6D3sjouUuaRS70fDGQB3CQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK-1doefb8x3hbomrRxMNUDqAn7NUAMLpTThI34WlIGE0R2D8KQ5tz_KqDAG26ieJ-S8TcTOL34yxVHM7_Bl2xdLQ7duZlSIQ&google_hm=6D3sjouUuaRS70fDGQB3CQ
pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 6FD7 43 B
324 B 38ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENGSgNmnfAlg6maCEKB9hZM&google_push=AYg5qPLhmJnTXHJhMoElQwaTVwbw8KUBqWFcwj18N6fQ4xFnqcSspUr3ECkzRjo7bmDJ-9ne4Zi7pue6TVM2vB5CuO7wcJtV_O0e&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3170137852&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=322&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=VXUdv8GzS6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=325
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6FD7
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEC912GEHYkSIL5BHqRg4NkU&google_cver=1&google_push=AYg5qPK0z0SFoc8eDVDUUAe6orQuYK5lEnMb85MYH9EKy4byWloY011uj1ENq2xGFytngdYJLFG5RCXqNpyN4mRxGMGMkbfzy__HOA
https://rtb.openx.net/sync/dds?google_gid=CAESEC912GEHYkSIL5BHqRg4NkU&google_cver=1&google_push=AYg5qPK0z0SFoc8eDVDUUAe6orQuYK5lEnMb85MYH9EKy4byWloY011uj1ENq2xGFytngdYJLFG5RCXqNpyN4mRxGMGMkbfzy__HO...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK0z0SFoc8eDVDUUAe6orQuYK5lEnMb85MYH9EKy4byWloY011uj1ENq2xGFytngdYJLFG5RCXqNpyN4mRxGMGMkbfzy__HOA&google_hm=uTB1K3cmyfUUUNYxoGOpRA==

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK0z0SFoc8eDVDUUAe6orQuYK5lEnMb85MYH9EKy4byWloY011uj1ENq2xGFytngdYJLFG5RCXqNpyN4mRxGMGMkbfzy__HOA&google_hm=uTB1K3cmyfUUUNYxoGOpRA==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK0z0SFoc8eDVDUUAe6orQuYK5lEnMb85MYH9EKy4byWloY011uj1ENq2xGFytngdYJLFG5RCXqNpyN4mRxGMGMkbfzy__HOA&google_hm=uTB1K3cmyfUUUNYxoGOpRA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ikd4nk934irgmdq24fmvlclkmeqr4kcm

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6FD7
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TFTAhjEWRr64FrYj3mKvKQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TFTAhjEWRr64FrYj3mKvKQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLJxju_oa3WgLFUQY-cx4rAt8e4a7byOARXWlRPlWIWFtKf7GIcIWPZG8IGQ3LZhvX-N1VIGQm3aZ1U1wQOCvVFLqsESaVrUg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TFTAhjEWRr64FrYj3mKvKQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLJxju_oa3WgLFUQY-cx4rAt8e4a7byOARXWlRPlWIWFtKf7GIcIWPZG8IGQ3LZhvX-N1VIGQm3aZ1U1wQOCvVFLqsESaVrUg
date: Sat, 10 Jul 2021 03:21:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6FD7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC-CcKcYiPybVeXtnoQkc4A&google_cver=1&google_push=AYg5qPJ4P6kKbuTHLnNcpJAeEUd8CsCkU0WgZ7daNyd3LAMsTX0D1xawzdfjBlOFyz5uUZtDVIq...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTV0stMVotQVVHWA==&google_push=AYg5qPJ4P6kKbuTHLnNcpJAeEUd8CsCkU0WgZ7daNyd3LAMsTX0D1xawzdfjBlOFyz5uUZtDVIqrJxu4-f6qJ5m_BcIMT3EeZX4mXA

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTV0stMVotQVVHWA==&google_push=AYg5qPJ4P6kKbuTHLnNcpJAeEUd8CsCkU0WgZ7daNyd3LAMsTX0D1xawzdfjBlOFyz5uUZtDVIqrJxu4-f6qJ5m_BcIMT3EeZX4mXA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTV0stMVotQVVHWA==&google_push=AYg5qPJ4P6kKbuTHLnNcpJAeEUd8CsCkU0WgZ7daNyd3LAMsTX0D1xawzdfjBlOFyz5uUZtDVIqrJxu4-f6qJ5m_BcIMT3EeZX4mXA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 6FD7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04I...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6FD7
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDjZm9uJgj9q7aiu5EovSsw&google_cver=1&google_push=AYg5qPJgulwRc5iXzI4U339w...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJgulwRc5iXzI4U339wfsQUrcRpTobAF717e7HmARFuHnoZXmrXFWrMW2WNqkZwWTrKQcM7DNLFpuvqv09BKwzmOHtoyWP_Z48&google_hm=

170 B
188 B

19ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJgulwRc5iXzI4U339wfsQUrcRpTobAF717e7HmARFuHnoZXmrXFWrMW2WNqkZwWTrKQcM7DNLFpuvqv09BKwzmOHtoyWP_Z48&google_hm=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJgulwRc5iXzI4U339wfsQUrcRpTobAF717e7HmARFuHnoZXmrXFWrMW2WNqkZwWTrKQcM7DNLFpuvqv09BKwzmOHtoyWP_Z48&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 09 Jul 2021 03:21:54 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 6FD7 0
12 B 25ms
20ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXcZrj-7AxDyVP5WXJ3-9Q58NDRGnOyZ87bOLkUuRq5apSB9YyuHkBhV8Fkjjc0HXfp5I7bA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A781 3 KB
4 KB 32ms
13ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2644932
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LDhk4hYhRDEnRixSDf4RYZMoMTExYy6IcWU%2FPPHPyH3W6nbF8xrHQRQSHOOWlHoHioXCHBbE5H%2FUudOIKcFtzzjIhDMTSjIaxF5kZAyoAtUUxqAghVpSCQWaWiyXpIf5djayseB9UaKvHV86GOw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 66c6aa231ac14ab0-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0564
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJBZZ7rFN7iYzTbAS6p0W4A&google_cver=1&google_push=AYg5qPKzti4OdKW3cCghs3BPXPl_o2lFmc48w1tJprnWvmigZlMlfONkXu...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKzti4OdKW3cCghs3BPXPl_o2lFmc48w1tJprnWvmigZlMlfONkXuNZ6htW3jxNI2DfaOP5o9ajDb33ZQqYu9fshuyBSTCt&google_hm=6D3sjo...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKzti4OdKW3cCghs3BPXPl_o2lFmc48w1tJprnWvmigZlMlfONkXuNZ6htW3jxNI2DfaOP5o9ajDb33ZQqYu9fshuyBSTCt&google_hm=6D3sjouUuaRS70fDGQB3CQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKzti4OdKW3cCghs3BPXPl_o2lFmc48w1tJprnWvmigZlMlfONkXuNZ6htW3jxNI2DfaOP5o9ajDb33ZQqYu9fshuyBSTCt&google_hm=6D3sjouUuaRS70fDGQB3CQ
pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0564
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIOzjAS...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIOzjAS...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMzIxNTQwMDA4NTk5NDg3NTI1OA%3D%3D&google_push=AYg5qPIOzjAStUCsiMnbjzuHtAgz-yixffNIWbXNqYV9x9De90mqdk_K9AtqQGO3q9TmwG...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMzIxNTQwMDA4NTk5NDg3NTI1OA%3D%3D&google_push=AYg5qPIOzjAStUCsiMnbjzuHtAgz-yixffNIWbXNqYV9x9De90mqdk_K9AtqQGO3q9TmwG008G6yX8_RuXZNSC0cza7TtzTeJxQ3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMzIxNTQwMDA4NTk5NDg3NTI1OA%3D%3D&google_push=AYg5qPIOzjAStUCsiMnbjzuHtAgz-yixffNIWbXNqYV9x9De90mqdk_K9AtqQGO3q9TmwG008G6yX8_RuXZNSC0cza7TtzTeJxQ3
pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 10 Jul 2021 03:21:54 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0564
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEGPE_e2Epw3cayDRHdtwAgY&google_cver=1&google_push=AYg5qPKQpF6ctnOZwBybDAOhDI4wKGZkJuP7_HL6GDa7VyNVltwnK2Pcv3-lcTppM_BOmskv9QG0K3SwN3UQFvOsidhiTPAZNLyLWw
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKQpF6ctnOZwBybDAOhDI4wKGZkJuP7_HL6GDa7VyNVltwnK2Pcv3-lcTppM_BOmskv9QG0K3SwN3UQFvOsidhiTPAZNLyLWw&google_hm=4DpWzDk0xb82y4iy4AC9Uw==

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKQpF6ctnOZwBybDAOhDI4wKGZkJuP7_HL6GDa7VyNVltwnK2Pcv3-lcTppM_BOmskv9QG0K3SwN3UQFvOsidhiTPAZNLyLWw&google_hm=4DpWzDk0xb82y4iy4AC9Uw==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:53 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKQpF6ctnOZwBybDAOhDI4wKGZkJuP7_HL6GDa7VyNVltwnK2Pcv3-lcTppM_BOmskv9QG0K3SwN3UQFvOsidhiTPAZNLyLWw&google_hm=4DpWzDk0xb82y4iy4AC9Uw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 3spclmf0tjuenel32e5r2ilptaocsu35

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0564
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YOoQfDUKTvO4ZOriv7qi-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YOoQfDUKTvO4ZOriv7qi-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLYxTW403CJ8nbGg6GblUryOVhE9cwGE6_TleFx5ETeiIBnaOTGR8XCDLpK8OU1T_WlF-hSQ-pEqPBYUGp-Y0-vHxuyt41cxQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YOoQfDUKTvO4ZOriv7qi-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLYxTW403CJ8nbGg6GblUryOVhE9cwGE6_TleFx5ETeiIBnaOTGR8XCDLpK8OU1T_WlF-hSQ-pEqPBYUGp-Y0-vHxuyt41cxQ
date: Sat, 10 Jul 2021 03:21:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0564
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMZQz0uN0rja8sF8kJMS-zA&google_cver=1&google_push=AYg5qPJ3Mjq79AVDgXbfRnE4ZYbbjknaxwFT7c1by5I7Jk3eOYMzfvIAzEy0Sv6TL_b26d4hUtZ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTV1MtWS1HRkk0&google_push=AYg5qPJ3Mjq79AVDgXbfRnE4ZYbbjknaxwFT7c1by5I7Jk3eOYMzfvIAzEy0Sv6TL_b26d4hUtZE1AReWDaSpraow0ClbV29KDMYEw

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTV1MtWS1HRkk0&google_push=AYg5qPJ3Mjq79AVDgXbfRnE4ZYbbjknaxwFT7c1by5I7Jk3eOYMzfvIAzEy0Sv6TL_b26d4hUtZE1AReWDaSpraow0ClbV29KDMYEw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTV1MtWS1HRkk0&google_push=AYg5qPJ3Mjq79AVDgXbfRnE4ZYbbjknaxwFT7c1by5I7Jk3eOYMzfvIAzEy0Sv6TL_b26d4hUtZE1AReWDaSpraow0ClbV29KDMYEw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 0564
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCM...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 0564 43 B
296 B 70ms
22ms Image
image/gif 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHY34pyQyVO_jRjeAVYevvg&google_cver=1&google_push=AYg5qPIiNI24NuCBeN3AGuCe9FAx0a1eK6QYncd8-4zh1B3jy9rcnTWB8DAx1qjda9A9Hi-WCAmFvCQT_Y70G7tpBBHbnIGYpTe2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 0564 0
12 B 16ms
15ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lzkb9OZP4A2f1aF61TYft6uKZY9hkTDZ1dFm_JGh4LlxuDCjVGxQPOpoccjweYVsD_IOoW

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=2468660611&adk=1884615438&adf=1119392575&pi=t.ma~as.2468660611&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313581&bpp=1&bdt=2876&idt=335&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=iBunmcbHn6&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame A98B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e4e37bb43251edf5529629ab7723dca4abd95cf647b1b982691bf8bc1582b13

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cidadesdomeubrasil.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cidadesdomeubrasil.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 66D5 58 KB
7 KB 15ms
14ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1g8h5c0r91bd3cdfghfddzpez12da6fcwtgv7mkjb6dz5fmgvswv8cgh78nkqh2gv18fzqe4820ry3qntmx5zb01wrrh2tqr57a0pst215bysjjw8dn6w7p5fvez14nkby3an2q2qcc948c8bpbq0vv4qw8rzgtn3197jrrawjdamyphew3346yw827nyq2b6kwkvhcfv97jtgcm2emdmzx59t3c7pw22vaqb5k35f7zmkzpk4a7x80xd2awvh6d0df92penapeyyx2h5wt3dfrdhnbh7g813jcgd72xkkvz2zmgwsprecmecd56pakwp959bmkmpmdyjnphmfdawd9cyd2g3p79wphq61602yk58480ar8swmpwcht2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%26client%3Dca-pub-3064385439319244%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer: https://ad4m.at/ad/dr?ed=1g8h5c0r91bd3cdfghfddzpez12da6fcwtgv7mkjb6dz5fmgvswv8cgh78nkqh2gv18fzqe4820ry3qntmx5zb01wrrh2tqr57a0pst215bysjjw8dn6w7p5fvez14nkby3an2q2qcc948c8bpbq0vv4qw8rzgtn3197jrrawjdamyphew3346yw827nyq2b6kwkvhcfv97jtgcm2emdmzx59t3c7pw22vaqb5k35f7zmkzpk4a7x80xd2awvh6d0df92penapeyyx2h5wt3dfrdhnbh7g813jcgd72xkkvz2zmgwsprecmecd56pakwp959bmkmpmdyjnphmfdawd9cyd2g3p79wphq61602yk58480ar8swmpwcht2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1010976
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6688
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WceuqOBow%2FkrTd2k6XrpUtm3Aj6VrQ9Tg0r5RjQoupH7NDqh4%2F3zpAbarKVyNXg%2B1Ccy7XlZkKu3lsc%2BIhbFmRYuzR%2BTWRvLtPFUUGK%2BFheqgrCEkRrlnJuSGh8idTU1"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 66c6aa2348b72c19-FRA
expires: Tue, 28 Jun 2022 10:32:18 GMT

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 66D5 36 KB
12 KB 21ms
20ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1g8h5c0r91bd3cdfghfddzpez12da6fcwtgv7mkjb6dz5fmgvswv8cgh78nkqh2gv18fzqe4820ry3qntmx5zb01wrrh2tqr57a0pst215bysjjw8dn6w7p5fvez14nkby3an2q2qcc948c8bpbq0vv4qw8rzgtn3197jrrawjdamyphew3346yw827nyq2b6kwkvhcfv97jtgcm2emdmzx59t3c7pw22vaqb5k35f7zmkzpk4a7x80xd2awvh6d0df92penapeyyx2h5wt3dfrdhnbh7g813jcgd72xkkvz2zmgwsprecmecd56pakwp959bmkmpmdyjnphmfdawd9cyd2g3p79wphq61602yk58480ar8swmpwcht2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%26client%3Dca-pub-3064385439319244%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer: https://ad4m.at/ad/dr?ed=1g8h5c0r91bd3cdfghfddzpez12da6fcwtgv7mkjb6dz5fmgvswv8cgh78nkqh2gv18fzqe4820ry3qntmx5zb01wrrh2tqr57a0pst215bysjjw8dn6w7p5fvez14nkby3an2q2qcc948c8bpbq0vv4qw8rzgtn3197jrrawjdamyphew3346yw827nyq2b6kwkvhcfv97jtgcm2emdmzx59t3c7pw22vaqb5k35f7zmkzpk4a7x80xd2awvh6d0df92penapeyyx2h5wt3dfrdhnbh7g813jcgd72xkkvz2zmgwsprecmecd56pakwp959bmkmpmdyjnphmfdawd9cyd2g3p79wphq61602yk58480ar8swmpwcht2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 54760
x-guploader-uploadid: ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:08:33 GMT
server: cloudflare
etag: W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bErO42v0ZiTbm8ELfzVheAit%2BKgN55MqlDcB%2FWWZu2gLhOXORm7xhu%2F1vGvK3c8rkANyVwOyYOOF2e0ahx9bEfElLcI0gT6rZX2vqRjiEfqNqu%2Bn%2BDIMWTmh%2FOC%2FJNII"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672513020985
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11953
cf-ray: 66c6aa2348ba2c19-FRA
expires: Fri, 09 Jul 2021 12:09:14 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame F11C 2 KB
2 KB 14ms
14ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1hcqesd7mr9tf8d9qn3yxbc6pr55q5jf5edyzzds77e2db354xfnsgkcc3qk22q7vgf7w6hzz7jaaqyt406zn5rsx91hpn01xjrvr9q6bb7z4jg59t23cn019djrknr8v8c5wyy5c4820b11q5p7dh93ppmvvf9ba48vf1e0cs57m3j6fv9y5p1xzk7j9p619yf1y0z50yzr6kzhq4s7zam0cwxwc7ck3za6d1n4g3cv6s7bfe8ytwtbgz2wawyqf7nrndsp31ryc0dtz9q4kc97ajffg7fw9at80889jwksdckxn1safkv114f8aj1p61fy4vj2hprc3zgb01aa7a5qh1fk3wn0w3287kzchhdfg180kzpfhph0ypvam&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%26client%3Dca-pub-3064385439319244%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1hcqesd7mr9tf8d9qn3yxbc6pr55q5jf5edyzzds77e2db354xfnsgkcc3qk22q7vgf7w6hzz7jaaqyt406zn5rsx91hpn01xjrvr9q6bb7z4jg59t23cn019djrknr8v8c5wyy5c4820b11q5p7dh93ppmvvf9ba48vf1e0cs57m3j6fv9y5p1xzk7j9p619yf1y0z50yzr6kzhq4s7zam0cwxwc7ck3za6d1n4g3cv6s7bfe8ytwtbgz2wawyqf7nrndsp31ryc0dtz9q4kc97ajffg7fw9at80889jwksdckxn1safkv114f8aj1p61fy4vj2hprc3zgb01aa7a5qh1fk3wn0w3287kzchhdfg180kzpfhph0ypvam&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%26client%3Dca-pub-3064385439319244%26adurl%3D

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 10 Jul 2021 04:21:54 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1405557
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nli2rx5m7dSdr2DvMbYSanuSKTEZMPD3IF48aLDOoPzAkWZxx40E0ZKU1dFcFf2m04xwVEb11WViULE1c0OvFygxxLHaunRs2NXJXcP%2Fz2Q2hh1pzX%2BZwChlsEudyt47"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 66c6aa2348bf2c19-FRA
content-encoding: br

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2141 3 KB
4 KB 39ms
38ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2644932
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sVGUvTv%2BP3jsTTVr79CBYC8IxwrDUzSv0bwwdnktAU2f%2FzWWBr%2Fo2YuD1oSeST5ms3Hu%2B4ymAuNkE%2FOF4I2jnnPhg%2FZZjbZEXCv0NZ1lQJibV1HdFTsp5pk3uNkNkkMrmGduaZwhHe0HZwO3jzs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 66c6aa239f6d4d8a-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8891 256 B
258 B 118ms
117ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=35f75449048a333ba0f7755bff9a33eb9a93a71b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
last-modified: Sat, 10 Jul 2021 03:21:54 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 5296ee152c8add37286c20cba27ed37aaa87ba3e81d5fc9991c0319848082a6e
content-length: 176

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D2CC 3 KB
4 KB 12ms
12ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2644932
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oL2dM7yVklu8sHHwGN5Gh5JuL3WE%2FDgpc1RBnkT5hN1Uik8ajgG5qgHsu61qokirvFI%2FkkpHosV7Jaibjh4jnczKcWbBtv91K%2B3FIOUc%2FdqGqQSiazAnyJkCQiMxCGcu58wTJfGizcG0aMlDowI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 66c6aa239f6f4d8a-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
DATA 200
OK truncated
/ Frame 1A6A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62c4dfeaffbdce7e5e0a6da60f69d9f8eb231a508eee8c2389b4f8bb6bc63e3c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame F1CB 2 KB
2 KB 15ms
14ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1j9escr7s46t7wyf3g3ywkhek8yst8hvw872szxnzb9yd0j48rbrax4zyv9mj4thx1bra7r26frc6rbjhq4vf5wpqhaf5zhkj54q3mswcftfdr5bkat72ya6t1nzecy7vx6zpnmdg5taxh4rdnm6hpemnmmpvd8jaafhz7pzs1dhhmaafa2529sqnr9gzbdyhmhzwac1ww2xgx2z05tztbhj5e3xqrd5cs6t4m1drz2y219m4t3kj8bts65rbawmy1b3mtb20yp1qkf8nb3e3ryyzntmkwpfxhg43847dep2qmn8q2gxd6rtzp7vef8bavx8afjbasezsycb5c7sbywd3mcdw4bz4w5a92ty1486saf440hm7mntraq18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%26client%3Dca-pub-3064385439319244%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1j9escr7s46t7wyf3g3ywkhek8yst8hvw872szxnzb9yd0j48rbrax4zyv9mj4thx1bra7r26frc6rbjhq4vf5wpqhaf5zhkj54q3mswcftfdr5bkat72ya6t1nzecy7vx6zpnmdg5taxh4rdnm6hpemnmmpvd8jaafhz7pzs1dhhmaafa2529sqnr9gzbdyhmhzwac1ww2xgx2z05tztbhj5e3xqrd5cs6t4m1drz2y219m4t3kj8bts65rbawmy1b3mtb20yp1qkf8nb3e3ryyzntmkwpfxhg43847dep2qmn8q2gxd6rtzp7vef8bavx8afjbasezsycb5c7sbywd3mcdw4bz4w5a92ty1486saf440hm7mntraq18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%26client%3Dca-pub-3064385439319244%26adurl%3D

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 10 Jul 2021 04:21:54 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1405557
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KB%2FSVqBZ%2FB8OgfRpKTvH%2BJ0lwDhkPW%2Fo%2BJf78s31BEeRf8p2gE3tixxUM4B89u8qq59ePGWODfap%2BUE%2BUbv7UP1OjLWnesr%2FEqGkJDhgdVHap4C6LTge6BEHMN52QHf8"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 66c6aa23d9612c19-FRA
content-encoding: br

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame AC90
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAmT5KUma21IedPm9AMU958&google_cver=1&google_push=AYg5qPLluEorXNcDk72EBf-R_TVvJUwoOuZ5anayJQux_tXs3Vf_52KGJk...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLluEorXNcDk72EBf-R_TVvJUwoOuZ5anayJQux_tXs3Vf_52KGJkt1_TACXj-vZsq-5GW_VUp4dy59xp2YvIpVtH-zuz5S&google_hm=6D3sjo...

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLluEorXNcDk72EBf-R_TVvJUwoOuZ5anayJQux_tXs3Vf_52KGJkt1_TACXj-vZsq-5GW_VUp4dy59xp2YvIpVtH-zuz5S&google_hm=6D3sjouUuaRS70fDGQB3CQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLluEorXNcDk72EBf-R_TVvJUwoOuZ5anayJQux_tXs3Vf_52KGJkt1_TACXj-vZsq-5GW_VUp4dy59xp2YvIpVtH-zuz5S&google_hm=6D3sjouUuaRS70fDGQB3CQ
pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame AC90
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLmQ03wT_XA1hPlAjIrIe7xw4oRUKhIzAQf3r3kEOIkKpvUDEkAW7eQgsggZM_vASNC1xHffu2PBFeZ2246WKDD2EwfHNo3&google_gid=CAESECJ-u2rZ3X80jVvHHmwYRSk&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNKkpIcGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMbVEwM3dUX1hBMWhQbEFqSXJJZTd4dzRvUlVLaEl6QVFmM3Iza0VPSWtLcHZVREVrQVc3ZVFnc2dnWk1fdkFTTkMxeEhmZnUyUEJGZVoyMj...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWWlNYml1aWlSODRsME9jdDV2WVJVME8xSnh0T3NZZVJOck1RNmROSlRlRQ==&google_push

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWWlNYml1aWlSODRsME9jdDV2WVJVME8xSnh0T3NZZVJOck1RNmROSlRlRQ==&google_push

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWWlNYml1aWlSODRsME9jdDV2WVJVME8xSnh0T3NZZVJOck1RNmROSlRlRQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame AC90 43 B
106 B 17ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHu8yCQ2_vT_wMuI6wB8Nb0&google_push=AYg5qPL1lGqdYoY8Rbof4qV77stydIYfa3tdBvHpsTjp_0-22Uab4tL8EB9NKyOK5ZdAdZ5SNv8HG8eDev-HsVT4ykbHZRvWnkOb&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame AC90
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEP6z-S21V-IFbllt93KORN0&google_cver=1&google_push=AYg5qPIumqI1VCndt7kqnEq-NwjVqEv9zmoTcJSSvxtyxIlFPuzZvEkRUrzpMy3i3EPNQ-j2BP99Twd_G0rKJ8ipgSBjKTE53F7X
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIumqI1VCndt7kqnEq-NwjVqEv9zmoTcJSSvxtyxIlFPuzZvEkRUrzpMy3i3EPNQ-j2BP99Twd_G0rKJ8ipgSBjKTE53F7X&google_hm=uTB1K3cmyfUUUNYxoGOpRA==

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIumqI1VCndt7kqnEq-NwjVqEv9zmoTcJSSvxtyxIlFPuzZvEkRUrzpMy3i3EPNQ-j2BP99Twd_G0rKJ8ipgSBjKTE53F7X&google_hm=uTB1K3cmyfUUUNYxoGOpRA==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:53 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIumqI1VCndt7kqnEq-NwjVqEv9zmoTcJSSvxtyxIlFPuzZvEkRUrzpMy3i3EPNQ-j2BP99Twd_G0rKJ8ipgSBjKTE53F7X&google_hm=uTB1K3cmyfUUUNYxoGOpRA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 3gc2tocj2kdalmmuivas4t9rlmmo2o6i

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame AC90
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YOoQfDUKTvO4ZOriv7qi-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YOoQfDUKTvO4ZOriv7qi-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ3pDSDQ9R3bjJm60Fl_OuRPm13-9RGw4Zfic9ovVnu_UKQjfMHHENB9paLbg1egoWOuPnkafQohbem3cjY7pNZ9cmcogw1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YOoQfDUKTvO4ZOriv7qi-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ3pDSDQ9R3bjJm60Fl_OuRPm13-9RGw4Zfic9ovVnu_UKQjfMHHENB9paLbg1egoWOuPnkafQohbem3cjY7pNZ9cmcogw1
date: Sat, 10 Jul 2021 03:21:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame AC90
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBq_MUOIID6VefjC_osg-Ec&google_cver=1&google_push=AYg5qPLu3wlmrGB1gh4jewZnf3MrREdwXdHvr471hV8KGiJ3d4OgbojKIi94vSkSRBBUz6Va2rw...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTWVktMTItSDQ0Qg==&google_push=AYg5qPLu3wlmrGB1gh4jewZnf3MrREdwXdHvr471hV8KGiJ3d4OgbojKIi94vSkSRBBUz6Va2rwb5-bxyiVZaMzlbrS0GokrDw

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTWVktMTItSDQ0Qg==&google_push=AYg5qPLu3wlmrGB1gh4jewZnf3MrREdwXdHvr471hV8KGiJ3d4OgbojKIi94vSkSRBBUz6Va2rwb5-bxyiVZaMzlbrS0GokrDw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JTWVktMTItSDQ0Qg==&google_push=AYg5qPLu3wlmrGB1gh4jewZnf3MrREdwXdHvr471hV8KGiJ3d4OgbojKIi94vSkSRBBUz6Va2rwb5-bxyiVZaMzlbrS0GokrDw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame AC90
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909...

0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame AC90 0
12 B 15ms
14ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13InkYcD97-LGw_fnGWDvIidoQ2YV9fJhB2qyaurpS3q-p8007wk_mQeQYLO358CW1xAkCjp

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064385439319244&output=html&h=250&slotname=8477316213&adk=3134031134&adf=3305722975&pi=t.ma~as.8477316213&w=300&lmt=1625887313&psa=0&format=300x250&url=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625887313582&bpp=1&bdt=2877&idt=351&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1a20879f1f0cf33-2291e48668c90090%3AT%3D1625887313%3ART%3D1625887313%3AS%3DALNI_MZhawHM0fECSlvAGAPBkv-6uH8d4g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C920x200%2C940x200%2C300x250%2C300x250%2C300x250&nras=1&correlator=8214577081489&frm=20&pv=1&ga_vid=1755381569.1625887314&ga_sid=1625887314&ga_hid=2071803087&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972&oid=3&pvsid=1801608463871284&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=6&fsb=1&xpc=hPaNe1UPla&p=https%3A//www.cidadesdomeubrasil.com.br&dtd=357

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 1CDD 2 KB
2 KB 21ms
18ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1gtga6fe7w3ty1pe0j4ecvtaatrs4f7e17jwsxp2j5x0efr7hwbkp3ktazs7dqy13mbeya7k9y9vatjtehczmrvg7zck0mj5j8mskn5gvn4h0wsekfpx1bzfs6p6zygbh314fgr11t13jt59sndra8hpsbrd0n74bchjtv3jmw46qmthfmsmmmbesm0egfha03cn2xs21gpy0kwbjf8nv7fcmrt23xzdrkerzht6jypqpyp7g37ch5vbgnkjz30p29jhkdvc7ewa207ba8gb3k49wshbhajtk0tpd0jcjds3r9fx2thf4vpqq1rp5pf4mze2azbdbgc375fbq5sgr2bd8189ypggjkxcgn75g04ztkk9eg0yr5y4x6ytg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%26client%3Dca-pub-3064385439319244%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1gtga6fe7w3ty1pe0j4ecvtaatrs4f7e17jwsxp2j5x0efr7hwbkp3ktazs7dqy13mbeya7k9y9vatjtehczmrvg7zck0mj5j8mskn5gvn4h0wsekfpx1bzfs6p6zygbh314fgr11t13jt59sndra8hpsbrd0n74bchjtv3jmw46qmthfmsmmmbesm0egfha03cn2xs21gpy0kwbjf8nv7fcmrt23xzdrkerzht6jypqpyp7g37ch5vbgnkjz30p29jhkdvc7ewa207ba8gb3k49wshbhajtk0tpd0jcjds3r9fx2thf4vpqq1rp5pf4mze2azbdbgc375fbq5sgr2bd8189ypggjkxcgn75g04ztkk9eg0yr5y4x6ytg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%26client%3Dca-pub-3064385439319244%26adurl%3D

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 10 Jul 2021 04:21:54 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1405557
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2bNKdAhmxfpDTENenYbJePPs3JfkGJKoNHBim82ryT2D9VZE3HwFa5KKHb0s1l4%2FROrKx7LvNl9EsLCgy2Mlzy9YZeXqB0XjKCG0juDE1mWgk7iFSCpBlaV7WwxbS%2F0b"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 66c6aa23f9a42c19-FRA
content-encoding: br

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame DFA2 58 KB
7 KB 14ms
13ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j983aqz7m2ds6vgg64wra5wydpq7ezrheh6gsh2c09zk2jaypgt74xccyyadgvqwgyx1hkanz5rxnygaqbdw1b8vw16z9km8wbzsr5s8mwttksgm4n3g3ah7szyzkafts8wv8fs2jeb8n4df44rmesy5cvhab4z186vqgfr2e8v6eqg0kzy7e49z4j86c08nfp236zn2v3rgh17s8ppt6ssmxw0zcb6bw2kcaqde44r7mfveza9f3ctkeres21y6vjkvznyecvzjggwbrjszze304rysbmefjrj57paz7dm2ebqhe1sy0ma3q80fvjpq3vwg657zp1mfsnrzh9bzq4xtwx3v2aamd4hax87erc6hxrsb4nby7b546j5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%26client%3Dca-pub-3064385439319244%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j983aqz7m2ds6vgg64wra5wydpq7ezrheh6gsh2c09zk2jaypgt74xccyyadgvqwgyx1hkanz5rxnygaqbdw1b8vw16z9km8wbzsr5s8mwttksgm4n3g3ah7szyzkafts8wv8fs2jeb8n4df44rmesy5cvhab4z186vqgfr2e8v6eqg0kzy7e49z4j86c08nfp236zn2v3rgh17s8ppt6ssmxw0zcb6bw2kcaqde44r7mfveza9f3ctkeres21y6vjkvznyecvzjggwbrjszze304rysbmefjrj57paz7dm2ebqhe1sy0ma3q80fvjpq3vwg657zp1mfsnrzh9bzq4xtwx3v2aamd4hax87erc6hxrsb4nby7b546j5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1010976
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6688
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wulMUnR0W2tJP25PVe3w3M2kmeTJAeP7EXnGHME1RBApbPWwN22QkWU3xY7aI8ofSal6lMEJvGnKzh4Hap3XNHwv%2BBsjr6LrVzoanu9bjTmhlnKmY6%2BhLUC6R15g3OR9"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 66c6aa23f9a62c19-FRA
expires: Tue, 28 Jun 2022 10:32:18 GMT

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame DFA2 36 KB
12 KB 19ms
18ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j983aqz7m2ds6vgg64wra5wydpq7ezrheh6gsh2c09zk2jaypgt74xccyyadgvqwgyx1hkanz5rxnygaqbdw1b8vw16z9km8wbzsr5s8mwttksgm4n3g3ah7szyzkafts8wv8fs2jeb8n4df44rmesy5cvhab4z186vqgfr2e8v6eqg0kzy7e49z4j86c08nfp236zn2v3rgh17s8ppt6ssmxw0zcb6bw2kcaqde44r7mfveza9f3ctkeres21y6vjkvznyecvzjggwbrjszze304rysbmefjrj57paz7dm2ebqhe1sy0ma3q80fvjpq3vwg657zp1mfsnrzh9bzq4xtwx3v2aamd4hax87erc6hxrsb4nby7b546j5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%26client%3Dca-pub-3064385439319244%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j983aqz7m2ds6vgg64wra5wydpq7ezrheh6gsh2c09zk2jaypgt74xccyyadgvqwgyx1hkanz5rxnygaqbdw1b8vw16z9km8wbzsr5s8mwttksgm4n3g3ah7szyzkafts8wv8fs2jeb8n4df44rmesy5cvhab4z186vqgfr2e8v6eqg0kzy7e49z4j86c08nfp236zn2v3rgh17s8ppt6ssmxw0zcb6bw2kcaqde44r7mfveza9f3ctkeres21y6vjkvznyecvzjggwbrjszze304rysbmefjrj57paz7dm2ebqhe1sy0ma3q80fvjpq3vwg657zp1mfsnrzh9bzq4xtwx3v2aamd4hax87erc6hxrsb4nby7b546j5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 54760
x-guploader-uploadid: ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:08:33 GMT
server: cloudflare
etag: W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=v%2FG2oIETp2SMOhBrEO9pT2XvmK6df8g8OCOL8gD5WijPq3rqxwAV%2B9uEZnbS5lw%2BwRIIiCSRFRjueaen%2FTl17wZynEWA2XER8q%2BZ8fLEbyTN9vvjO950QfZBgNJlqXSn"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672513020985
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11953
cf-ray: 66c6aa23f9a72c19-FRA
expires: Fri, 09 Jul 2021 12:09:14 GMT

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 66D5 3 KB
4 KB 13ms
11ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2644932
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bREfjYEBXoURFtbXliWjXGb3nerBT2bLd5bgeTyFmLnTgolCF6r%2BBpOvxksFMANPF7KW1mpDRhT4WqZvrDB7zKqn55EyEMgy2UXfruwrEv8O8iUBZKJITY%2B9ohh0II8AgFrfXeG19OKFQgKg4M4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 66c6aa23ffe94d8a-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7C4A 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAjC518HKLuJgTYsVHHYDK8&google_cver=1&google_push=AYg5qPLv3Sbu9n2o2jt4Wyxh0PKwwCFx0OFRaSVAych6cnRvxrEh_g3WVIzukkbZ8c4OnItUnqLPqKN8FPXLMfnH4r3xA4gYIWf5

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 7C4A 0
12 B 14ms
14ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbruukZwTSwDQE1Y7kiEna3QmT_zyY

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame D872 58 KB
7 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1ksh4e91vg2y7647pp5za351ny33my3yv03gq5yk2232c3hvxj4s0je565bev9he19d34c20f7xxdmsss3gwnx8h4e1g9zv126gv0qmdmyv1smr8zwgb75hnmvcnbj7atzv4tjtfva7k99m0fmm6hbsx04zq25dtvsentrmekvjhj9tzs0fjcc2y05wgj5y0yvtv1fp0947bs5et55mwd3d553g4k8d8fy9xrr9a3ta0t09gsjpp68h8aajh1th86mpds2pwnh59z12cv4pzcyzvwhr7dqxv589n8xfmwhje9zbk2fjbvgmy9nyntp5gjgxam7ftrgbsqxtq7t0x09tcgb8ws1rrwmc2g9hz9pgeqb5c770mqjj6zckwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%26client%3Dca-pub-3064385439319244%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer: https://ad4m.at/ad/dr?ed=1ksh4e91vg2y7647pp5za351ny33my3yv03gq5yk2232c3hvxj4s0je565bev9he19d34c20f7xxdmsss3gwnx8h4e1g9zv126gv0qmdmyv1smr8zwgb75hnmvcnbj7atzv4tjtfva7k99m0fmm6hbsx04zq25dtvsentrmekvjhj9tzs0fjcc2y05wgj5y0yvtv1fp0947bs5et55mwd3d553g4k8d8fy9xrr9a3ta0t09gsjpp68h8aajh1th86mpds2pwnh59z12cv4pzcyzvwhr7dqxv589n8xfmwhje9zbk2fjbvgmy9nyntp5gjgxam7ftrgbsqxtq7t0x09tcgb8ws1rrwmc2g9hz9pgeqb5c770mqjj6zckwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1010976
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6688
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4NM2v%2BHi3PLk%2FFZP1BqhzoZlm9gY1s6gTkFM3FdOgCVEIueB9lVDuq1xOXF0wgVjIfFFxFnDMY%2FYYQ05VQSBujk%2Fw20E%2FB5ihhIjyzakisvbPRVr74TLn4MqBTjjV0RM"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 66c6aa2429cc2c19-FRA
expires: Tue, 28 Jun 2022 10:32:18 GMT

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame D872 36 KB
12 KB 19ms
19ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1ksh4e91vg2y7647pp5za351ny33my3yv03gq5yk2232c3hvxj4s0je565bev9he19d34c20f7xxdmsss3gwnx8h4e1g9zv126gv0qmdmyv1smr8zwgb75hnmvcnbj7atzv4tjtfva7k99m0fmm6hbsx04zq25dtvsentrmekvjhj9tzs0fjcc2y05wgj5y0yvtv1fp0947bs5et55mwd3d553g4k8d8fy9xrr9a3ta0t09gsjpp68h8aajh1th86mpds2pwnh59z12cv4pzcyzvwhr7dqxv589n8xfmwhje9zbk2fjbvgmy9nyntp5gjgxam7ftrgbsqxtq7t0x09tcgb8ws1rrwmc2g9hz9pgeqb5c770mqjj6zckwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%26client%3Dca-pub-3064385439319244%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer: https://ad4m.at/ad/dr?ed=1ksh4e91vg2y7647pp5za351ny33my3yv03gq5yk2232c3hvxj4s0je565bev9he19d34c20f7xxdmsss3gwnx8h4e1g9zv126gv0qmdmyv1smr8zwgb75hnmvcnbj7atzv4tjtfva7k99m0fmm6hbsx04zq25dtvsentrmekvjhj9tzs0fjcc2y05wgj5y0yvtv1fp0947bs5et55mwd3d553g4k8d8fy9xrr9a3ta0t09gsjpp68h8aajh1th86mpds2pwnh59z12cv4pzcyzvwhr7dqxv589n8xfmwhje9zbk2fjbvgmy9nyntp5gjgxam7ftrgbsqxtq7t0x09tcgb8ws1rrwmc2g9hz9pgeqb5c770mqjj6zckwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 54760
x-guploader-uploadid: ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:08:33 GMT
server: cloudflare
etag: W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xHxvcWuTP0iDhfD%2BQnuxzvupr82ZZw8q3IxQpeqlFXREdfpmfyB9EoJN2PUuHwriTZ8AUGdr7wz7034d04r%2BXe7XVlM7QLyWgJfDfc8ITZtXFT0yttGCQCZydBK7nnd5"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672513020985
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11953
cf-ray: 66c6aa2429cd2c19-FRA
expires: Fri, 09 Jul 2021 12:09:14 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 703C 2 KB
2 KB 15ms
15ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1g8h5c0r91bd3cdfghfddzpez12da6fcwtgv7mkjb6dz5fmgvswv8cgh78nkqh2gv18fzqe4820ry3qntmx5zb01wrrh2tqr57a0pst215bysjjw8dn6w7p5fvez14nkby3an2q2qcc948c8bpbq0vv4qw8rzgtn3197jrrawjdamyphew3346yw827nyq2b6kwkvhcfv97jtgcm2emdmzx59t3c7pw22vaqb5k35f7zmkzpk4a7x80xd2awvh6d0df92penapeyyx2h5wt3dfrdhnbh7g813jcgd72xkkvz2zmgwsprecmecd56pakwp959bmkmpmdyjnphmfdawd9cyd2g3p79wphq61602yk58480ar8swmpwcht2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%26client%3Dca-pub-3064385439319244%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1g8h5c0r91bd3cdfghfddzpez12da6fcwtgv7mkjb6dz5fmgvswv8cgh78nkqh2gv18fzqe4820ry3qntmx5zb01wrrh2tqr57a0pst215bysjjw8dn6w7p5fvez14nkby3an2q2qcc948c8bpbq0vv4qw8rzgtn3197jrrawjdamyphew3346yw827nyq2b6kwkvhcfv97jtgcm2emdmzx59t3c7pw22vaqb5k35f7zmkzpk4a7x80xd2awvh6d0df92penapeyyx2h5wt3dfrdhnbh7g813jcgd72xkkvz2zmgwsprecmecd56pakwp959bmkmpmdyjnphmfdawd9cyd2g3p79wphq61602yk58480ar8swmpwcht2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%26client%3Dca-pub-3064385439319244%26adurl%3D

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 10 Jul 2021 04:21:54 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1405557
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H517BhZtYVrS%2FxMG%2Bj5YgF9jepzVNqknzP52eNV3EVjNLuJuduW6SeTVxwoOw87g9TSR0x5py9x7jYVBjOgIroPMOmQp2qZmNKlBtLy37xofp67t7zQ2yHkMQJ5g3s5U"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 66c6aa2429d12c19-FRA
content-encoding: br

GET
DATA 200
OK truncated
/ 171 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d2fd5a42a1849ad0d820611e243fd81fe81ee767716b639ff7e88c1e9f78bb6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 937 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c69e528427c8218cb4bc5fe647db3366146403d53593a3f96482479a14eca234

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2FCD
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJBZZ7rFN7iYzTbAS6p0W4A&google_cver=1&google_push=AYg5qPI_hucUOv13ekUu8Jj438KvKiIrSZwWgqWByNdgwmYdjQE4ra-dGD...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI_hucUOv13ekUu8Jj438KvKiIrSZwWgqWByNdgwmYdjQE4ra-dGDF1YRgKer8dx2exfjacPLvZrViNtql2lTVJmeWsW7EC&google_hm=6D3sjo...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI_hucUOv13ekUu8Jj438KvKiIrSZwWgqWByNdgwmYdjQE4ra-dGDF1YRgKer8dx2exfjacPLvZrViNtql2lTVJmeWsW7EC&google_hm=6D3sjouUuaRS70fDGQB3CQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI_hucUOv13ekUu8Jj438KvKiIrSZwWgqWByNdgwmYdjQE4ra-dGDF1YRgKer8dx2exfjacPLvZrViNtql2lTVJmeWsW7EC&google_hm=6D3sjouUuaRS70fDGQB3CQ
pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2FCD
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIjFn5zJu7Z3qh26-wIDZLESsu2_ReWETaCdKH...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9rU1VnQUFBUmtqY0RoRg&google_push=AYg5qPIjFn5zJu7Z3qh26-wIDZLESsu2_ReWETaCdKH8rD1lA_R_nW9Y1GHluxeBiodkBCLMWPGirH9Rpo6o3_yB7BOveKeiYL4

170 B
188 B

15ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9rU1VnQUFBUmtqY0RoRg&google_push=AYg5qPIjFn5zJu7Z3qh26-wIDZLESsu2_ReWETaCdKH8rD1lA_R_nW9Y1GHluxeBiodkBCLMWPGirH9Rpo6o3_yB7BOveKeiYL4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9rU1VnQUFBUmtqY0RoRg&google_push=AYg5qPIjFn5zJu7Z3qh26-wIDZLESsu2_ReWETaCdKH8rD1lA_R_nW9Y1GHluxeBiodkBCLMWPGirH9Rpo6o3_yB7BOveKeiYL4
Date: Sat, 10 Jul 2021 03:21:54 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2FCD
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIKwWNt...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMzIxNTQwMDA1MzA4NDI1NzQ4OQ%3D%3D&google_push=AYg5qPIKwWNtZM6lxikfv5QkiTeA7Xyjjy2q_Oy3BYtfOEyaGWFD_460I0J5mbHSK1JuK4...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMzIxNTQwMDA1MzA4NDI1NzQ4OQ%3D%3D&google_push=AYg5qPIKwWNtZM6lxikfv5QkiTeA7Xyjjy2q_Oy3BYtfOEyaGWFD_460I0J5mbHSK1JuK4mDmHLqNgRpwq7Eae-Dv1eOIIJf1PxD

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMzIxNTQwMDA1MzA4NDI1NzQ4OQ%3D%3D&google_push=AYg5qPIKwWNtZM6lxikfv5QkiTeA7Xyjjy2q_Oy3BYtfOEyaGWFD_460I0J5mbHSK1JuK4mDmHLqNgRpwq7Eae-Dv1eOIIJf1PxD
pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 10 Jul 2021 03:21:54 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2FCD
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YOoQfDUKTvO4ZOriv7qi-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YOoQfDUKTvO4ZOriv7qi-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKQbu7aWKYc5Y2xrsl_mYhfNHxt6MstfhzvnkN9s0Ma44QcbiEAZdPJ8u6Z3hoDpdYfBNgCwoAnRkYN9jxwFhwbWznHWFE

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YOoQfDUKTvO4ZOriv7qi-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKQbu7aWKYc5Y2xrsl_mYhfNHxt6MstfhzvnkN9s0Ma44QcbiEAZdPJ8u6Z3hoDpdYfBNgCwoAnRkYN9jxwFhwbWznHWFE
date: Sat, 10 Jul 2021 03:21:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2FCD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMZQz0uN0rja8sF8kJMS-zA&google_cver=1&google_push=AYg5qPJF0u1nK6QnzC8UIOzVEmBvjUZzrrNWiYLxNaOLvb4g0FMJpf2mKqFim3CgxEJ4gLO4RYA...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JUMUItVy1BNzk3&google_push=AYg5qPJF0u1nK6QnzC8UIOzVEmBvjUZzrrNWiYLxNaOLvb4g0FMJpf2mKqFim3CgxEJ4gLO4RYAQgiiD1yg2IF-6LQdi78GwBa-x

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JUMUItVy1BNzk3&google_push=AYg5qPJF0u1nK6QnzC8UIOzVEmBvjUZzrrNWiYLxNaOLvb4g0FMJpf2mKqFim3CgxEJ4gLO4RYAQgiiD1yg2IF-6LQdi78GwBa-x

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYN0JUMUItVy1BNzk3&google_push=AYg5qPJF0u1nK6QnzC8UIOzVEmBvjUZzrrNWiYLxNaOLvb4g0FMJpf2mKqFim3CgxEJ4gLO4RYAQgiiD1yg2IF-6LQdi78GwBa-x
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2FCD
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHY34pyQyVO_jRjeAVYevvg&google_cver=1&google_push=AYg5qPK7PA1Xzhc5NzJFek6iUR7HQ1opmtKUamdS9rGA1hSL6mv2CT54ln0bUTOB_xbaG7VDlnfBMCt9Ww8_SG_xpVnaAam...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPK7PA1Xzhc5NzJFek6iUR7HQ1opmtKUamdS9rGA1hSL6mv2CT54ln0bUTOB_xbaG7VDlnfBMCt9Ww8_SG_xpVnaAamtuXpK&google_hm=gH_lac4lS_m1so6K...

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPK7PA1Xzhc5NzJFek6iUR7HQ1opmtKUamdS9rGA1hSL6mv2CT54ln0bUTOB_xbaG7VDlnfBMCt9Ww8_SG_xpVnaAamtuXpK&google_hm=gH_lac4lS_m1so6KLKggFw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPK7PA1Xzhc5NzJFek6iUR7HQ1opmtKUamdS9rGA1hSL6mv2CT54ln0bUTOB_xbaG7VDlnfBMCt9Ww8_SG_xpVnaAamtuXpK&google_hm=gH_lac4lS_m1so6KLKggFw
pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2FCD
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDFSkHEkbgikWJf7v83B33Y&google_cver=1&google_push=AYg5qPJeZzxp8-vYiAyt8_6X...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJeZzxp8-vYiAyt8_6X7KElhnZvLL3M8lb3sMyBOeRHc7ILTCGiEdDiv6YKGVJerKkGitKnGu0_hVCMaSQr56XigZ5JGMhNkQ&google_hm=

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJeZzxp8-vYiAyt8_6X7KElhnZvLL3M8lb3sMyBOeRHc7ILTCGiEdDiv6YKGVJerKkGitKnGu0_hVCMaSQr56XigZ5JGMhNkQ&google_hm=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJeZzxp8-vYiAyt8_6X7KElhnZvLL3M8lb3sMyBOeRHc7ILTCGiEdDiv6YKGVJerKkGitKnGu0_hVCMaSQr56XigZ5JGMhNkQ&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 09 Jul 2021 03:21:54 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 2FCD 0
12 B 15ms
14ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J3VqIe8-oJXsIIrFgJ7TdI3kKoK9IXaRgp0G51ryoQt7JjhNNuu37sox7Bsw5HvF14wvruJA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DFA2 3 KB
4 KB 19ms
19ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2644932
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CJ%2F3VxA05bTYLcAeGR%2BvUffjSwp4ZhAY7dHvR8xJWmyeRuu1EgW7IgTFqIUg6SoP%2BsxCBeYTmmvM78QnGQxgtWv1i6fl1GGAZpFGhNch6XIdBzDUgfmUzl9sBd2C2LmE%2BvH1M59c1d6NhFJpRtY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 66c6aa24685b4d8a-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D872 3 KB
4 KB 12ms
12ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2644932
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UGFx%2BB1AfRvg%2BEkHIF5a8A%2FaCYfR0%2FYGZfPpEDaAFMQz%2FXwuEJLbO5VAW%2BJJifGLmOS13ODFhZNYxnlbAsRAa2vxmq8D5mPN1M8Nxowx9QQT%2FTAguAgtsAuxkJnKqfnu%2BRuZpI1I7EObqBxcU0A%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 66c6aa2478784d8a-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame C418 2 KB
2 KB 14ms
13ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1j983aqz7m2ds6vgg64wra5wydpq7ezrheh6gsh2c09zk2jaypgt74xccyyadgvqwgyx1hkanz5rxnygaqbdw1b8vw16z9km8wbzsr5s8mwttksgm4n3g3ah7szyzkafts8wv8fs2jeb8n4df44rmesy5cvhab4z186vqgfr2e8v6eqg0kzy7e49z4j86c08nfp236zn2v3rgh17s8ppt6ssmxw0zcb6bw2kcaqde44r7mfveza9f3ctkeres21y6vjkvznyecvzjggwbrjszze304rysbmefjrj57paz7dm2ebqhe1sy0ma3q80fvjpq3vwg657zp1mfsnrzh9bzq4xtwx3v2aamd4hax87erc6hxrsb4nby7b546j5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%26client%3Dca-pub-3064385439319244%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1j983aqz7m2ds6vgg64wra5wydpq7ezrheh6gsh2c09zk2jaypgt74xccyyadgvqwgyx1hkanz5rxnygaqbdw1b8vw16z9km8wbzsr5s8mwttksgm4n3g3ah7szyzkafts8wv8fs2jeb8n4df44rmesy5cvhab4z186vqgfr2e8v6eqg0kzy7e49z4j86c08nfp236zn2v3rgh17s8ppt6ssmxw0zcb6bw2kcaqde44r7mfveza9f3ctkeres21y6vjkvznyecvzjggwbrjszze304rysbmefjrj57paz7dm2ebqhe1sy0ma3q80fvjpq3vwg657zp1mfsnrzh9bzq4xtwx3v2aamd4hax87erc6hxrsb4nby7b546j5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%26client%3Dca-pub-3064385439319244%26adurl%3D

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 10 Jul 2021 04:21:54 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1405557
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3fLnQTEigbual34ffWdFExNuuvzEAcJhkfZY8eZkCq%2FPy5PwBusk2SuG7HKG6%2BMKDFAdRHpUhgpo2kR%2FHVmZS4B9pcwawxvQgkATIlm8puz1s9nxI8OpmeF600QEH%2BD7"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 66c6aa248a342c19-FRA
content-encoding: br

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame DE24 2 KB
2 KB 16ms
15ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1ksh4e91vg2y7647pp5za351ny33my3yv03gq5yk2232c3hvxj4s0je565bev9he19d34c20f7xxdmsss3gwnx8h4e1g9zv126gv0qmdmyv1smr8zwgb75hnmvcnbj7atzv4tjtfva7k99m0fmm6hbsx04zq25dtvsentrmekvjhj9tzs0fjcc2y05wgj5y0yvtv1fp0947bs5et55mwd3d553g4k8d8fy9xrr9a3ta0t09gsjpp68h8aajh1th86mpds2pwnh59z12cv4pzcyzvwhr7dqxv589n8xfmwhje9zbk2fjbvgmy9nyntp5gjgxam7ftrgbsqxtq7t0x09tcgb8ws1rrwmc2g9hz9pgeqb5c770mqjj6zckwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%26client%3Dca-pub-3064385439319244%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1ksh4e91vg2y7647pp5za351ny33my3yv03gq5yk2232c3hvxj4s0je565bev9he19d34c20f7xxdmsss3gwnx8h4e1g9zv126gv0qmdmyv1smr8zwgb75hnmvcnbj7atzv4tjtfva7k99m0fmm6hbsx04zq25dtvsentrmekvjhj9tzs0fjcc2y05wgj5y0yvtv1fp0947bs5et55mwd3d553g4k8d8fy9xrr9a3ta0t09gsjpp68h8aajh1th86mpds2pwnh59z12cv4pzcyzvwhr7dqxv589n8xfmwhje9zbk2fjbvgmy9nyntp5gjgxam7ftrgbsqxtq7t0x09tcgb8ws1rrwmc2g9hz9pgeqb5c770mqjj6zckwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%26client%3Dca-pub-3064385439319244%26adurl%3D

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 10 Jul 2021 04:21:54 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1405557
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lpf6qir8HaJ%2FHcDSEbEHyiHdQDtbL600M5DGxjGcsHSh3kdD3vJCTs%2FjdyFvdOvIgKQpBiJmoig5aBtmQ2x44bRE8cn%2FKURXZMUaJMJYygb0Y7UxrEuJGh5bQdyYdjK%2F"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 66c6aa248a3c2c19-FRA
content-encoding: br

GET
H/1.1 200
OK button.5573c974dc31bbdab5ea7923a0bd5cf3.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 03:21:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/67BA)
Age: 712420
Etag: "382be2960021b88f6ce982d997cdbd01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
48 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7K1FEGD034

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/ads2732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4a286dd7fcaba0afc93221067a05dbafed6bcd77e11dba1c4edab0e66a94220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49241
x-xss-protection: 0
expires: Sat, 10 Jul 2021 03:21:54 GMT

POST
H3-29 200 rs Show response
ad4m.at/ Frame A781 1 KB
2 KB 24ms
24ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 156213b0372262eade37f97b75f746d33082a716992b7be5510a9a0905b6c5d2

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hcqesd7mr9tf8d9qn3yxbc6pr55q5jf5edyzzds77e2db354xfnsgkcc3qk22q7vgf7w6hzz7jaaqyt406zn5rsx91hpn01xjrvr9q6bb7z4jg59t23cn019djrknr8v8c5wyy5c4820b11q5p7dh93ppmvvf9ba48vf1e0cs57m3j6fv9y5p1xzk7j9p619yf1y0z50yzr6kzhq4s7zam0cwxwc7ck3za6d1n4g3cv6s7bfe8ytwtbgz2wawyqf7nrndsp31ryc0dtz9q4kc97ajffg7fw9at80889jwksdckxn1safkv114f8aj1p61fy4vj2hprc3zgb01aa7a5qh1fk3wn0w3287kzchhdfg180kzpfhph0ypvam&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 66c6aa24ca762c19-FRA
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3LLbWe39Blu6zdXTE%2F6t9g30SsT57BAT9y7vTPpp%2BmzIWZzCGALxkF9x%2BqBxyPMwmIsfOXezc%2BuYgIqqs0cfS%2BT8FclAavzVre5PN95SkjYF1z1Gfl23x2YlDBcGVHI2"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

POST
H3-29 200 rs Show response
ad4m.at/ Frame 2141 1 KB
2 KB 36ms
36ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d35beef7565880725cd855c589f94ada193e28a77c03091ceff35693d371301c

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j9escr7s46t7wyf3g3ywkhek8yst8hvw872szxnzb9yd0j48rbrax4zyv9mj4thx1bra7r26frc6rbjhq4vf5wpqhaf5zhkj54q3mswcftfdr5bkat72ya6t1nzecy7vx6zpnmdg5taxh4rdnm6hpemnmmpvd8jaafhz7pzs1dhhmaafa2529sqnr9gzbdyhmhzwac1ww2xgx2z05tztbhj5e3xqrd5cs6t4m1drz2y219m4t3kj8bts65rbawmy1b3mtb20yp1qkf8nb3e3ryyzntmkwpfxhg43847dep2qmn8q2gxd6rtzp7vef8bavx8afjbasezsycb5c7sbywd3mcdw4bz4w5a92ty1486saf440hm7mntraq18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 66c6aa24da872c19-FRA
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ufVJf5kK5fx3YRcwJmP4ZGRtwRlp5Wiimtex22hBV5711h%2Bs4ElMf9NQaTaiL45wJ33yJqpL2ggHb4FqNtvYihONrNbjhnUGkgFJrwMq%2B%2FqNaIrwBxswrqXCnljb6atN"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

GET
H/1.1 200
OK tweet_button.06c6ee58c3810956b7509218508c7b56.pt.html Show response
platform.twitter.com/widgets/ Frame 6A8C 33 KB
13 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.pt.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 0de4efab6acbe4500fed3d95a030a7476dc74ebb489e4fe98f134f3b2d22c1ca

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cidadesdomeubrasil.com.br/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 712410
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 10 Jul 2021 03:21:54 GMT
Etag: "d228b3a7b5f221e29df8a6f2e9333eb3+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12500

GET
H/1.1 200
OK tweet_button.06c6ee58c3810956b7509218508c7b56.pt.html Show response
platform.twitter.com/widgets/ Frame 636B 33 KB
13 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.pt.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 0de4efab6acbe4500fed3d95a030a7476dc74ebb489e4fe98f134f3b2d22c1ca

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cidadesdomeubrasil.com.br/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cidadesdomeubrasil.com.br/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 712412
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 10 Jul 2021 03:21:54 GMT
Etag: "d228b3a7b5f221e29df8a6f2e9333eb3+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67A8)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12500

POST
H3-29 200 rs Show response
ad4m.at/ Frame D2CC 1 KB
2 KB 35ms
34ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d4f2661929f711ef9c750769581e09eb846559685aece2f7ae9d6ea6314508f

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gtga6fe7w3ty1pe0j4ecvtaatrs4f7e17jwsxp2j5x0efr7hwbkp3ktazs7dqy13mbeya7k9y9vatjtehczmrvg7zck0mj5j8mskn5gvn4h0wsekfpx1bzfs6p6zygbh314fgr11t13jt59sndra8hpsbrd0n74bchjtv3jmw46qmthfmsmmmbesm0egfha03cn2xs21gpy0kwbjf8nv7fcmrt23xzdrkerzht6jypqpyp7g37ch5vbgnkjz30p29jhkdvc7ewa207ba8gb3k49wshbhajtk0tpd0jcjds3r9fx2thf4vpqq1rp5pf4mze2azbdbgc375fbq5sgr2bd8189ypggjkxcgn75g04ztkk9eg0yr5y4x6ytg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 66c6aa24ea992c19-FRA
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vIwP6m79CrSTwY8bAA6H4kNVbCS8TDAswY1iP%2F6xmMLf1pGNp3uP1Z%2BOPRve%2FWK7ub1ZTndlabxHnCh827JG0wRefctiajaq7oMJkBDwTD0%2BD%2BXFvcrUk4cHUNKPfs%2BJ"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

POST
H3-29 200 rs Show response
ad4m.at/ Frame 66D5 1 KB
2 KB 55ms
55ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba81575d1851b2329568f5c45eb680a78779c551510c6a41cf469b840b30a0e1

Request headers

Referer: https://ad4m.at/ad/dr?ed=1g8h5c0r91bd3cdfghfddzpez12da6fcwtgv7mkjb6dz5fmgvswv8cgh78nkqh2gv18fzqe4820ry3qntmx5zb01wrrh2tqr57a0pst215bysjjw8dn6w7p5fvez14nkby3an2q2qcc948c8bpbq0vv4qw8rzgtn3197jrrawjdamyphew3346yw827nyq2b6kwkvhcfv97jtgcm2emdmzx59t3c7pw22vaqb5k35f7zmkzpk4a7x80xd2awvh6d0df92penapeyyx2h5wt3dfrdhnbh7g813jcgd72xkkvz2zmgwsprecmecd56pakwp959bmkmpmdyjnphmfdawd9cyd2g3p79wphq61602yk58480ar8swmpwcht2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 66c6aa24faa32c19-FRA
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2B1m%2BEny%2FMxrNip7mRbwWtUOLjKvZzwW9uHiLMTjo%2Bh7tLkHCh60h%2FWxSn13tPBIT8QU%2F%2BqVbYLYmAy0KuB0UPPfc2l17gb5Ovfdt9ZBNVfTKin8JsCtsqqqn4legZFbx"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 50A3 10 KB
4 KB 19ms
18ms Document
text/html 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3147bfcdd9a4bea44229731b57d9c817653e18689148ecfdd3731d5ac90c4e2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c6aa24fc574e80-FRA
content-encoding: br

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame 649C 11 KB
4 KB 19ms
18ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c98f6757ff5ec7a52324f1a5d79df9318dec6930814dd1c94da07f251e26081f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c6aa252ac72c19-FRA
content-encoding: br

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-181670863-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-66877063-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b617223941d8f01293957124226dbfef7c815b1b5674222831d06383c56469c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36899
x-xss-protection: 0
last-modified: Sat, 10 Jul 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Jul 2021 03:21:54 GMT

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame FEC4 11 KB
4 KB 19ms
18ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df699f56dab941fd9fbdeb804e143712e93ef190ea756bb4bdea8bdbc869c6bb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c6aa253ad82c19-FRA
content-encoding: br

GET
DATA 200
OK truncated
/ Frame 6A8C 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 636B 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 35 Show response
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/moedas-operacionais/ Frame 9AB6 170 B
787 B 270ms
270ms XHR
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/moedas-operacionais/35

Requested by

Host: www.confidencecambio.com.br
URL: https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/js/2.519f1a0a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-233-92-4.sa-east-1.compute.amazonaws.com

Software

Resource Hash

1279eb714b0bdb2a1a04fa682d01af64f0f06859c25a0ba44142d82879ead0e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.confidencecambio.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
auth: $2y$12$M4fgZx/W7r9yRWtkqZ7yx.cBlfZjRgvGzVmwOXrUEBiA8BMCn88Bq

Response headers

date: Sat, 10 Jul 2021 03:21:55 GMT
x-content-type-options: nosniff
x-amzn-remapped-content-length: 170
x-amzn-remapped-date: Sat, 10 Jul 2021 03:21:54 GMT
x-amzn-requestid: cc800363-1112-487b-a362-029513642884
x-amz-apigw-id: CO_NAHJ7GjQFpbQ=
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
access-control-max-age: 3600
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: *
x-amzn-remapped-server
x-amzn-remapped-connection: close
expires: 0

OPTIONS
H2 200 35
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/moedas-operacionais/ Frame 0
0 206ms
206ms Preflight
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/moedas-operacionais/35
Protocol: H2
Server: 54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-233-92-4.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: auth
Origin: https://www.confidencecambio.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 980f4406-69f2-4fa7-a445-ccd9c670bbe4
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,auth,agent-id
x-amz-apigw-id: CO_M-HY7mjQFvGg=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-expose-headers: agent-id

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame D983 11 KB
4 KB 24ms
24ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3403b31ac01828040b94fce94376d468f5e792f049fd14c343aebb59666d05

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c6aa258b362c19-FRA
content-encoding: br

POST
H3-29 200 rs Show response
ad4m.at/ Frame DFA2 1 KB
2 KB 35ms
35ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84ba4448da399ff7fec6460be55426bc6fe6b5b9511da3eb4d049dd4f98723eb

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j983aqz7m2ds6vgg64wra5wydpq7ezrheh6gsh2c09zk2jaypgt74xccyyadgvqwgyx1hkanz5rxnygaqbdw1b8vw16z9km8wbzsr5s8mwttksgm4n3g3ah7szyzkafts8wv8fs2jeb8n4df44rmesy5cvhab4z186vqgfr2e8v6eqg0kzy7e49z4j86c08nfp236zn2v3rgh17s8ppt6ssmxw0zcb6bw2kcaqde44r7mfveza9f3ctkeres21y6vjkvznyecvzjggwbrjszze304rysbmefjrj57paz7dm2ebqhe1sy0ma3q80fvjpq3vwg657zp1mfsnrzh9bzq4xtwx3v2aamd4hax87erc6hxrsb4nby7b546j5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 66c6aa258b3d2c19-FRA
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=As90En3UxHrAzYh9UuSZxkTjRoQLcmqKo4gGupaPl8lUFNa1AGgMiNkEtHksbPD%2BYnnsNTopPRM8Aaaigx424Ny3D4Iujgt0JD8MPTIrRy3rK8zPI0jQa44FDSVmGtDN"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 19ms
18ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210701&jk=1801608463871284&bg=!tbaltvLNAAbV4AdB1eA7ACkAdvg8WmVDrt3GkV2ss-NV_f2-FS4i6GLP6BtjmITo2Ar737tU_eSE1wIAAACqUgAAABxoAQcKACYgSAwzbpZzlF3eMDUD9RrJVvP1TmaK4QHvbj59HWZM39PAfaaye5kCh3W39YEbjjaKx3BZx5h5h1vWVvOkYqpW2NIa4g1E7u6XljyiffGeU45tY-8W8jS11o-LAd19c7kOCNNoqhFNHrHS2B1Q0PzYXDQNWHEL5SX79qbNPP-5MRluPEVXEvrCeSYdU8sk-v6RI-mJiXdSha7ks9MTMMtESC_ARJsGmp8dyfp6HONS-loQCsWlZWym-TqiKctGVFD-HU_dHMO4d_LbGWim9OvOXofnwzlGjGa42LuV7B53ILWc5ue9WSIt49Q8sobSjaGMX0IaNrX8ndpArxeUD74rL2d-t9jBL7u_KPv9COGrfl8oZs0Yw4-yrxoIPZd0aCA4FPpXsSqLDr9U3jiMjXK9OiILLXSq9WGsNiviNZh6qNX4HHRimOpbO_yTYaLYOJzLOIxDb2GzI2oMskv672WuPMKjAJVKbqshZN_yCuAs_lpD0orzeWD7p1RtsiTWsoowQI2bZtDzzrOJiFabohK8OUn8jLiWBNzNOV11m7FaykOFvsLI5IvESW9Tlrfrexg8IHG9Pr_9wOyAmi3bJkslh80N33_kqYaM-Y3AJuF0AJFJbgbPMwNO2zdmkIwaHBb924FbroqxXz7vWZ0Sb6fPFVVmKHzqqZtmkXWHWUwkqxj1S9hdhBdCSwJ5OvxMTFyOzF5xYFIGiT9UsZH6F-Vd0-rM4aPUqG2zga-Ah0tA7AIaqlla4dbZ5WaHOYbL1gR8QcSmUMLZDaF8Ep1fZdSEcTOhQaW3gboGziTmv86_y9X9EC0-wiul0sub0FPW5kxHOG1cj1JH02rdHFpNAeUl6D6cUx3s2b69TFlN902fZry438eADTsoY8iJ4OCNzNA4JufVRmzQiorvw6Si-2Xk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 50A3 64 KB
7 KB 16ms
15ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1016253
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 66c6aa25ab552c19-FRA
expires: Sat, 10 Jul 2021 04:21:54 GMT

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 50A3 18 KB
19 KB 21ms
20ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 643840
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwOGp5bgSvwEzU_da1b77w9WducnNtAstYqvxSKIr83PnCr9Z1OUEVynQSlskeHgfZHvWTiqDm_G4ijz27hD2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Z12ryJO7H%2BxTYnxwRd4s5kZq287%2FrEX9EZVoF%2BNzDazop%2BKV7bFvPsLD6C6a%2BV2wNM63mqlGMlzZphdsn7rTyxfNbxXTYzAOag6Mt9p42LeSmVZhlUHz0pl%2FHjtafTBVW%2BWI8ZXNIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 66c6aa25ad274e80-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
assets.ad4m.at/product_image/ Frame 50A3 300 KB
301 KB 27ms
21ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EZXtXA==, md5=mgoAJVijZFI0Dr9oP+Il1A==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 292515
cf-polished: origFmt=png, origSize=594083
x-guploader-uploadid: ADPycdvWJ381jsUt3c2bnyOhsBN8eT56nGWU8guSKptbqewJ7lWXtv7hCFpR_BhaOadTH3GNJmU2b2YxIsOfzxtQN1GTJaUo4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 307160
last-modified: Tue, 22 Jun 2021 13:51:23 GMT
server: cloudflare
etag: "9a0a002558a36452340ebf683fe225d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KU1kREyANsRk6zW7F8r8Ys238J5SgkMlfmllKpVrERmQXRdQkY%2FbVI8eTE9Wn9%2BCnfvpUAfUWCVsGwG34n7io3%2FwL7b4D6bAOMDpmm37aEy84ASMwuSS5bkcawNcPlnimHJtPPBufA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624369883413081
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 594083
accept-ranges: bytes
cf-ray: 66c6aa25bd334e80-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 50A3 43 B
704 B 66ms
23ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519575&v=14098&q=379092&r=412871&pv=1&pref3=oneidVx7fwfmfEdghVHbHAtRt8bGU5tzTzQkoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:54 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 50A3 38 KB
39 KB 30ms
25ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 290988
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycduzEsKmHJ9XnazLcgyIST6JAnrdiSfNTGNTLcRjC2_OeQmEIoOlDWqmbWhdU_P8K9SQp2VPTK-eDFCqk-eckddlwWfK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6LkLrxWftlX2pYt%2FplLhxGAahcNtYcDlVZ9PGkR3DCbeRudr3DxdnVFyleDW8cKSaoMMuGG3zTYbiw6h9Z5%2Bj7iUWh6jA5M6DctgJrUPqs50djQ0p%2FTgSnNpbuYyovO4yQctf0JgNw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 66c6aa25bd344e80-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 50A3 113 KB
113 KB 19ms
14ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 287003
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycds0a9SwZTCzEc33e8SYPnGf46wKHYPGSLocvC9Hkd-remaq7J29nilNwcjqfltvEfedVX9AwqjCcYNYKIL59W_o7khgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eHGowDBzOxbrKLqsdR2dT5LfgZYH8qPV8rnSQkbmR1f7pQzOcFXfFEZQ7XG7Y3oiaGTaGgeDz0zdjakqmnnO8FtjNYwY6FYtP2D%2FKfApoKLxYEBpSJyZe%2B6OQ6rdzJmNnB6cmpKq9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 66c6aa25bd354e80-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 50A3 43 B
702 B 83ms
30ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:54 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 50A3 38 KB
38 KB 23ms
19ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 294335
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdu0NdDV6uwVZ6V13FVfdyR8XwOYKSgjjNc0acRxVoEA3EnSDftyN5e9NVmePTjPRBpccOWs0YG6A3qSHVVM05SbZtkZjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PTVl3gEnhiB6N%2Fj%2FYjrGUQIwPOMz555X%2FZA%2Bhyf%2FX48GlCfCe8PNP0siZddVo1Dp4bUGZI%2Bal7UGmY9Nc9TVLpGGJTUo4Lg9tgcf%2Bbm4psfztz2ZvEDfKMTifj%2BBJU3NjHJ2m%2Bbsiw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 66c6aa25bd364e80-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 50A3 84 KB
84 KB 22ms
20ms Image
image/jpeg 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1405466
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H44%2BJHeqf%2FscL3mY%2FKDHfRvDwMAyRtCUXqUMFZOIP3MYugn5Sk6OVAjWr1R%2FlnFTCKb6De4P42yPxk7hiiD%2FFrZCUF7imjXSwwmtNm3UrwQTZlW9rnFJFn954gNN0F6Uuqn%2BF61FUg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 66c6aa25bd384e80-FRA
cf-bgj: imgq:85,h2pri

POST
H3-29 200 rs Show response
ad4m.at/ Frame D872 1 KB
2 KB 39ms
36ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86349ac8bdc9fc286891cb136cd4504d1a43aee11d6cab771fef85d65bbff4be

Request headers

Referer: https://ad4m.at/ad/dr?ed=1ksh4e91vg2y7647pp5za351ny33my3yv03gq5yk2232c3hvxj4s0je565bev9he19d34c20f7xxdmsss3gwnx8h4e1g9zv126gv0qmdmyv1smr8zwgb75hnmvcnbj7atzv4tjtfva7k99m0fmm6hbsx04zq25dtvsentrmekvjhj9tzs0fjcc2y05wgj5y0yvtv1fp0947bs5et55mwd3d553g4k8d8fy9xrr9a3ta0t09gsjpp68h8aajh1th86mpds2pwnh59z12cv4pzcyzvwhr7dqxv589n8xfmwhje9zbk2fjbvgmy9nyntp5gjgxam7ftrgbsqxtq7t0x09tcgb8ws1rrwmc2g9hz9pgeqb5c770mqjj6zckwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%26client%3Dca-pub-3064385439319244%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 66c6aa25ab5b2c19-FRA
date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qchYOYLy9tjpxvm2pmzzXJdVP8MjFyjBFXizWcqt%2B%2BhFgZHON96b6QMRf9w71PpQvF%2Fu3Xrvp5Ug%2FcOHBZgk1AgFygxvc2pKyxbodxvBPaeAa9ukvEobsuwKW1024ADY"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=2071803087&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&ul=en-us&de=UTF-8&dt=Tudo%20sobre%20o%20munic%C3%ADpio%20de%20Novo%20Horizonte%20-%20Estado%20de%20Santa%20Catarina%20%7C%20Cidades%20do%20Meu%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABAAAAAC~&jid=1740383479&gjid=631156670&cid=1755381569.1625887314&tid=UA-181670863-2&_gid=1253955624.1625887314&_r=1&gtm=2ou770&z=18543734

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cidadesdomeubrasil.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-181670863-2&l=dataLayer&cx=c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6969
date: Sat, 10 Jul 2021 01:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sat, 10 Jul 2021 03:25:45 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 649C 64 KB
7 KB 53ms
50ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1016253
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 66c6aa25eb912c19-FRA
expires: Sat, 10 Jul 2021 04:21:54 GMT

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 649C 18 KB
19 KB 53ms
50ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 643840
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwOGp5bgSvwEzU_da1b77w9WducnNtAstYqvxSKIr83PnCr9Z1OUEVynQSlskeHgfZHvWTiqDm_G4ijz27hD2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DD7389e7OmKamQIS3R1951R01kkboTEFyGJFZvxphCoPekuW3%2F2ClmLtMfyfjwqoGASmbpoyjiOMpTd80XiHg6f%2BIJF9s%2FZpwQZrbjL9s5LV4dIywS4zSdGfjBobEIgXQHRhvpCj4w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 66c6aa25eb942c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
assets.ad4m.at/product_image/ Frame 649C 300 KB
301 KB 22ms
19ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EZXtXA==, md5=mgoAJVijZFI0Dr9oP+Il1A==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 292515
cf-polished: origFmt=png, origSize=594083
x-guploader-uploadid: ADPycdvWJ381jsUt3c2bnyOhsBN8eT56nGWU8guSKptbqewJ7lWXtv7hCFpR_BhaOadTH3GNJmU2b2YxIsOfzxtQN1GTJaUo4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 307160
last-modified: Tue, 22 Jun 2021 13:51:23 GMT
server: cloudflare
etag: "9a0a002558a36452340ebf683fe225d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CmYjfjaNc0dFfkn30NCZAZOSocPklbHPvkskT4VRV7rXi02LAEOfvnUU69BFd8l6vXVl1JFSSf2nTOlWWmyFlqDaom6d%2BZ8OWK%2BWtXXydr38zp9AWd3ojpB0pR8OfP7rPjgCX8Qzdw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624369883413081
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 594083
accept-ranges: bytes
cf-ray: 66c6aa25eb962c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 649C 43 B
704 B 49ms
22ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519575&v=14098&q=379092&r=412871&pv=1&pref3=oneidVx7fwfmfEdghVHbHAtRt8bGU5tzTzQkoneid__asuidQ0Jz-hY4YyesmKzwlKARAXXLlf6pQjaKasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:54 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 649C 38 KB
39 KB 60ms
57ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 290988
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycduzEsKmHJ9XnazLcgyIST6JAnrdiSfNTGNTLcRjC2_OeQmEIoOlDWqmbWhdU_P8K9SQp2VPTK-eDFCqk-eckddlwWfK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qDEogTyK9PjjRWtCg%2FSaXY%2BYC1a281LmBdOLjKZFtsArkyOQteyiSmVmc3%2FGChCChRPGrTq4yBDcfWP5LMpZKR5DWexSfBjPBMBfBa60RIIMj4k%2Fu0kZU2BHoJ1Gan7Pa52fwn%2BWDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 66c6aa25eb9b2c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 649C 113 KB
114 KB 14ms
12ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 287003
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycds0a9SwZTCzEc33e8SYPnGf46wKHYPGSLocvC9Hkd-remaq7J29nilNwcjqfltvEfedVX9AwqjCcYNYKIL59W_o7khgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HCnafoxOHBwgSIKffKaM%2FnogvSwsrUemCgm%2Bi3I5EYrWVNHQs27n0EDHxCllc%2B4viPMQ4S7x%2FixZI8Tl1crdO4iVwSyITPW%2FvDexzoCHtkI4zpVxMxwsy%2BKJaRTMKJTKsy4qQvtaqA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 66c6aa25eb982c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 649C 43 B
702 B 59ms
23ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuidQ0Jz-hY4YyesmKzwlKARAXXLlf6pQjaKasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:54 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 649C 38 KB
39 KB 52ms
50ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 294335
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdu0NdDV6uwVZ6V13FVfdyR8XwOYKSgjjNc0acRxVoEA3EnSDftyN5e9NVmePTjPRBpccOWs0YG6A3qSHVVM05SbZtkZjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eSxem3V8gUlsPbV4UUr2OBwMLBy2A1iH4yUKjFwPQz06PHfdW2I2O94%2B2CJ5SheXvaKoygYt2x8lJcC979ivvWNG0TWnzyUKz4q%2BkZTjNXn1gBPCCeHVbVTk%2B%2B6ztXYTCLojUSGbmw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 66c6aa25eb992c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 649C 84 KB
85 KB 55ms
53ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1405466
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oCwEIGzx5YXsnZt5pelZEf91AnGz4jrfG9X8hzqTHDapw9MbcPIS4hfdhm9b93TWKs%2FxxfY%2BkWo8YpOaSoApAlNzl%2BUPGxV%2FiTAFzviQf3yOM9N76cc%2FvNCl6YYb55rZfZAITxNApA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 66c6aa25eb972c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame FEC4 64 KB
7 KB 56ms
55ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1016253
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 66c6aa25fba52c19-FRA
expires: Sat, 10 Jul 2021 04:21:54 GMT

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame FEC4 18 KB
19 KB 56ms
56ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 643840
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwOGp5bgSvwEzU_da1b77w9WducnNtAstYqvxSKIr83PnCr9Z1OUEVynQSlskeHgfZHvWTiqDm_G4ijz27hD2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=huu7c1XB8KfVXBFeC8PnNjSlBaxto6TQ%2B%2F6MC0UrtBO%2BhyCLGxsTvfx%2FRXKRDMPdyR6SbPp27DuKLr5bwsvo8byyhNLuu3CgpIqvk5gsKcRvPWXksH0oPczkpnDLsKxBebUA%2FeLt1w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 66c6aa25fba62c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
assets.ad4m.at/product_image/ Frame FEC4 300 KB
301 KB 57ms
56ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EZXtXA==, md5=mgoAJVijZFI0Dr9oP+Il1A==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 292515
cf-polished: origFmt=png, origSize=594083
x-guploader-uploadid: ADPycdvWJ381jsUt3c2bnyOhsBN8eT56nGWU8guSKptbqewJ7lWXtv7hCFpR_BhaOadTH3GNJmU2b2YxIsOfzxtQN1GTJaUo4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 307160
last-modified: Tue, 22 Jun 2021 13:51:23 GMT
server: cloudflare
etag: "9a0a002558a36452340ebf683fe225d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r59XbFqIcliy56OJKJMHwyVBKKUBNB%2Fc5PpAifquWNZ5gKehW0QWgeAX0M89rGndUax3Bl1hRkWJs75zOQaVVB08%2FEmMAOA%2FVnlDtQ4Qex3ANlh9A1fGe%2Ft5oEdY4QQXDWvktx8OPA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624369883413081
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 594083
accept-ranges: bytes
cf-ray: 66c6aa25fba72c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame FEC4 43 B
704 B 53ms
22ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519575&v=14098&q=379092&r=412871&pv=1&pref3=oneidVx7fwfmfEdghVHbHAtRt8bGU5tzTzQkoneid__asuidfD1LUUfwi9DMyGZ7b1VBaXM3g7onWLawasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:54 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame FEC4 38 KB
39 KB 68ms
67ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 290988
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycduzEsKmHJ9XnazLcgyIST6JAnrdiSfNTGNTLcRjC2_OeQmEIoOlDWqmbWhdU_P8K9SQp2VPTK-eDFCqk-eckddlwWfK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JNLoqmsartgfhPMVejoffm5%2FAjVtj8urMhoaYI%2F%2BVHc0X0ttu0JH6vphfY0%2Bd1dBN9Ok1tRw8l5GIry4mVMJ0to7v7KgSrqQOcSdItUDuXLkegeXzT7Zjklp4JsRhN8cJ5Ve5SmtRw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 66c6aa25fba82c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame FEC4 113 KB
114 KB 69ms
68ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 287003
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycds0a9SwZTCzEc33e8SYPnGf46wKHYPGSLocvC9Hkd-remaq7J29nilNwcjqfltvEfedVX9AwqjCcYNYKIL59W_o7khgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yzhcCtPcJJWuAXzgpzyBvz%2BBxKlDvRMKMy%2BIs9KVV3FmWeBwx8AQ8RgK8OkU0WushzOanowBtWULe5Bmp2LzhbZ2uPTDAy141n3uJDnZJcQGBGp2eEIHXpC%2BUwAlk0p%2FQipo1S6wKw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 66c6aa25fbab2c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame FEC4 43 B
702 B 61ms
23ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuidfD1LUUfwi9DMyGZ7b1VBaXM3g7onWLawasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:54 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame FEC4 38 KB
39 KB 72ms
71ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 294335
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdu0NdDV6uwVZ6V13FVfdyR8XwOYKSgjjNc0acRxVoEA3EnSDftyN5e9NVmePTjPRBpccOWs0YG6A3qSHVVM05SbZtkZjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cPpnwaiht3SazRDQCuh2XEiHoB10gFcqAgzHx2BNroZ62k%2FB1ZzN5Xq%2BT2HJEpEN6KxHrnPqyJvFKEj5iIl%2BlOJ0kw0kqR9dAtNXAEVoxifl4w%2BLxmrUDDMH0KTveFnDSTqaxm2Qhg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 66c6aa25fbac2c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame FEC4 84 KB
85 KB 73ms
73ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1405466
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R4tssFDICJgDl5EmqGmGkoqCuCiLg9U%2BUdmrAYcSLn2c62h9evPM4tZg%2FDXGm2cWAG%2FoFW2ttKLjd93eQpx0Z1g4v8eAh3N4piZ2CZV4whAp%2FP3JUQHm0QJxNSCzmL%2BPqqS9O%2BzLhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 66c6aa25fbae2c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame 0861 11 KB
4 KB 64ms
64ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff8ddb9ac6f4cdf5652092d06ed3bef42c1b6577750ca0450d63202038a9ed26

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c6aa260bbe2c19-FRA
content-encoding: br

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7K1FEGD034&gtm=2oe770&_p=2071803087&sr=1600x1200&ul=en-us&cid=1755381569.1625887314&_s=1&dl=https%3A%2F%2Fwww.cidadesdomeubrasil.com.br%2Fsc%2Fnovo_horizonte&dt=Tudo%20sobre%20o%20munic%C3%ADpio%20de%20Novo%20Horizonte%20-%20Estado%20de%20Santa%20Catarina%20%7C%20Cidades%20do%20Meu%20Brasil&sid=1625887314&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7K1FEGD034
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 03:21:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cidadesdomeubrasil.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame 7AAD 11 KB
4 KB 56ms
56ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0b95bd7638811cda57f29081e92f7ee23c9becc762cf53b224f6e9c292bf2d4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c6aa261bce2c19-FRA
content-encoding: br

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 50A3 12 KB
12 KB 142ms
103ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: de2ea29625b3303dea1640cb771993d90d09b484c9857a4dc83e98af123fba8c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:54 GMT
Last-Modified: Sat, 10 Jul 2021 03:21:54 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame D983 64 KB
7 KB 14ms
14ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:54 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1016253
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 66c6aa265c0e2c19-FRA
expires: Sat, 10 Jul 2021 04:21:54 GMT

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame D983 18 KB
19 KB 17ms
17ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 643840
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwOGp5bgSvwEzU_da1b77w9WducnNtAstYqvxSKIr83PnCr9Z1OUEVynQSlskeHgfZHvWTiqDm_G4ijz27hD2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UkWeA9wSP%2FIqAZiHuEhVJHww5TW3azt%2F3FJAdGAy0uSm8TElIDi7imDu0Qzi%2BAxsPZeGxCnk%2BaS%2BaUe876e166cUt34JolnLSC3mK7sc%2FJB1bjcxE68U3HYfRiqnOX7nYShSztUQRg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 66c6aa265c0f2c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
assets.ad4m.at/product_image/ Frame D983 300 KB
301 KB 15ms
13ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EZXtXA==, md5=mgoAJVijZFI0Dr9oP+Il1A==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 292515
cf-polished: origFmt=png, origSize=594083
x-guploader-uploadid: ADPycdvWJ381jsUt3c2bnyOhsBN8eT56nGWU8guSKptbqewJ7lWXtv7hCFpR_BhaOadTH3GNJmU2b2YxIsOfzxtQN1GTJaUo4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 307160
last-modified: Tue, 22 Jun 2021 13:51:23 GMT
server: cloudflare
etag: "9a0a002558a36452340ebf683fe225d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w8fv4AoRYKFI9wMC3FukoWWsRja5h2czsqyOMZo0uWonrujLq1yU%2F32BD5YNtU%2BNVNHDY27JQP%2BAg147Oy8hxdt9tvyC9U5zWw%2F70gFdsWR8dyftEilIGufZEkQgbnJP9wnM01HKQA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624369883413081
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 594083
accept-ranges: bytes
cf-ray: 66c6aa265c112c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D983 43 B
704 B 26ms
23ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519575&v=14098&q=379092&r=412871&pv=1&pref3=oneidVx7fwfmfEdghVHbHAtRt8bGU5tzTzQkoneid__asuidwrV5NNJq6us7SuWFOJG4OAxm5emNCbQXasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:54 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame D983 38 KB
39 KB 22ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 290988
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycduzEsKmHJ9XnazLcgyIST6JAnrdiSfNTGNTLcRjC2_OeQmEIoOlDWqmbWhdU_P8K9SQp2VPTK-eDFCqk-eckddlwWfK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fefRQ0qUmSi97HYpUEJjVpXw0gssMYa6Ow68nB%2BHVXE5z%2B9I4T8b3JnOwtCIdXCnRQRtIpIQgPuhkm62Y8JsqtWLpgMdIunUT6iBGk0bbhIkBeW25a4N2WwG2YKrj65PHz3hNa39Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 66c6aa266c122c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame D983 113 KB
114 KB 23ms
22ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 287003
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycds0a9SwZTCzEc33e8SYPnGf46wKHYPGSLocvC9Hkd-remaq7J29nilNwcjqfltvEfedVX9AwqjCcYNYKIL59W_o7khgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FH3u25zXqlxFvB9n7i%2B54YxjwW5cbfDnSoWSpIqYu5hbeP9xCZZWEPXfTMBUfOpvTt9H%2Bfm1AKWT9rcO7JqN4tdxVmAhGF6lR8xU9ggrHLOhIHAINCKvbGLyvEixe8Ls4vUXSP0IjA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 66c6aa266c132c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D983 43 B
702 B 26ms
23ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuidwrV5NNJq6us7SuWFOJG4OAxm5emNCbQXasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:54 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame D983 38 KB
39 KB 25ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 294335
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdu0NdDV6uwVZ6V13FVfdyR8XwOYKSgjjNc0acRxVoEA3EnSDftyN5e9NVmePTjPRBpccOWs0YG6A3qSHVVM05SbZtkZjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r5Q0sTxyhqqw5l3zEqddNqY2Ovjri1mxVP4xWf7fYP6InjqMQ5wnqAIWa0wj%2B8VY0igCoXlBU5C%2BQQydUmeIYLgqDOgzQ%2F1ETnI0YROeOZ0M3oQHSvFnydEo3RrFSEP2ybGgIaY7PA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 66c6aa266c152c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame D983 84 KB
85 KB 25ms
24ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sat, 10 Jul 2021 03:21:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1405466
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qlOiSEAO6LtCqnnR33TCXvIHIVZKRjK0arHzyo73R%2BfWQkE113ZBl3rVC%2F9LGofIyL7UA0xV1ZOy1LfIavspCQUxTeTLuoKYubWU7xBQxzA%2FoKE02Jq6awqNoGxMsy2zJrOgBDLr%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sun, 11 Jul 2021 03:21:54 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 66c6aa266c162c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 649C 12 KB
13 KB 142ms
102ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidQ0Jz-hY4YyesmKzwlKARAXXLlf6pQjaKasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidQ0Jz-hY4YyesmKzwlKARAXXLlf6pQjaKasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: abcab953b71c7c1b5dad1b94c08f7a638f23a36ddfe6c820ae6b0a6bfe0bf77c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Last-Modified: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame FEC4 12 KB
12 KB 146ms
106ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidfD1LUUfwi9DMyGZ7b1VBaXM3g7onWLawasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidfD1LUUfwi9DMyGZ7b1VBaXM3g7onWLawasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: bac7fdfa05f066e43d812aa72dee270c6292c5c36a1b379f6952a18905e07aea

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Last-Modified: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame D983 12 KB
13 KB 138ms
96ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidwrV5NNJq6us7SuWFOJG4OAxm5emNCbQXasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidwrV5NNJq6us7SuWFOJG4OAxm5emNCbQXasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=wrV5NNJq6us7SuWFOJG4OAxm5emNCbQX&g=982fee5cae82c18b1fdc88eafd18a57b%2F3725761441630267741&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23p9tm4vnmfaq6x6j3tbqdh39z5z631gy6vz6sgygzyye0pt5ayj6mx15azfqmswzk4gy0zzhegjajc1k9389mhbsnyjk712yw930zz75fbjqrvgfrfhrkgaw11bcnzfbh7gcfarqyz2hgdzgqrn368c561tkz3mh1b8exdpnbpx157wcrtgy72jtfh19rywp4b6qh04j93htvtc7g4xwxazcfee9gty2b00d7gkneh0m6mh6rs1xge0bkv1m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPu-eURLpYOLPOorH7gOh8q-YDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QHxfOfgql-hTT7CzmIt1sHT5Fn5Y1UuG5JG2WrzJsBm5BX6IEj4gwefnuVx6Xz61GTO_3cO574KPrp_r1NjghvPkdbD0sXOfZl065WobMwyOfmvJUVtQNJUubFV1dJhmhi3LGuuyidyWbRbWbekWz3qVE2gbnE1ESr0nfBZ4bGbPMDfFhWnC5NnwwF4WSToxhMdjYCvmRqO637gQZNGSvr652gGW-Hx9bXwa2Df98-V8XrXDUZhNuliFv0lI9XZK-KXPvStvO11gqrb6WYZEj2pkyHurPIs8ONIwxBX330WlwA_KFnCmc2Q6iVSt-gH-TZYOABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3dS7Hq2hZO10nL-afwEO8QZ-H8tw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: ac3eeca60942d529397f7ff150518325e4557841bdb18c005e06014414049cd5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Last-Modified: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 6162
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.cidadesdomeubrasil.com.br
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 712420
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 10 Jul 2021 03:21:55 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Sat, 10 Jul 2021 03:21:55 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Sat, 10 Jul 2021 03:21:55 GMT
x-transaction: f42e94c4a9243749
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-connection-hash: 5296ee152c8add37286c20cba27ed37aaa87ba3e81d5fc9991c0319848082a6e

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 0861 64 KB
7 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1016254
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 66c6aa26bc6d2c19-FRA
expires: Sat, 10 Jul 2021 04:21:55 GMT

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 0861 18 KB
19 KB 15ms
14ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 10 Jul 2021 03:21:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 643841
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwOGp5bgSvwEzU_da1b77w9WducnNtAstYqvxSKIr83PnCr9Z1OUEVynQSlskeHgfZHvWTiqDm_G4ijz27hD2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YLBvf1mBfFVHZcOopS2rnPAiYonmw2pacWmuyrQbhGZSbHKDfdAfbSqmNOxdJQZ1E0Gjam%2Fm4hETfBYIcvgg8HdrxgrpuyYjbTHOSX8kEABiSTy7dsBOdu4CGu9hwTJbvxhlH8QSrw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:55 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 66c6aa26bc6f2c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
assets.ad4m.at/product_image/ Frame 0861 300 KB
301 KB 20ms
18ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EZXtXA==, md5=mgoAJVijZFI0Dr9oP+Il1A==
date: Sat, 10 Jul 2021 03:21:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 292516
cf-polished: origFmt=png, origSize=594083
x-guploader-uploadid: ADPycdvWJ381jsUt3c2bnyOhsBN8eT56nGWU8guSKptbqewJ7lWXtv7hCFpR_BhaOadTH3GNJmU2b2YxIsOfzxtQN1GTJaUo4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 307160
last-modified: Tue, 22 Jun 2021 13:51:23 GMT
server: cloudflare
etag: "9a0a002558a36452340ebf683fe225d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UiTe5JF3DBk1j%2FOMrdxfxlqgULnrakMB%2BEhN%2BJfsoH4DvgAEdc2GvpDUkSarJrjRGVDN5Ja9D4E75sWS4wXjSt6ug5p7AONVK9J5GE%2BoafVSabFkAdTeyRbO5HlOwlBnGK4rmunKLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624369883413081
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:55 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 594083
accept-ranges: bytes
cf-ray: 66c6aa26cc722c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0861 43 B
704 B 24ms
22ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519575&v=14098&q=379092&r=412871&pv=1&pref3=oneidVx7fwfmfEdghVHbHAtRt8bGU5tzTzQkoneid__asuidW951J5At_Eg7btWS4MgbhTfhgLlkNgfZasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 0861 38 KB
39 KB 30ms
29ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sat, 10 Jul 2021 03:21:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 290989
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycduzEsKmHJ9XnazLcgyIST6JAnrdiSfNTGNTLcRjC2_OeQmEIoOlDWqmbWhdU_P8K9SQp2VPTK-eDFCqk-eckddlwWfK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vwPAgnz1gRPmu6KbsBi60vcUf46kdKZIO6Wl6Bb1mBXu7BOskuWqaAcX4lQ5SqoIFhIpAAtN0%2FhbXz6obdIhq%2FysrG0Z82ozKlCO6zpBEFMj8RaDfAyofd8dDQ1iA7OCpVTgT%2FYppw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:55 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 66c6aa26cc762c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 0861 113 KB
114 KB 21ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sat, 10 Jul 2021 03:21:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 287004
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycds0a9SwZTCzEc33e8SYPnGf46wKHYPGSLocvC9Hkd-remaq7J29nilNwcjqfltvEfedVX9AwqjCcYNYKIL59W_o7khgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fsI%2FiI888%2BQCwVLCIZBR%2FqxKaj%2By8F%2FqPQeAnXDQgrP8mo%2B7sgJNSQXsAsm83icoQ%2FVGSvXNxezDU6F2esvHYTF%2B3or0uI3xy7io7ly9S8eLQPtqyWl4WRdZ5Y7qLT4oeYx7jqpADA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:55 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 66c6aa26cc772c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0861 43 B
702 B 25ms
23ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuidW951J5At_Eg7btWS4MgbhTfhgLlkNgfZasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 0861 38 KB
39 KB 16ms
15ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sat, 10 Jul 2021 03:21:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 294336
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdu0NdDV6uwVZ6V13FVfdyR8XwOYKSgjjNc0acRxVoEA3EnSDftyN5e9NVmePTjPRBpccOWs0YG6A3qSHVVM05SbZtkZjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2c%2F08Www4aAYNS6e6GNWAuDtFoAES%2BbK4zH6RkgvNkkvJMKQfZfipm%2FrWoKNvYAWk%2FpGODmBACfz%2BPKIdF6tIsRWglkqucgZXOW2GaFzxNE%2BEClQTExJgRte5zfc6YvzpfaanPnd3g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:55 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 66c6aa26cc782c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 0861 84 KB
85 KB 15ms
13ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sat, 10 Jul 2021 03:21:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1405467
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mT2GiM1yQ%2BQ%2BhEGY3vWS6hPkzIdj0%2B8Sgiv2nW9HB94w1AH6vEX%2F53meBiCMYIn9CfOEVz3KqDHRy43cxenNOkK3jjeCngHBg3n%2Ba1oyw%2FpDCfomkA50YCp8l17xo2%2FL0LDI1OrEVg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sun, 11 Jul 2021 03:21:55 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 66c6aa26cc792c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 7AAD 64 KB
7 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1016254
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 66c6aa26cc7b2c19-FRA
expires: Sat, 10 Jul 2021 04:21:55 GMT

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 7AAD 18 KB
19 KB 22ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 10 Jul 2021 03:21:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 643841
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwOGp5bgSvwEzU_da1b77w9WducnNtAstYqvxSKIr83PnCr9Z1OUEVynQSlskeHgfZHvWTiqDm_G4ijz27hD2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LAZO1MbpIJanav5yYwgwgDAdXtmYF7KDmMUmUpkFIvNuQnqlPfrKoHFMzoesD08lptg1trnBkJM4JWUYv9%2FjnFW2LBXWmhaJuUnRAk7QPxylgKHaZxEu1RNWYWf0ux%2Bl8db57XAsGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:55 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 66c6aa26cc7d2c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
assets.ad4m.at/product_image/ Frame 7AAD 300 KB
301 KB 23ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EZXtXA==, md5=mgoAJVijZFI0Dr9oP+Il1A==
date: Sat, 10 Jul 2021 03:21:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 292516
cf-polished: origFmt=png, origSize=594083
x-guploader-uploadid: ADPycdvWJ381jsUt3c2bnyOhsBN8eT56nGWU8guSKptbqewJ7lWXtv7hCFpR_BhaOadTH3GNJmU2b2YxIsOfzxtQN1GTJaUo4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 307160
last-modified: Tue, 22 Jun 2021 13:51:23 GMT
server: cloudflare
etag: "9a0a002558a36452340ebf683fe225d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FuiF3E%2FGcTWmjpBGGNWH46O8wTOzyjD8vbDmtHeE5VdYUWenaAiwIztFDCZgk8e4xG02FR374rW10YobSKtQKg5pB7W2IvIC%2BBxqKg8WSnIpw%2F3v3x9KrLs0ur9tSHDBwteNjElMOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624369883413081
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:55 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 594083
accept-ranges: bytes
cf-ray: 66c6aa26cc802c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7AAD 43 B
704 B 28ms
25ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519575&v=14098&q=379092&r=412871&pv=1&pref3=oneidVx7fwfmfEdghVHbHAtRt8bGU5tzTzQkoneid__asuid9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sqasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 7AAD 38 KB
39 KB 17ms
14ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sat, 10 Jul 2021 03:21:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 290989
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycduzEsKmHJ9XnazLcgyIST6JAnrdiSfNTGNTLcRjC2_OeQmEIoOlDWqmbWhdU_P8K9SQp2VPTK-eDFCqk-eckddlwWfK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tIykpee7pU0tLWEfmH1nWRNJe2H9qYc3cVZt%2BcAge2gjYZpjSeW2Zns9HCyp6UntD5eDyv3WeeWfDEPGgmIYqEdg2Ea1%2B3iru%2FFv%2FR85VGoPld0ESsBDdvpczMhqdMv4nwUZVur6Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:55 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 66c6aa26cc812c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 7AAD 113 KB
114 KB 37ms
34ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sat, 10 Jul 2021 03:21:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 287004
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycds0a9SwZTCzEc33e8SYPnGf46wKHYPGSLocvC9Hkd-remaq7J29nilNwcjqfltvEfedVX9AwqjCcYNYKIL59W_o7khgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vywKb2rKIePS%2FGVnAk6cA6bcBG4QXBQedbtu8ubYvo1I2aB%2BW%2BKAY84tPDjzDUKOD5FGBwFt1ZR3CEJbNgmUcwj84kHUx13%2BvFkSTKFh%2FqnqkWvzSoplDPTtyZKveqdcsUUsqTuCbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:55 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 66c6aa26cc822c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7AAD 43 B
702 B 27ms
24ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuid9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sqasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 7AAD 38 KB
39 KB 39ms
37ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sat, 10 Jul 2021 03:21:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 294336
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdu0NdDV6uwVZ6V13FVfdyR8XwOYKSgjjNc0acRxVoEA3EnSDftyN5e9NVmePTjPRBpccOWs0YG6A3qSHVVM05SbZtkZjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Nim113dGUNpKrmNDxUsiApzZ2lGp0mkg6%2BjdYy9A8UW1jxGBRT14w2%2FJPfWFaRw0nqADdAc4df3YDv%2BaNHqKCPS0G3nk95YJJFLHWdr8Q4bUf9aiZGoBE%2FCAhORxeWGewoBNMx4T1w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sun, 11 Jul 2021 03:21:55 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 66c6aa26cc832c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 7AAD 84 KB
85 KB 40ms
38ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sat, 10 Jul 2021 03:21:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1405467
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=F1fgnidoePR%2FM3EaBkh9Mn8WPdRDHxQvtwimQ5PWOlgyd9Aje50jDH7RId62LpjCdQoF%2FeMTpN38iq%2F9j5DC2RldIdV9ndZPtWGQHuPub0CGUovMKp5PWA0XMki8cLrXsnwMG02WDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sun, 11 Jul 2021 03:21:55 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 66c6aa26cc852c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 0861 12 KB
13 KB 145ms
99ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidW951J5At_Eg7btWS4MgbhTfhgLlkNgfZasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidW951J5At_Eg7btWS4MgbhTfhgLlkNgfZasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=W951J5At_Eg7btWS4MgbhTfhgLlkNgfZ&g=8f815e4cd9498c5e9c8cbe9dada72dc1%2F12181154043482187601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214c4mt590cgrs7hq4m2b08yxcytz2b5n8f33646c557c4xr08651t8drepvt85s4qg6ekg4dkebys6ezjrhndkyz36xts27g68xvzm07c9pm9gkgt56d349raetdjmyhfxbat4sfg41yan21j3k0f9jvnevgeb5csay9vfymbz020d9yr9zf0a9bhafmx0jhbekr2ad6xzpmsx5evddw3akctfgp752nvwvj4cdb2y7bjxx9yjt6bnzzpnap%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuvh-UhLpYOSDA5r2gAfbnYTwC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QcsMA37oki6mQqGLbhJqO_tDJxh5E9K-TdXlrEnOMUurcP5McZ1LfNwTqOAw-8jfCyIOlH5zsoCuIHGp_y0Gj35jTQ1_FbLQsJD-AtJ4GAHhuMHn0WkeTlp8LfyKHWpaVVAoWpBO6_jtCSe-T-wmFgKXJ06aSXkpP9qanZp8gCOP7xQc9Gf4ni9QgdK2z4Rie4SrHUZbQlZ6Pg3xcVjvlJb8adXkvUvYdnVqKiLQWO4TfWmKJ0ybxiQsujC6rpMslWuut7SWRedbcjcjR5O7CCpeqBVMwKwbfJQyysCCB0NaPLr88vwx-X3toMmqLH-Zx1kKABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1nfsgh-wlCbgZHvVXB1EcY6mse_w%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 21618d033d8a8668aa26b6caf5b7f88aa450fe55893393afd7f01fbeb5ec6b2b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Last-Modified: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 7AAD 12 KB
13 KB 143ms
95ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuid9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sqasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sqasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sq&g=61e3849b553c7e432bd94e4731ded848%2F1191156029440384999&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23x5bpzgdg9765h2hm14f90gexwtv7wsk63g8n1wep0pg31qsvktmqajjgp2qqrkp4e8ev0exw0m9rs37jhnaf7q6cgmwy5fqnaraz0b4y1e3d0nqafy2czh2s1011kwtch70a7c12d5ve41wk65dp060e9b0c34zgy535fqm0g099cqwxgwf9jr41c2gt42fj2fyg6xjj9c3w72x1bv17fkbs0xhnqamw8ef3d0cdt6wr69wn251n4d4eyya%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE6dTUhLpYLb0BdGB7gPJ6qnICJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QM-hH2Z2Nkh2GLVDIIuVg34AYq58Ol4JLV4jwbk_yuWGgxiGqurrBUkLJW2jxNmphfFYws1QNx56m7yvIjkc1zY9C3p9V2B6wMdJHu8hZ68-KLQKCNr_fb-Y6AHBKsGxJnjynqYYfHfzFdCj32rRtsHJMlgJJnLmPTBsGfr5W-gNof6RD4G2vnWUzpE4MJEiA_RLywA5HjTLGziAc5PMglJJp5FsliQe-QyOKnlj24b6N0no2mKtuz9P-n4WE2TB-otVAYiCQFria1hO8WKPFAoVxyBG2pa_8aICtb42kLt-Ev41n2q9xCuEUWW3nSVvFskOABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z-_tjawMIEqZ0dY4eu39We2WAlA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 70c3ba784acca2ff0dd2c904ec4141f7d047134c221c10fe67ee89af3124f686

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Last-Modified: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 50A3 59 KB
60 KB 46ms
15ms Script
application/javascript 13.225.74.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9gxRQLkEbSwlqYx89yHTPWBPBM9yYdWx
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jun 2021 16:00:47 GMT
server: AmazonS3
age: 77644
etag: "edfa65aada7c65cbe3a78f39f8444ab3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 09 Jul 2021 05:47:52 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 60765
x-amz-cf-id: FHvR6tMuVTitaL6f4AxrxpLGw2Ph8T4YyvBpPizJDGyRCydvujAqSw==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 50A3 79 B
374 B 71ms
32ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSTgeHaW.etQVD_DJhCizgzH_y3EjNpmVWN9dPBSmrk.Nk4Jl9RL3tJ9XvjBzJKyNrl7pp0iJ3A0KFgBFY5BNlr91xU...Gk&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221625887314%22%2C%22%22%2C%22%22%2C%22%22%2C%221781407314%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=ebfe16182fe67ff2c3466e0a5a4c5638&userIP=89.249.64.171&doAffectv=1&wgtime=1625887314
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 50A3 85 KB
85 KB 61ms
23ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidz4pFRfEYabqxtpHBHMtqtzX4sbtwTrkoneid__asuidALTlCmo0bq92_RZycqXsbSZMr3IN14uZasuid__suite_Netmix_Reach43_Monat&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=0585ca1ee606fff172b4c61f528099a3%2F6902830275735349052&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23tzc7w5kzvejabac6dbz400zxh8d1m37m1byhk90tvq8v82r7yvxd42yakhhqc7aeq5hqpf6z0kh9c0vyf9s5kffmmg1nmw9q9zwkkce3xv55z27mj9jrssgv3j50mb2sfvyd591tqb535qp8jx82m2kv6drnhe2bde56z9mdep4qjxfx7v2nwc6b5761qb1khaqj99g86gmgmj2c9bkvcc3s5vffcdmjabek24nb1tz1cryp3qd2814fdty%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmJYcURLpYI6FONbH7gP0pbWYB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QsJPZ9e3IjIdTFnT7aTYaPmjLnHTG5woLjj6vMo0l8Jw8maYV-21N80bsw-kCp-DxxzIRrGUQCudcRdj0Gav1xE5Z_bJ62CUF6X4Mtlr9atyhmzwyLD1zu7XBWb95qZluKy9OswMvKqBipYy0XzZ_ZOG7S8i2lL-WL5rb6D1C1SFrlZazl8MTWi2cG9IoG_a7rlJcuoKcfd2Jrm9znYv_ULaloCNGRDKkaevRlw2HP695pIv2w1oOfeyPeibWhOpnbybq5bqDzos0FXLsJysSEvIIF3H9wMC1SemxDbdIlq0RDx288WGZniuJQMd6t3Srj4eABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0yF3P4d5grNQdTrZ-fc-e1WNWNgA%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Last-Modified: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 649C 59 KB
60 KB 15ms
14ms Script
application/javascript 13.225.74.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidQ0Jz-hY4YyesmKzwlKARAXXLlf6pQjaKasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidQ0Jz-hY4YyesmKzwlKARAXXLlf6pQjaKasuid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9gxRQLkEbSwlqYx89yHTPWBPBM9yYdWx
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jun 2021 16:00:47 GMT
server: AmazonS3
age: 77644
etag: "edfa65aada7c65cbe3a78f39f8444ab3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 09 Jul 2021 05:47:52 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 60765
x-amz-cf-id: iSyzGr-JR_V22B1tgNWi4cz-2Eyqk-2sG-kKybJae3iPYRv1c9DHtQ==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 649C 79 B
374 B 72ms
34ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSTgeHa9KCmr.S9RdPQSzOy_Aw7UTlf_01kKHoNvdjV.lV9dXJsg8mcK4rTOycfwljXGfe2Rc7L1eWNNW5BNlYiJ4uy.8tQ&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221625887315%22%2C%22%22%2C%22%22%2C%22%22%2C%221781407315%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidQ0Jz-hY4YyesmKzwlKARAXXLlf6pQjaKasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=c4311ce89824d388c22759d5ca3f2e35&userIP=89.249.64.171&doAffectv=1&wgtime=1625887315
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidQ0Jz-hY4YyesmKzwlKARAXXLlf6pQjaKasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidQ0Jz-hY4YyesmKzwlKARAXXLlf6pQjaKasuid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 649C 85 KB
85 KB 61ms
24ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidbWPSQfZfp5QFYHbHztKtwr5uet3t5Ajoneid__asuidkv37per4zMBDmADzADRAyZpvJmu7Uu9nasuid__webplexmedia_advancedad_728x90&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=Q0Jz-hY4YyesmKzwlKARAXXLlf6pQjaK&g=9397da151d6141378995a7b2950205de%2F4897924286434785131&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20vyvvwhk0s0rgcwyd3s907dm6k2hs7r3tehh1qd3n1znb4wpb5v301vq45rawb640sh0hw1fccjbdtfeb1g6pwhj3p1k7mp1s9w9x1wfz899bhcx8dzcbpqhxt1zdr60cmgwdd1dbyyr5sev2jgbch7jdrkar4107n1cnf0ftd3zb73xeh1hjckgygqsfjpmqexvgnarmc7dw8g2n7jqsj3vfrc4q8e3fmyxa5ecexx0v34bnc5hjyrwrybg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBuRQURLpYJmfOcyK7gPhlqzoCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT0AU_QX5batu6HcD5QnD5rUWkJljORW-2EDe8heZAd-XzRR6gqn5SwIshx23aySaqfl5JP3XZMwZGLoqAhJ2D3qkRpIhoB2kXarMNP7KPbPyM9Gy0t_XGlX8_pq9cxzCJEaOfkrBYQOx0CRas2HI5HKLbtB_eo2tNlsiLUwkkipA-HxipsBKUS0aIMU4ZoIdPGdWb8540Exrh5moH8iA5BJv1u96ha6jJobte5n2UbyTliKa83TFBV45XI7QB5fkZOqTjNjcdedA99EfDBOcCbMPK1R8Zujx1LimODO0pD2Xp2rF9UoqfcIG1NMd_qkY5Rd-QG-pCABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pb0xhniJ_ITAFkggyE9gVVPIUJg%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Last-Modified: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame FEC4 59 KB
60 KB 14ms
14ms Script
application/javascript 13.225.74.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidfD1LUUfwi9DMyGZ7b1VBaXM3g7onWLawasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidfD1LUUfwi9DMyGZ7b1VBaXM3g7onWLawasuid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9gxRQLkEbSwlqYx89yHTPWBPBM9yYdWx
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jun 2021 16:00:47 GMT
server: AmazonS3
age: 77644
etag: "edfa65aada7c65cbe3a78f39f8444ab3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 09 Jul 2021 05:47:52 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 60765
x-amz-cf-id: jYsQeqLrrnCYXp0e1-Q0pGyF2ACth33jou0NLLkmJ92biN3gaONaaA==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame FEC4 79 B
374 B 71ms
33ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSTgeHa9chmr.S9RdPQSzOy_Aw7UTlf_01kKHoNvejV.lV9dXJsg8mcK4rTOycfwljXGfe2Rc7L1eWNNW5BNlYiJ4uy.3hd&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221625887315%22%2C%22%22%2C%22%22%2C%22%22%2C%221781407315%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidfD1LUUfwi9DMyGZ7b1VBaXM3g7onWLawasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=fce3ab6ade9be5c9ce001439b32ec5be&userIP=89.249.64.171&doAffectv=1&wgtime=1625887315
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidfD1LUUfwi9DMyGZ7b1VBaXM3g7onWLawasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidfD1LUUfwi9DMyGZ7b1VBaXM3g7onWLawasuid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame FEC4 85 KB
85 KB 61ms
23ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidt1Al-JoyRVKa0FD_L5DWa4gYq4oc7DNXasuid__dc_reach_suite02wkz&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=fD1LUUfwi9DMyGZ7b1VBaXM3g7onWLaw&g=79f69d84323907512ab88a8af37a1340%2F11756666793483532328&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21wx22nz4mzgs9n5j0bc5ymnz14xw3mvvswc3d02nws2vdhkznahc34j6sd3ssnj00jszhjdgbpeayegejwwmb1xqbzja0dj1zk4k3d7fy87xkrpes8maa5zv0ce5e67gt3nk6hepznhns17y9zfwmjbdwfh2a0vzmbw97316jrbq5e43b480h6v892mcqmgxb1j2exhp5mq6ss08qw32zj0egew28kkck0tpjz0r7xq1f2nkcz1kv6z72a10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCGJvURLpYJ2zOMaWgQfw3qi4B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDM4NTQzOTMxOTI0NKABwq7o3QPIAQmpAm_Y1dU27bM-qAMBqgT6AU_QfmL81vUSRylBRhhAQO8Qhpd3uVwdFUSS6a1SbAiBzYIvNzd9zqsOEnajY3f1CZEtwbtsiGIH9kYmmlvVbuJod7fj7Y9eTrtx4Xj4N1jD1KfVlzddD45w5eGzQ5qIeSpFREpJ9MdT4FB8gIt_1b8xYh4Dr3BpWg2nu6k3v9su8VBvlEId6Kr-2BiVmSsIRH1DL5UUwIJ5cnctwz4JaelKIbI6cL6AZDjFP8FhndPfoIuE4Uwu255SD5FMyi4wAJxhoGSti1gCdrvhjxjT8u7q_5Zs4S5I6O2PzQWZsiBvg3m8j-TF2orJ1fNYGg0XLj7so3bn0GM1LWyABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y8MIFjZord0dfHsTWVQG5J8t0dw%2526client%253Dca-pub-3064385439319244%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Last-Modified: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 50A3 63 B
270 B 73ms
35ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSTgeHa9eLtQVD_DJhCizgzH_y3EjNpmVWN9dPBSmrk.Nk4Jl9RL3tJ9XvjBzJKyNrl7pp0iJ3A0KFgBFY5BNlr91xU..4y0
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D983 59 KB
60 KB 15ms
15ms Script
application/javascript 13.225.74.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidwrV5NNJq6us7SuWFOJG4OAxm5emNCbQXasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidwrV5NNJq6us7SuWFOJG4OAxm5emNCbQXasuid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9gxRQLkEbSwlqYx89yHTPWBPBM9yYdWx
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jun 2021 16:00:47 GMT
server: AmazonS3
age: 77644
etag: "edfa65aada7c65cbe3a78f39f8444ab3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 09 Jul 2021 05:47:52 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 60765
x-amz-cf-id: TAVQyk8K4iKQNYQohYuPTb4ZGBWIqc_HW6yhdB6aMwicjFes5RCIKg==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame D983 79 B
374 B 72ms
33ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSTgeHaAoMAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiLy.25.ea8IXkb9WJMStbuXjn5y85icCmVWN9e4WX3NlY5DtFMfs.2zL&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221625887315%22%2C%22%22%2C%22%22%2C%22%22%2C%221781407315%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidwrV5NNJq6us7SuWFOJG4OAxm5emNCbQXasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=06242af2e09af26b9f0fd73000107108&userIP=89.249.64.171&doAffectv=1&wgtime=1625887315
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidwrV5NNJq6us7SuWFOJG4OAxm5emNCbQXasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidwrV5NNJq6us7SuWFOJG4OAxm5emNCbQXasuid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame D983 85 KB
85 KB 63ms
24ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidbWPSQfZfp5QFYHbHztKtwr5uet3t5Ajoneid__asuidkv37per4zMBDmADzADRAyZpvJmu7Uu9nasuid__webplexmedia_advancedad_728x90&wglinkid=713569
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidwrV5NNJq6us7SuWFOJG4OAxm5emNCbQXasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidwrV5NNJq6us7SuWFOJG4OAxm5emNCbQXasuid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Last-Modified: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 649C 63 B
270 B 74ms
37ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSTgeHa9aLtQVD_DJhCizgzH_y3EjNpmVWN9dPBSmrk.Nk4Jl9RL3tJ9XvjBzJKyNrl7pp0iJ3A0KFgBFY5BNlr91xU..3SH
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame FEC4 63 B
270 B 76ms
38ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSTgeHa9.pmr.S9RdPQSzOy_Aw7UTlf_01kKHoNvgN.BN1eN_DA1Re4GSraUe9zBQsZPuVr914VecL57GY5BNv_0TjV.B19
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame D983 63 B
270 B 72ms
33ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSTgeHa92fRhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtQs.BN1eN_DA1Re4GSraUe9zBQsZPuVr914VecL57GY5BNv_0TjV.AK0
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 0861 59 KB
60 KB 14ms
14ms Script
application/javascript 13.225.74.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidW951J5At_Eg7btWS4MgbhTfhgLlkNgfZasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidW951J5At_Eg7btWS4MgbhTfhgLlkNgfZasuid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9gxRQLkEbSwlqYx89yHTPWBPBM9yYdWx
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jun 2021 16:00:47 GMT
server: AmazonS3
age: 77644
etag: "edfa65aada7c65cbe3a78f39f8444ab3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 09 Jul 2021 05:47:52 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 60765
x-amz-cf-id: WA4ClUfuGp3s8kyvp0W7G_dySWhhV21jPkT6gwQCYgxg-KoWgiCGKQ==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 0861 79 B
374 B 70ms
32ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSTgeHaA9PtQVD_DJhCizgzH_y3EjNpmVWN9dPBSmrk.Nk4Jl9RL3tJ9XvjBzJKyNrl7pp0iJ3A0KFgBFY5BNlr95xU..17W&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221625887315%22%2C%22%22%2C%22%22%2C%22%22%2C%221781407315%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidW951J5At_Eg7btWS4MgbhTfhgLlkNgfZasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=45f3a529ea30b736974d1d6c82d762c7&userIP=89.249.64.171&doAffectv=1&wgtime=1625887315
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidW951J5At_Eg7btWS4MgbhTfhgLlkNgfZasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidW951J5At_Eg7btWS4MgbhTfhgLlkNgfZasuid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 0861 85 KB
85 KB 61ms
23ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidbWPSQfZfp5QFYHbHztKtwr5uet3t5Ajoneid__asuidkv37per4zMBDmADzADRAyZpvJmu7Uu9nasuid__webplexmedia_advancedad_728x90&wglinkid=713569
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidW951J5At_Eg7btWS4MgbhTfhgLlkNgfZasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidW951J5At_Eg7btWS4MgbhTfhgLlkNgfZasuid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:55 GMT
Last-Modified: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7AAD 59 KB
60 KB 15ms
14ms Script
application/javascript 13.225.74.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuid9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sqasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sqasuid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9gxRQLkEbSwlqYx89yHTPWBPBM9yYdWx
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jun 2021 16:00:47 GMT
server: AmazonS3
age: 77644
etag: "edfa65aada7c65cbe3a78f39f8444ab3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 09 Jul 2021 05:47:52 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 60765
x-amz-cf-id: _qjU5u34RVLrrJfpMIIN18iYYfFFZY0WFZSOvf2M_jaAOWD-y4VJsw==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 7AAD 79 B
374 B 1085ms
34ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSTgeHaAqCRhk6Hb9LarUqUdHz16rgPtFFg4Jh5Dufs.BN1eN_DA1Re4GSraUe9zBQsZPuVr914VecL57GY5BNv_2TjV..8R&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221625887315%22%2C%22%22%2C%22%22%2C%22%22%2C%221781407315%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sqasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=92f00dbd4675b5c95955a7933f0a3b56&userIP=89.249.64.171&doAffectv=1&wgtime=1625887315
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuid9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sqasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sqasuid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 03:21:56 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 7AAD 85 KB
85 KB 1073ms
23ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidbWPSQfZfp5QFYHbHztKtwr5uet3t5Ajoneid__asuidkv37per4zMBDmADzADRAyZpvJmu7Uu9nasuid__webplexmedia_advancedad_728x90&wglinkid=713569
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuid9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sqasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid9tAoE8X_05Vrcgg-EyFYcp0HKkzKF6Sqasuid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 03:21:56 GMT
Last-Modified: Sat, 10 Jul 2021 03:21:56 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 0861 63 B
270 B 254ms
36ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSTgeHaAqurAR0odm_dhrxbuJjkWxv5iJ3A0KAGYilV.lV9dXJsg8mcK4rTOycfwljXGfe2Rc7L1eWNNW5BNlYiJCuy.BDN
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 03:21:55 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 7AAD 63 B
270 B 1066ms
36ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSTgeHaJJpmr.S9RdPQSzOy_Aw7UTlf_01kKHoNvgN.BN1eN_DA1Re4GSraUe9zBQsZPuVr914VecL57GY5BNv_2TjV.1mP
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 8fc9caebdbd3c806b3b9e5dacf22f17beb9ff689d9fa39c813187c9551aef4e9

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 03:21:56 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H2 200 57 Show response
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/moedas-operacionais/ Frame 9AB6 179 B
797 B 270ms
270ms XHR
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/moedas-operacionais/57

Requested by

Host: www.confidencecambio.com.br
URL: https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/js/2.519f1a0a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-233-92-4.sa-east-1.compute.amazonaws.com

Software

Resource Hash

0e64f2be0f62635b421f326b91988ae61f0835523591ffa04bddc6b24c5035a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.confidencecambio.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
auth: $2y$12$M4fgZx/W7r9yRWtkqZ7yx.cBlfZjRgvGzVmwOXrUEBiA8BMCn88Bq

Response headers

date: Sat, 10 Jul 2021 03:21:55 GMT
x-content-type-options: nosniff
x-amzn-remapped-content-length: 179
x-amzn-remapped-date: Sat, 10 Jul 2021 03:21:55 GMT
x-amzn-requestid: 415787d8-e33d-4958-b116-65cbc65a6899
x-amz-apigw-id: CO_NFG7ZGjQFtRg=
content-length: 179
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
access-control-max-age: 3600
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: *
x-amzn-remapped-server
x-amzn-remapped-connection: close
expires: 0

OPTIONS
H2 200 57
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/moedas-operacionais/ Frame 0
0 206ms
206ms Preflight
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v1/moedas-operacionais/57
Protocol: H2
Server: 54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-233-92-4.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: auth
Origin: https://www.confidencecambio.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:55 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: be67578b-e3f7-4f32-86ec-3c0597a163ae
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,auth,agent-id
x-amz-apigw-id: CO_NDHycmjQFlGg=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-expose-headers: agent-id

GET
H2 200 cotacao Show response
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v2/moedas-operacionais/29/ Frame 9AB6 198 B
816 B 292ms
292ms XHR
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v2/moedas-operacionais/29/cotacao?cidade-id=4854

Requested by

Host: www.confidencecambio.com.br
URL: https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/js/2.519f1a0a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-233-92-4.sa-east-1.compute.amazonaws.com

Software

Resource Hash

3a060fa10e3a561546de2f2893019c312e559e4dd5d918e5d3cfe85488a0c1a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.confidencecambio.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
auth: $2y$12$M4fgZx/W7r9yRWtkqZ7yx.cBlfZjRgvGzVmwOXrUEBiA8BMCn88Bq

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
x-content-type-options: nosniff
x-amzn-remapped-content-length: 198
x-amzn-remapped-date: Sat, 10 Jul 2021 03:21:56 GMT
x-amzn-requestid: 8fa393ee-8ebc-459c-aab3-04368d7f7488
x-amz-apigw-id: CO_NKGBLGjQFctw=
content-length: 198
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
access-control-max-age: 3600
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: *
x-amzn-remapped-server
x-amzn-remapped-connection: close
expires: 0

OPTIONS
H2 200 cotacao
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v2/moedas-operacionais/29/ Frame 0
0 206ms
206ms Preflight
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v2/moedas-operacionais/29/cotacao?cidade-id=4854
Protocol: H2
Server: 54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-233-92-4.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: auth
Origin: https://www.confidencecambio.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:55 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 9c8cdfc1-96c5-4d35-9031-319f76e82701
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,auth,agent-id
x-amz-apigw-id: CO_NIFUCGjQFdSQ=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-expose-headers: agent-id

GET
H2 200 script-push.js Show response
script.joinads.me/ 1 KB
1 KB 13ms
12ms Script
application/javascript 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/script-push.js
Requested by: Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3cb238c7630ba8bd60ede523b57d4b3619086b3c54c04297662d2fddc65c6c4

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 03:21:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 31021
cf-polished: origSize=1468
cf-bgj: minify
last-modified: Thu, 01 Apr 2021 12:59:37 GMT
server: cloudflare
etag: W/"6065c3b9-5bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F5WgS3PWZ%2FnnZqT%2F%2B9mNMLRwbhtVaxIchjPmDtlYE0SfqWne0YpDsFb%2B091Decho%2Feo76N9mqxsdQfDNdZh3RxVgrLI2ceobpUUjSCeVmxwMfgF95Wbw9q%2FpVVXvgGrNpvz84FfTnb97VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 66c6aa2cdaed4e25-FRA
expires: Mon, 04 Jul 2022 18:44:54 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 50A3 16 B
232 B 82ms
81ms Fetch
application/json 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-6-221.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 86ms
28ms Preflight 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-6-221.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 649C 16 B
232 B 81ms
80ms Fetch
application/json 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-6-221.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 85ms
28ms Preflight 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-6-221.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame FEC4 16 B
232 B 100ms
100ms Fetch
application/json 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-6-221.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 82ms
29ms Preflight 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-6-221.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D983 16 B
232 B 85ms
85ms Fetch
application/json 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-6-221.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 80ms
29ms Preflight 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-6-221.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 0861 16 B
232 B 99ms
97ms Fetch
application/json 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-6-221.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 78ms
28ms Preflight 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-6-221.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 cotacao Show response
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v2/moedas-operacionais/35/ Frame 9AB6 198 B
815 B 287ms
286ms XHR
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v2/moedas-operacionais/35/cotacao?cidade-id=4854

Requested by

Host: www.confidencecambio.com.br
URL: https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/js/2.519f1a0a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-233-92-4.sa-east-1.compute.amazonaws.com

Software

Resource Hash

7584c10ead5aaee899829f17436f556b074eeb8d6ab96f1805b1d7a5fe5a3a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.confidencecambio.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
auth: $2y$12$M4fgZx/W7r9yRWtkqZ7yx.cBlfZjRgvGzVmwOXrUEBiA8BMCn88Bq

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
x-content-type-options: nosniff
x-amzn-remapped-content-length: 198
x-amzn-remapped-date: Sat, 10 Jul 2021 03:21:56 GMT
x-amzn-requestid: 1cb82ac7-40e8-45a7-a580-51f79eed9895
x-amz-apigw-id: CO_NPFuMGjQFf0w=
content-length: 198
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
access-control-max-age: 3600
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: *
x-amzn-remapped-server
x-amzn-remapped-connection: close
expires: 0

OPTIONS
H2 200 cotacao
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v2/moedas-operacionais/35/ Frame 0
0 209ms
208ms Preflight
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v2/moedas-operacionais/35/cotacao?cidade-id=4854
Protocol: H2
Server: 54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-233-92-4.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: auth
Origin: https://www.confidencecambio.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 31ed91a7-223d-4f09-b96e-7e98a7c3fe1a
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,auth,agent-id
x-amz-apigw-id: CO_NNFr8mjQFaUQ=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-expose-headers: agent-id

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7AAD 16 B
232 B 73ms
73ms Fetch
application/json 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-6-221.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 28ms
28ms Preflight 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-6-221.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 cotacao Show response
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v2/moedas-operacionais/57/ Frame 9AB6 198 B
816 B 275ms
274ms XHR
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v2/moedas-operacionais/57/cotacao?cidade-id=4854

Requested by

Host: www.confidencecambio.com.br
URL: https://www.confidencecambio.com.br/widgets-de-cambio/iframe/static/js/2.519f1a0a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-233-92-4.sa-east-1.compute.amazonaws.com

Software

Resource Hash

ff9f12ddafcc8a8e141d3a26721faada5ee1a4c93f50ee1987fedba0af4c933f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.confidencecambio.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
auth: $2y$12$M4fgZx/W7r9yRWtkqZ7yx.cBlfZjRgvGzVmwOXrUEBiA8BMCn88Bq

Response headers

date: Sat, 10 Jul 2021 03:21:57 GMT
x-content-type-options: nosniff
x-amzn-remapped-content-length: 198
x-amzn-remapped-date: Sat, 10 Jul 2021 03:21:56 GMT
x-amzn-requestid: 824ebf7f-e4f2-4d72-8301-a29f64eb88e8
x-amz-apigw-id: CO_NUFWomjQFVmQ=
content-length: 198
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
access-control-max-age: 3600
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: *
x-amzn-remapped-server
x-amzn-remapped-connection: close
expires: 0

OPTIONS
H2 200 cotacao
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v2/moedas-operacionais/57/ Frame 0
0 206ms
206ms Preflight
application/json 54.233.92.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b8pybk7hl9.execute-api.sa-east-1.amazonaws.com/production/white-label/cotacao/api/v2/moedas-operacionais/57/cotacao?cidade-id=4854
Protocol: H2
Server: 54.233.92.4 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-233-92-4.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: auth
Origin: https://www.confidencecambio.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 03:21:56 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 762f3d56-359b-4df6-9335-4bcb0b677a3d
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,auth,agent-id
x-amz-apigw-id: CO_NSFNHGjQFRMw=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-expose-headers: agent-id

GET
DATA 200
OK truncated
/ Frame 9AB6 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54c6bf232517d485ab7b1f05b811e732fe2203c5e3804d69d4d0adf74cfbdf83

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9AB6 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c2437368d584d50506e86b8c4a603b3db672aaf71973e98d23e57796fdd48b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9AB6 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9196c9fa48d00c8fc345c3a2da0cf0bdd9cc35f1d7e8d9b4c53e3de04755514

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://www.cidadesdomeubrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 03:21:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/67BA)
Age: 990
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPIJnpeDmaP8nIjRWfNihCnjKPv6N7DwXymPzjTny42TjJZH-6Y1Csk7xJmeSuDqptFdkKk4zxRTdsD3kZk6G5fhEaRi6LC1&google_gid=CAESELXVMXMl85wrFVEgS629Ryg&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_gid=CAESEAia8BLqdfMVlsjrjZjDjZg&google_cver=1&google_push=AYg5qPLX7_IP30UjJCGZSuPbcVE15n2Dbq04Iqd175L3kNOsu0DyMHTU9inWFptr-v78_kzvSRovIQuTs6FI0o0dqwW_WL6-J98gBQ

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPI-T1YlwfXavpriiSn9UXqWGiut3XEfBXL1G1syg7rW1FPGjLIvnQ2I-VpB8K4Z8-ZHTjfg0BIyhqQHgKbsCMGSd7V5teHctw&google_cver=1&google_gid=CAESEEA7TN7zLzUa3Zo-hFhoFyI

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOkSUlxExawOgGZTtWmcbAAABKUAAAIB&google_push=AYg5qPJ0bQWOZGCBvMuxVzbJnABeT5aY7PMuUHoasdUtj69D7MFBhW2hOZIY_lqJ94JxC9rl55IbCuHnQArtNWv909K49avAOqgO&google_cver=1&google_gid=CAESEIH0ivx2Co3tyJbp7ay-Gx0

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
ajax.cloudflare.com
ajax.googleapis.com
analytics.webgains.io
api-public.addthis.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
avsplow.com
b8pybk7hl9.execute-api.sa-east-1.amazonaws.com
c.statcounter.com
cidadesdomeubrasil.com.br
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
creative.prf.hn
d.agkn.com
diapi.webgains.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
khms0.googleapis.com
khms1.googleapis.com
maps.google.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
platform.twitter.com
prod-rtb.ad4mat.net
rtb.openx.net
s7.addthis.com
script.joinads.me
securepubads.g.doubleclick.net
st.avsplow.com
static-de.ad4mat.net
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
track.webgains.com
v1.addthisedge.com
www.awin1.com
www.cidadesdomeubrasil.com.br
www.confidencecambio.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
www.travelpayouts.com
z.moatads.com
cm.g.doubleclick.net
104.111.239.217
104.22.53.65
104.244.42.200
104.75.88.126
13.225.74.47
142.250.181.226
142.250.186.162
172.255.224.36
18.195.172.136
185.106.81.236
185.64.189.115
2.18.235.40
216.58.212.130
217.182.200.29
23.45.99.241
2600:1901:0:76b9::
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:12
2606:4700:20::681a:677
2606:4700:20::ac43:4a81
2606:4700:3032::6815:57ae
2606:4700:3037::ac43:c5fd
2606:4700:3039::6815:c044
2606:4700::6810:a723
2606:4700::6812:acf
2606:4700::6812:bcf
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2008
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d01c:1d8:8101:939a:325c:ab79:c5b3
34.98.67.61
35.186.253.211
35.244.174.68
46.236.13.147
5.150.170.4
52.213.6.221
54.233.92.4
54.94.210.112
69.173.144.165
81.29.72.47
99.80.199.35
0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4
010f26513ba0616c47e83ee808a09f3c18f4d31a4cedeb0ad05caa13c0c02280
016b9d9fb52f78feb437e7d91a50552aa98e5b95878db374619f4fef2eb9b508
022968a324e32bedab30714b0884debe6a10258ce97a1edb8897283d0aa848ae
04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1
04bbe8394557e5111dbc18bcb4e8649d1066cab568019973c93a42a2f7b07e43
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
066b518157c0645441c5536641050b68bdc7db05354c17111e32b3e31d45a0f0
09122f2fbd64bca8a77e3d6e1244dae9e4353dd7151484b8125b2d6252695c0a
0aa6a4739af4439a3b369f5850f634271761cad57968898a86a422bbe651f4ad
0aade4473b4c7427f41a5b3aeacddf7a2e3532f2b7fece88a77644ec0e27d81a
0adbf5451d0a1fadd4d02849b57bb6dc2520ef42d0ec81d0c2fe7687f88df70a
0b4b219ae6070f4d43d7dce59917096e1aeda2de69480c7b3ddf64799554ebfa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d2fd5a42a1849ad0d820611e243fd81fe81ee767716b639ff7e88c1e9f78bb6
0de4efab6acbe4500fed3d95a030a7476dc74ebb489e4fe98f134f3b2d22c1ca
0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2
0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2
0e64f2be0f62635b421f326b91988ae61f0835523591ffa04bddc6b24c5035a2
0f33db46e0e9c76a6349531a5e9d38eb2ac889a55a2e22e8e8ba5039cb5bbd4e
1279eb714b0bdb2a1a04fa682d01af64f0f06859c25a0ba44142d82879ead0e2
12ce70cf64511a1633c4225f1a1a44fbb1ce908beed8e2f7977d77cb537068b2
14522f456985c573b657c454560d83db2e7dac42716d420cfe9e7094090b3ec9
1492fc36bdc0b0ea67d7e32fdd81b4c7814610865b1a7eaad9a1d62da188947e
1498880ff28e0ff18146cad873b5939c151368f6bffd83f5656b97741dbc07b9
156213b0372262eade37f97b75f746d33082a716992b7be5510a9a0905b6c5d2
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
18ca32a214b6a47e363f7b40179f34d9d8c2de0fb3545315d0241a0713bc08e1
18f37e27d83b099a8e2f574e034874835aec95a932d90a8c202a5a7cc856f56d
1911f0c9e8166e98871232d515bd1348dc8004dec5ad139f96bb4a623b4cea88
1cc789bb41a456c0cf7803309faa9335baccc4ec281468f9db3de37eab21799c
1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005
1dad2ea3fa922940fcb1bf197555c4d4e11f39bdf5a1cbcc500b1891e55fb14b
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
21618d033d8a8668aa26b6caf5b7f88aa450fe55893393afd7f01fbeb5ec6b2b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
28ac98f7ae1c54282cdbdd21b577e75558cbd42cedcd72c8ebc6ce9512e39032
2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9
2a7cda1b9885b1dc864fe64017c2b274814357246160b7c491bcb0c1454abe8d
2b217e1110eb30ab95f4650617bdd136996ad9547f5bacfada3c6704874a6e3e
2b90695fcb7d616d9614711b7425564093d426acb6f38ea9a6122fc355054d7c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fbae60bd2c5fed95215cf55c261f3600de7d533c123377547a1273475255e51
306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a
307870ffa14933218396c5b286cfcdfdf82d2c086a6683f1d5eee0e3474f8b78
33a6e8e90248fa8f50908bb96043603e1ff9f87099532e342c611100818dfb46
35040c45a22ad6d3dbb05e5e7f9860d7833340defa46ad39afa7ac3d5982e59c
387a24eba1d0ec72de48c07da1e702c82ec6d21dbf50bc3fd0c70d34534117f4
398cf020437e1ae1ae467570864c2ff8a5a60b52bf4e60964ff767b9eeb2a09e
39d0fd9943a1069718bb60c51587b8a2b7711d562766565fafd8ac6050e44cdb
3a060fa10e3a561546de2f2893019c312e559e4dd5d918e5d3cfe85488a0c1a3
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c8c497862985eceb10e1b15204723018ea888199f13e30f28191379c2355c35
3f019692d116d705c8dd2b46201276f31c0963caab069da0a789f10935e6be17
401f27c1231fa2c6521f3ef34c35501129f9a1b80431acd133b086ca97a44dae
417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77
426abaacef5963d5c7868178ef4e7e062cad87f793f3fb18ced0fca05937febf
433d4360b965818dbc575bf820d459881c6ddff7be1a5b7c84fbbd31d06b6755
43e36249e360515a38cfc9b02e137404deeb30fd9c36bf6a34f69b108a36e839
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
49b17617bdd0746bb68bde695e970a5228777a5247b9fc9793e088bd9b3eafc9
4b01f1d4f25f792a5aeaf377e16c55ac53a94ea3e5696d98ee6de29e74934d07
4b9278d6c532856fe45e8d1d89f6dd05a3c5a58117af23468143437ec6796225
4dcd1f8e4969e28fdbdb5e6294be4b2dbf14805d2eab1b4d4fb9afd1498bd92b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5243470d2be31f9aaf768f030f06b894aad081801460b75f6b396aca06fd8dda
52d4b646471724fe2c7622d7163dd3a04e8373fec809253a06b2bd91322b2383
54c6bf232517d485ab7b1f05b811e732fe2203c5e3804d69d4d0adf74cfbdf83
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223
5eada88b2579d5a38393f58cfd7bea6f8386c3baad4103471e1b098a736daf39
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4
62c4dfeaffbdce7e5e0a6da60f69d9f8eb231a508eee8c2389b4f8bb6bc63e3c
69e3cc6ecc85577ba972970520d0a4abc0c253ad2b714ac4ed0429025bf959ba
6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8ea1db2ee81ff3ac3de6a2c22eb8d1ad49e7c2fa11fd49bfa95f3d8c8a98f1
6d0e83e2b334f34aafcbb4fc618c336353f980a10ce712202cc1a71b8d153f8a
6e1003dd31684349e0d97d9f8e03f7578af1755a2e5dc386a15f10ef6805d868
70c3ba784acca2ff0dd2c904ec4141f7d047134c221c10fe67ee89af3124f686
70cf5635dd38c801dfab033f852f0eea3cc63a148f47be16855705c495af385b
7148bc21f3607804de61641a2fbcaef4898923cf112dc206085497556c938006
717f64a3d076670980a6f9fb174d2140f64c9b22069a99bc487936ab2946fb7b
721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea
732b8383e938e3c1cd52ad1b39ed9d8649ca3a5c9acd67fc55a237064ccb2a26
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
745cd249aa9496dd24c88ae597827d4e82ea76e53eeb890fb85ce2a56a4863d8
7523c6178bc8af066c135d6dfb7191d269d486581c0032fefa46f8278a45a6e5
7584c10ead5aaee899829f17436f556b074eeb8d6ab96f1805b1d7a5fe5a3a49
78dccc17c6aae34a53eedb8eaf364fac37919a1960961705fa20ee8bf80def81
78fa740b517c49d5ae7a5661324e5e3f0ae0cdc686602342ae96f0bf1961e500
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7aba1186b73911d9422fbdef504b34963dc896c16c53daacb94c06d304b3653c
7c2437368d584d50506e86b8c4a603b3db672aaf71973e98d23e57796fdd48b4
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
814b03088e76da2284b3da0dc507c9128f024a958d54eb187149df085d0f0149
821250767bd50524ed67253ee376cdf68171e1ae23439b99feee338bd330e023
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
84ba4448da399ff7fec6460be55426bc6fe6b5b9511da3eb4d049dd4f98723eb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
86349ac8bdc9fc286891cb136cd4504d1a43aee11d6cab771fef85d65bbff4be
863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1
8a8b7a584816c18bde614bf83972afca3c729e0838d264a8808ad131e1008cba
8e3403b31ac01828040b94fce94376d468f5e792f049fd14c343aebb59666d05
8e4e37bb43251edf5529629ab7723dca4abd95cf647b1b982691bf8bc1582b13
8ef0511010576851872bfece2d54ac4966c569b7cb7302b339453f6e3a3fdacd
8f90ca8086e3a8827af8a77f407a2a9533d6c507b22c369f8741b6b83133db66
8fc9caebdbd3c806b3b9e5dacf22f17beb9ff689d9fa39c813187c9551aef4e9
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
90285159d99fd521affa03a3d6a6623343cdd8364f9e9d029a316cc7486c402a
905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4
90ae02b9cb1f71c8a81d7a4144030b14c41dc35032c88f1f77077ca49057f046
90d6848aaa2bf0aac1fc5852d38aaea7f8f69b05c830390d7bb1488dbea5e0b3
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9433e12c60d527ae1ca8a4b35cb20ed5047b10685a15fe9b1c64f753cc704b22
953af01affd97621869fdb141a98da9fd0e2a1417ae0e3f27c0c3cd49032f5af
95496ca3ede696d642cbd818643834d0aa556c690dc4565e5576ed3b5dcd11a0
966d5583825259f5acafdb1f02024fc2399fac2275e9e796d454a534013f84bf
96aacb896bfb0120ff20bf9c7f4ac233cadd0da2da9cc0d45ffba5b0cb228fc0
980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd35cc4401a0578e841358a217037ef301fc9e13b24283f3aea8c1531a7b127
9bd4667051083414e6918c646422069fdd0292fb55aff0e8b807ec4fbb496c09
9d4f2661929f711ef9c750769581e09eb846559685aece2f7ae9d6ea6314508f
9e9b05e5c8c113f2f1455100df8c7672b9da25c21ab5cdafe2ed64867e54ad10
9eac97ead5cbc5b0d0e26d7bbb71aa023fa12acdfa121a5c06cb050284f7ee27
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a27cbfc2213236a7d92860429dbbf1eede2002978cb1353c77716126eff0ac2b
a2f45ef83c69197060e287517c16df9cc502e35157e11c264cc8ed7765b832d1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5fbcee8b913220df7e5e701d1dba54f06aabe3394fa2b7fd950f65f44e653e6
a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e
abcab953b71c7c1b5dad1b94c08f7a638f23a36ddfe6c820ae6b0a6bfe0bf77c
ac3eeca60942d529397f7ff150518325e4557841bdb18c005e06014414049cd5
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad44ef6451353b0c8f82201b360e7f26081ae82976d23b7e2b5aa3cb598a1404
ad4ecaaee5f8f96b64a28263a8bca25f2531d0f78fa690f76dcd484c73dedcec
adb620ee37c3d37a2917a61950a2ec321a905b5a8d1aa96ea78a45c69bea0f6a
af8a5195147a1d810e1f51d7a70a35f25d351013d8e7c5d5049a164cd471ea60
b0b95bd7638811cda57f29081e92f7ee23c9becc762cf53b224f6e9c292bf2d4
b214b1960b294d5c4044229402ee812c39e60f148adb6ccbe8d7beeb95e339fa
b2ff60d3b1b11151cb6e05ef063e4c607501ba1b4af8a7a0e733e648e07bbae9
b34f1321f23b0654b46a9b843808724e531a1dcc1e857791577b6ed596f33cc7
b53381303a6bc0505e09d23f4c49c2e48e90493b8b78b9f7372682d0d27ac5e3
b5bda00a5ec63e26748b9f40cf1356b3823db279199d74813874255c748657d2
b5db35a2e9ec40eea7817702e18c35b63fcfbf51e360fea3b13009268d55b05e
b617223941d8f01293957124226dbfef7c815b1b5674222831d06383c56469c0
b646254c38519b4d5de682f9ac8ba2871e87f8a4e2941b7c991245796af87f5f
b8b0f6d014a6aa8c6fddcbbbf72b5f76a9c2f4f2776675455f4e49727f8b5634
b9ea87a15858e15ffa66cbc11f70b38c07bb42e54cebe376daed008f9797ab10
b9f86a6b444db2db30a5f282abed5dff3e9f5c4e4050edb828159eb3e4bbf326
ba5778135c0d9d70f2b481f1f97fc2931aa772070653326bb4fc1cfa8caf52a7
ba81575d1851b2329568f5c45eb680a78779c551510c6a41cf469b840b30a0e1
bac7fdfa05f066e43d812aa72dee270c6292c5c36a1b379f6952a18905e07aea
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c1c9a62d606eeb1adf03687f31b32e2f73d52108fba102965b296da39bea9533
c24cc889553f5aab2f690d53a52bfa7c65d57f3fc7053278b933ca3523865c89
c2b6ac1099559f5403bed316b0c1272efb0b6adfa66f43bddba9ade1e2739f9d
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c3ab0e3b33d9d8629c5d476b3b1a50b751c6fa8cf19192382ec623ccb8faeec4
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3d51a1715f24f92931d3943e76ef6497699eae9416a56a041e15767c40da15b
c5188a8f33fbb436c1cee4016b445aa5680c35ed430c0fe92e78650403bcb509
c64562e022703ad663cdef6d4176f2b7b5dcf7647bed3cb3bf64d79e89fa4ef6
c69e528427c8218cb4bc5fe647db3366146403d53593a3f96482479a14eca234
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c95757e1aa6783796e37ed7d409d3828e765017579664a1addb24a4f774f547b
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
c986e944563550b0e775551e4d18fa43ca0e0eccd97593a36f80b38635c7b0d4
c98a4fb705eeb1aa45aa3187b52dcb648379f0d31aaf8bbc6ade524267326da3
c98f6757ff5ec7a52324f1a5d79df9318dec6930814dd1c94da07f251e26081f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbcd4116f12539e1e298f25b8b48c1364fa427460f76e7e98f5b9cc84f9bb045
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd4a1945959373df60660d935adc75dd48f6eaf4f442c4d7abae6ba90827a971
cd67ee7ca8d8e8492d61c34033243e78d6f478551aaba5ee30367cc47c53f4e0
cd86e74f1fb2ecbdf19c9e23db2f9213001ecc7e40737a562d7b919391fbd4f3
cfadb071f1c8b7bf547bc6384603797cb8199b22e6fa2c62352625368899aae0
cfea56ae43b4bf295f24053fb772a67c26e1a7e40f4c54af80552f063c7416c4
d0460dfa53507eb6b050b3035d367ab5ddd0d2c7ccb31fe7a68fc6ac1cfbb2c2
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d35beef7565880725cd855c589f94ada193e28a77c03091ceff35693d371301c
d4a286dd7fcaba0afc93221067a05dbafed6bcd77e11dba1c4edab0e66a94220
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d73b123cd2ef3afda65cb6e76579341b1bb1f27faddb0dfc54875e7a05b0114b
d9196c9fa48d00c8fc345c3a2da0cf0bdd9cc35f1d7e8d9b4c53e3de04755514
d9369282c828335f45400c6c62faf94a6d95b2d4b839eb126db2341d5c904369
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
de2ea29625b3303dea1640cb771993d90d09b484c9857a4dc83e98af123fba8c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df699f56dab941fd9fbdeb804e143712e93ef190ea756bb4bdea8bdbc869c6bb
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e0774d23cf392d1cddade29911104cef31c88233d58c4451f7cc001ddf102c37
e08459c59f8e297697e056546ae0624160fe6a6055a8f1455b0c88e0e702e48c
e133a6e548998d84761bd97b428e6bde7deaf710bf2680cc0029763616f5b001
e25b2a3ae03d6577d99ac134cf69470643cf1f82070381369cee1f165e7481f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb238c7630ba8bd60ede523b57d4b3619086b3c54c04297662d2fddc65c6c4
e4119835228203de3978d98f27c2d326dd14f7d0fb412f9a05f4d1589cc83111
e4631d490c145371201806b625cdc220cff52cad4b995ac42c62aea80cf82397
e4f924eac92aa3cc4ea64f2891447e8bd3af49e1a5c0bcd04b7356e2f7f1c04c
e71d0a022f57311929fb9ed766c263631d49919e64c85326aeedc9a11c613101
e8cfa5abd83b58ff66423b3a04e94a9dcf0a2beca8ad2dbad90f395ed7497ef7
ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ecaea3a98a7bcc09c7b092a3263675f0360dd07db27b6550d1c80cf71488592f
ee2fbe0a1c5c5a427598a86fc8b061de7e6e6675f3e1c19a808c0d85b5539dca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16e1cb28067e3d13d953e07794d6b724aa73a2965e68ea7373259c1b8ec5dbf
f3147bfcdd9a4bea44229731b57d9c817653e18689148ecfdd3731d5ac90c4e2
f5027ece6fa5082e3668404f1ed69b8883b51b3e03cb43d2f98370c0b8629dfe
f8b03d71e7bdddfd266269c45fb7d204cb157f5581cea0adb93b815735c9d05f
f9f9512ae57b104255fac5d1443ea3a9c89e9c1ec1c3fcef5d2571fb41149aac
fa56af49433977037108c60e8496fca0d233b078a72f10d9a16a95ee029b0a65
fb4775089ecb485af391046549d2e1f25587e295fd814a61ae7c2c1fba03191c
fc7a34d9649e1ef0f17a6fd80b90bfb4575f47aaac8e257f23deebea53c3e52c
fd140742c354c506c7bb90f383e236b9b6886581b286fa810ebdd27540181846
fd338f829b37a85daaccdfd14453413263221708c477ff625bd998a16c7482f8
feaa469fe4eec30dea7fee1f7123821a7c45404a6e6df4202e733b2dd87265b9
fee2e6a6d1da0c81720666bad60f56e963168d93bbf9defb07fd8cceb68bacce
ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3
ff8ddb9ac6f4cdf5652092d06ed3bef42c1b6577750ca0450d63202038a9ed26
ff9f12ddafcc8a8e141d3a26721faada5ee1a4c93f50ee1987fedba0af4c933f

www.cidadesdomeubrasil.com.br Open in urlscan Pro 2606:4700:3037::ac43:c5fd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

417 Requests

99 %HTTPS

61 %IPv6

41 Domains

65 Subdomains

58 IPs

8 Countries

9644 kBTransfer

15992 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

417 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 25 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cidadesdomeubrasil.com.br Open in urlscan Pro
2606:4700:3037::ac43:c5fd Public Scan

Screenshot
Live screenshot

Full Image

417
Requests

99 %
HTTPS

61 %
IPv6

41
Domains

65
Subdomains

58
IPs

8
Countries

9644 kB
Transfer

15992 kB
Size

0
Cookies

417 HTTP transactions
25 data transactions