urlscan.io logo urlscan.io
SecurityTrails logo

peticaopublica.com Open in urlscan Pro
2606:4700:3033::6815:1426  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Effective URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Submission: On October 26 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 14 domains to perform 103 HTTP transactions. The main IP is 2606:4700:3033::6815:1426, located in United States and belongs to CLOUDFLARENET, US. The main domain is peticaopublica.com.
TLS certificate: Issued by E1 on October 15th 2023. Valid for: 3 months.
This is the only time peticaopublica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 14 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::12 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a02:2638:3::3 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
2 142.250.181.226 15169 (GOOGLE)
103 22
1    2606:4700:3031::ac43:bf4e (United States)

ASN13335 (CLOUDFLARENET, US)
peticaopublica.com
14    2606:4700:3033::6815:1426 (United States)

ASN13335 (CLOUDFLARENET, US)
peticaopublica.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
10    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
11    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
14    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
27 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
389 KB
16 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
csm.eu.criteo.net — Cisco Umbrella Rank: 7577
25 KB
15 peticaopublica.com
peticaopublica.com
103 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
122 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
146 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
65 KB
4 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 7499
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 8894
114 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
236 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 720
fonts.googleapis.com — Cisco Umbrella Rank: 113
95 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 11
865 B
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
www.googleadservices.com — Cisco Umbrella Rank: 178
608 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
region1.google-analytics.com — Cisco Umbrella Rank: 1878
21 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
89 KB
103 14
Domain Requested by
17 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
15 peticaopublica.com 2 redirects peticaopublica.com
14 static.criteo.net ads.eu.criteo.com
11 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com peticaopublica.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
9 www.googletagmanager.com peticaopublica.com
www.googletagmanager.com
4 www.gstatic.com googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
3 fonts.googleapis.com googleads.g.doubleclick.net
2 www.googleadservices.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 cat.nl3.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.facebook.com peticaopublica.com
connect.facebook.net
2 connect.facebook.net peticaopublica.com
connect.facebook.net
1 fonts.gstatic.com fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ajax.googleapis.com peticaopublica.com
103 21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
api.whatsapp.com
twitter.com
www.parlamento.pt
Subject Issuer Validity Valid
peticaopublica.com
E1		 2023-10-15 -
2024-01-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-04 -
2023-11-02		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Frame ID: 60C053864F2F6A120E059735847C7E58
Requests: 34 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fpeticaopublica.com&width=82&layout=button&action=like&size=large&share=false&height=82&appId=227435127401392
Frame ID: 51136869FE4BD9B3F7352F013B0B1FF0
Requests: 1 HTTP requests in this frame

Frame: https://peticaopublica.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Frame ID: 9A48FF366C64FF05876207050AA43097
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20190131/zrt_lookup.html
Frame ID: B38CC0537D2258F6B64D68B5B611FB4F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Frame ID: D55D362A815B87D89E51969E63ABA51B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&adk=1812271804&adf=3025194257&lmt=1698324398&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x540_l%7C308x540_r&format=0x0&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598103&bpp=4&bdt=510&idt=287&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=7835028558528&frm=20&pv=1&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=297
Frame ID: 3D6347A85C4C1D6C622D1F2088E8B674
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2FB9FA7A20B72D29A6055F553A77DB5A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0EDC4577DA300E03BB26A4C8871A1A5E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Frame ID: 76BDCE431FE06325D4B748972A526CB5
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7E7D47515BA47E693198928FF7147E5B
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uEGUI16AAOnYGPwlK_6DKCWs11KWA&u=%7CKZAay%2B6biTj7gVG8wKgn2a4m4ZNKNdmarx2ia7u4%2BlU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyEFE1rdvVCsaODxXBPCNVJbrLTtLbLydwupFEyA9CEUVCtbLHAKBXqv5mPmRXC9lQaAkggspYnDCZiH-ng-rBJkU7iuxtHa6lsAPesJ5cTu4RQ4U3Idh_iyyyHg-Ce3UmyTtYugoJGUboH0AEj3x1a_epUNkwXoWRWnHA9hq6YucMF2mTu1HzG7pKVZlfAReOoEaVWb5fx5wKlyCa0MtOMuoX_xGGzRDIsFYNn2epu_T1du9Cm-FcLJT6MiOPA2zp-nj--bLW64JM817b4viWRAMxhtpHL9kLTD0hlrILROUY4KxyIbPCISQ9KbnhIVrChARjmoACx6DF0PB99a6y-DA2GO7jBQ3KtrjrzmiRgjFKY_wwTIvWfmlo9er1HRFhFRJYltMy30GEdh9RldIhnG8oqvJMn4i1RwhdiAbW1EWmjQToaEiFGTm6z3P7yOIyrxac6vqaI8L0OM8WiXSuyPtmtJfLS9_lD0H3TfaBPgFUVcX1uBJVkEPgQHTXzP3GS5ZHqOcmq85rhgV_6MNt5fhEEsLXqxbLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKaUZzns6ZeGtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0L1tpThP0ERcjd6jB0PFJ19paFlw_6LSAh14Xmv_WX3AwF4Eah2IZ0yrd_Qzf2M1Basv0GeIGi2LRlNJfLPUUVfokXInKYZ3LnTabNT8tDul_muFTXcVK0kApfc4VxmBdOf8Cx8IdJNqpQa7SDvRX_pzb5YMifSUfwqPVtOb_OGr8NStmyYKKFjSpvvh7uXfqMOT6XVNN0HsCI7X_dOPSGO_0yMzTnfJ79scy2DtMZbNkW0I1L8ZHddT92vC8lUxIdtPbYHutOI24Wzt8RIPzogojgbeux6CySxpQzQkozWABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QzdjLH3v7FREVJ5tN0S9Xa9lxnA%26client%3Dca-pub-4672676048761329%26adurl%3D
Frame ID: FE808D40F393F40EEFD7A8EF562E3C98
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uIGUI16AAOnYJzr91s1JeS-9ANzJA&u=%7CKZAay%2B6biTgRF%2BUp9t9rKDsUhdJkJCnnQbxYVettZH8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyHiQdXBm1N4jpZltslEHSQeBEh7p0LhkTDHqvpBBLOopjFAMy2aBSRFaEm57QWtwrRwAZb2HmstEmPF6bJXlW8bd2e9l88LMvvJBdWXo8j33hkRJDCaX3J4JEvXG9kl4ksrb2crTd-lTc0hTmeV-ca7-Juq-Ey8QWTh1MPfVbvWHzrbFVE37w3br7bFItDCaYIaqaZOEth9Fyu4aIn6VOXXxp5IEtVMv6v08bBeGp4Roe2SV7kwRp0oPSBTWI88VWGj_NXfNZ3PY0SN3dQUsJX36JlY98j-ZydPAiWa-hFGwoVxhTjdLkaNm1m4BfVojp5Kbq8pROUNlfDYYTfLKzHY4MofNEdYPgSGIMZhqrKUeA9bmPCPRkatfdIp8AzUHuAanBg0zJ-5t-R-nvyNb4-Pfn7gnSLTzAxDZ6_Nw_hrQlSTm6eELeBnFJtigkwLsWXE4P9OioIa9Y3JmfQgMy6mr0xl30wX8CYAB29SEFz6n2lRfVVop42nAQ6G1lyBWy2E8wqKwWbmrE8cnRJsYsHc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-9qzns6ZeKtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0IkjTANHwPfecSETwuhjUN4_cyUDbQtnImNVF7LEHiS0rlCC5kcr5pDbCcco1csTX17-HtgOiGKwjtasHQqMUGMEAlXi5v13iHORF2jNL-uvZTkablvsH9B994h6B4poG8rIf3cKCJQNvFtbz0hry1VLdO9SkXETrvZZ8TAGPnI_obvk46vIBlSEbM-579HeP3fUrOecmP2pmzBh1Mjbtgzt3mJOCjFO-mZc4_d3R9lK87Ea5ivbDBJZAjLIWmK4CoSIhkZqDQbcuStLvtNvDNtB4fC6j_LScTXrI0cSsbyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eBVPN6bDtHMmejwOTsvSgS6yIXQ%26client%3Dca-pub-4672676048761329%26adurl%3D
Frame ID: E47CB160B1F5F32B471701FCC6DD288E
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C1FBA63250B82439DE8F47DD203F6F3F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EF59417ED75D43AD4E3339643A021A3E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/goqpW93bp9aeFbbQx7VuMcxuxw-E00l_j_Kc0hv6SrY.js
Frame ID: 791375D3E037D5BA2001A1C6D498ED5C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/goqpW93bp9aeFbbQx7VuMcxuxw-E00l_j_Kc0hv6SrY.js
Frame ID: 397C20F584B48F0129CBC3511A98196D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CB320892F0059852420722B33C4260E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 43242B9B4A0E207177FE517394E16458
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Divulgar : Petição Pública

Page URL History Show full URLs

  1. http://peticaopublica.com/confirm.aspx?id=117993,374771,92897 HTTP 301
    https://peticaopublica.com/confirm.aspx?id=117993,374771,92897 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

98 %
HTTPS

91 %
IPv6

14
Domains

21
Subdomains

22
IPs

3
Countries

1407 kB
Transfer

3867 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://peticaopublica.com/confirm.aspx?id=117993,374771,92897 HTTP 301
    https://peticaopublica.com/confirm.aspx?id=117993,374771,92897 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://peticaopublica.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://peticaopublica.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Request Chain 44
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 82
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 91
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CyALJzns6ZcuJGvaKwuIP3ImCyAbBzLroc-yR0ayoEcCNtwEQASCB7ooKYJX68IGMB6AB7fK2pAPIAQGpAuU803kfsbE-qAMByAPDBKoE4gFP0Mw2fcDTTFzw3dCtSBIeiZWCm_ObUeHAR3OlozbEVXu526ekroUCErzWvl4sxps1yiRbfGY80hklf5TYX4WzHfV-x68dwbNBHhbU658pd-di21gVJFSKjsNNnSQKJu7R4ISZi8DbTuFgD2rfXqiwMek7ccVTllLVEJn9YONLyFUIXhyr60ossAc5v7pkvWnirKUzTDpRh5MOpf8mAHWOlQ8BBqcQuZ4irvTzyXhD9CkH80DjwbGFlX-HRWcHUTM-xBqPwPNNHHwb543bAEoW-_euWMbyL3wHvVGva4vlUNfxwASn6er_swSIBev9oehLkgUECAQYAZIFBAgFGASgBmaAB_uMyVuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRDQh4gB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJImh0dHBzOi8vd3d3LmthdGFsb2dkcnVjay1iZXJsaW4uZGWACgHICwGiDAwqCgoI5LSxAu61sQLYEw2IFAPQFQGAFwGyFxwKGggAEhRwdWItNDY3MjY3NjA0ODc2MTMyORgA&sigh=UVDUhkzzVfo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNRKeXNVw0V39TEQitsC-7NtXEpYpaiwUKaVIK0dEaLmB_0I6ZpP11Il8nhU1m6rnrXlmxxoicF-yH8hkr6ZkCmnWSzQwwGRgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225901375134922459469%22,%22debug_reporting%22:true,%22destination%22:%22https://katalogdruck-berlin.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22881703277%22],%224%22:[%2210-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214162629318992714913%22}&andc=true

103 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request confirm.aspx
peticaopublica.com/
Redirect Chain
  • http://peticaopublica.com/confirm.aspx?id=117993,374771,92897
  • https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06791fb5b0dfc1198551e43af58f5c598b7c7a79a108285d53e734cc3901efff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
81c37d644fd81957-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 26 Oct 2023 14:46:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vr%2B6zFpV53HtC6m5tsaIdpaVO7z8TLS2nmUrr8qvFzLMYnMnyCNFeHtl%2FduH440FzOe57NekskTGRIvaFxC4oDUA9WQzFYLaRdy5O3FdKRvdaJJtr1rV4UwcEVz%2BPkaU1sbCbVGOFNEFIHcg0V9F%2Bjw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
81c37d639f499c0a-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 26 Oct 2023 14:46:37 GMT
Expires
Thu, 26 Oct 2023 15:46:37 GMT
Location
https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLh4jZAQ%2Bs5h7WlSrry%2BXKZ3%2BnU59J0inH33aeaNI6uC6a9TGDeO54WZPi3aWdsfHjB1ougJa4mDwhuPGvohC5Jf9Y3y12tt8orCdA3d9a7bIxPRVWI1ojHuY8D%2FEqGoHEdpMriMSrBSLVz%2Br%2B%2BJ%2BRs%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
ppstyle_beta.css
peticaopublica.com/css/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peticaopublica.com/css/ppstyle_beta.css?v=20140131
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0544f34dc517eb791e50ec51ea4f991fe553b31332afcc3c9c8c0b0cbbab6b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:37 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 25 Nov 2015 22:44:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"8073ee5d227d11:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDrOb7EhxMDINBSncm0Gyml1O23WERclsn119Z5qWKuDY9oYMnHAFFpcqQXdBk078xlBmIkWMYB0d6to7iUQuCC4hgy82NR65ez7MYbq3wnJy0lc1fVXLzx22sssxXa8DhYU61cQMGS7B6SWyn2zqAE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
81c37d6508f01957-FRA
alt-svc
h3=":443"; ma=86400
colorbox.css
peticaopublica.com/scripts/colorbox/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peticaopublica.com/scripts/colorbox/colorbox.css
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
086cfe73cc11df12e47f10d558660a959adcbaca1ba46c932a1af2b48d5c6d07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 May 2013 18:07:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5873
etag
W/"35d9247ce5bce1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXCg%2BF3OZwdyLd%2FFczJs9c9bdtsx0bXXF0lsl9FMrd8UDT8HWy4XnBIZ33sta50FsBRzd5VPkQecPp4osqxjEQy0xfMi7KG1NugKAekC6oElhEBIcwflrL9bzTm4zcv%2FaPLRT0xQAshK2B0qLD6sGVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
81c37d6508f41957-FRA
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.1/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:22:41 GMT
x-content-type-options
nosniff
age
66236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92792
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Oct 2024 20:22:41 GMT
jquery.colorbox-min.js
peticaopublica.com/scripts/colorbox/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://peticaopublica.com/scripts/colorbox/jquery.colorbox-min.js
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c39e92f64292b166660818b969ea326e7f154e80aa9d0217b81188891604d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 May 2013 17:11:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2854
etag
W/"d381f76c65bce1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLtc2OehB%2Fj3X5l9IqshmAtEmUrz2Q%2FMHt1Ur7JqrtGWr4uD%2F7sJ1ANiY7lS1xdg3U2MOzhPNIJAI3LguWI94HeYn3nRWUQsJvgTBGSrhZO77XPFQu3IGiWNQO92X4Txs35sSI788Ii4b7zIIsea4b4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
81c37d6508f61957-FRA
alt-svc
h3=":443"; ma=86400
fbloginv2.js
peticaopublica.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://peticaopublica.com/scripts/fbloginv2.js
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7c7dcb3ee2357d5700144a128d0d95a3fb0589cb605eabf4a31355096dfda3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 22:02:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2843
etag
W/"996a4fb56eb0d51:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XCXUXw7QtQ2Sg601KySBmdShZ9jZd1zNb50ZxeGkoevE8otDkzgpZMgSLy2tVLHnNoHvxzC0LBF%2Fj2D%2BDUUo5%2BRLFn7WEi7wEZCs2%2BJqrYJfwYeG5v1ogJeHjnL36de85kbtvD9PXcI%2FCeg3awNECY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
81c37d6508fd1957-FRA
alt-svc
h3=":443"; ma=86400
logoPetitionpt-pt.gif
peticaopublica.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peticaopublica.com/images/logoPetitionpt-pt.gif
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8839219bab2d7ad9d107cc27029210b4b7a82ea45ceaecd46e4b7d4ebd2f7825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:37 GMT
cf-cache-status
HIT
last-modified
Tue, 28 May 2013 17:11:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5623
etag
"a8ab8b73c65bce1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxJEUl8cJfByGaPxYbLySufa%2Ba%2BZJPwvyuwh8QwU0ejOJTBXSXs8wdUOsUvnakubM%2B%2F0lNeQmcKIlA5IRxcnKGIO5PkJxvaXOlUBuXZCWT6V5gD%2F0kb%2Flk13joDOfdpAjy%2B9sOFjLi0WdjUeqX4znNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81c37d6509041957-FRA
alt-svc
h3=":443"; ma=86400
content-length
7786
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db16faa30420da6feaded1b701cec270e74830d85bbca5187b046faeb4ae80c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51391
x-xss-protection
0
server
cafe
etag
1455892364243449583
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 14:46:37 GMT
iconSignPetition.png
peticaopublica.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peticaopublica.com/images/iconSignPetition.png
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8448835e3df21d9484bebbf99f8dcc9876fb081cb296f40104109cd4f13184b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:37 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 03 Jan 2014 00:17:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b344ad34198cf1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57EIbVGB9RZTNRAJ7lUovCp9csWmTQtGgBz6Oc3QGOQMxeA1OXQISDLyLcYfhwtuflo2rskALeW75lldFej2%2BYKYGqB5fbWCgw0bJ%2FVb4jDex9OacID8Eb5l7laJ5F7V1NZi%2FIxOXa3ZjLBa7Xd0RpI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81c37d6509071957-FRA
alt-svc
h3=":443"; ma=86400
content-length
2000
117993_1.jpg
peticaopublica.com/imagespet/pt/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peticaopublica.com/imagespet/pt/117993_1.jpg
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
185046ed45e3d5a0a5b2a2230f02e7fc2996dbb7c0854ac5b4e70869da9863be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:37 GMT
cf-cache-status
HIT
last-modified
Mon, 09 Oct 2023 14:08:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4982
etag
"dd6a2ffbafad91:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14WBx7xDHGBBOICTlmAAJgBT8Wmmo0NZ0EMLdn5FrpiD%2BdD%2Fl0KxCnbkeEYw8S%2FHtY5Wk%2FbY%2BgPuKdoVDRI21J2lQtoM5TCCz6mpgSZmd7WBn0Z8%2BVkqqi1hYl87ZKj439X5mTya5QsK%2BoPWWBfWGl4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81c37d6559611957-FRA
alt-svc
h3=":443"; ma=86400
content-length
25089
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-4269839-28
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07bd1ea24fbc2f0607872574fee322a9635fcb444939d100d382173b8a9bb4f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68604
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 26 Oct 2023 14:46:38 GMT
sdk.js
connect.facebook.net/pt_PT/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_PT/sdk.js
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45b83f73cac7b8cb54c6d1244f731859cb68e95f9aec6ca50a9e231cd6d30c68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 14:46:37 GMT
content-md5
nsqbDwUVJvslmM5gtDu5sg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
reporting-endpoints
x-fb-debug
cFE3y3x9g/TNi1cr/8JF1ioRsyF//6fCqPLdXjQTXBKiv5E55aCYvFU7XbCOV1wsWoAyBFeBnUeZ2sBIJ46vRg==
x-fb-content-md5
ad64f75dabf7523bd9e0c92ce5f0a48a
cross-origin-opener-policy
same-origin-allow-popups
etag
"21b739ac149f180b633796c946877f77"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 26 Oct 2023 14:52:02 GMT
like.php
www.facebook.com/plugins/ Frame 5113 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fpeticaopublica.com&width=82&layout=button&action=like&size=large&share=false&height=82&appId=227435127401392
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://peticaopublica.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 26 Oct 2023 14:46:38 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
9gPPXAmBbIbDkcBPGYrDS5MGy/A1WzdXFK27nxVSejVRKgYObubesMc9kOD0pj+4N5Heo89/x3MeiHIvAc2S3w==
x-xss-protection
0
iconMagGlassSearch.png
peticaopublica.com/images/ 		511 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peticaopublica.com/images/iconMagGlassSearch.png
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/css/ppstyle_beta.css?v=20140131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8748e9ab61535e63c1fe67c381c01fd5967e0f35f3c1e9c3ddf3f5fb933f063b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/css/ppstyle_beta.css?v=20140131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 28 May 2013 17:11:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"dcb12773c65bce1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F369b8qpbmHDPXCRsNDqgTiR3dAjmfbkgef3z%2BoN3xrHIZfr9J%2FCtyUPjGAtQvFLRs0U43HPQmV6JQgqXA2rc8dzTayCXA5RhEh%2BPkmWN6aoFiG1QCUCI0LjBsDAp11YuQ6fGbf5E9mGZAvJjoPPeZk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81c37d671f989164-FRA
alt-svc
h3=":443"; ma=86400
content-length
511
bgpaperGreen.png
peticaopublica.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peticaopublica.com/images/bgpaperGreen.png
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/css/ppstyle_beta.css?v=20140131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf453d72100bfb884b3fef301389b289060a0fc89f94b01fef0ad2fb7c07246e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/css/ppstyle_beta.css?v=20140131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 28 May 2013 17:11:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4cdf9872c65bce1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm0mZUUDtnQH4ucCLvDcwepKgLhzXa4Ersk5RQlTLMxCjCdVKxki5nHq6PsrOocpjTtry0kgQvbmRW8ngKXOkI8mRZAE4WELrag9yprO%2BhNYF2hIdJNMkYhe79tn0W89UzQb%2FjP8DTG4lPcU3J2FQmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81c37d671f9c9164-FRA
alt-svc
h3=":443"; ma=86400
content-length
9999
iconssharesprite.png
peticaopublica.com/images/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peticaopublica.com/images/iconssharesprite.png
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/css/ppstyle_beta.css?v=20140131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f0ffaec03631fe89c3f8891054f8a1342c66c3bc2461362e9cd5962ef8b40c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/css/ppstyle_beta.css?v=20140131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 03 Jan 2014 00:17:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"eb606f34198cf1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E07syA7jsE2BjX5hLJvjfGEsWlHaKXkLeMvCENPcjjnlXDEjzj9oa55MHB8HcCu34vDEbjufEpYmfQ4ikJCQ21Yn0J751J0%2BxjnrLyy1p3bBTOzSZjx9IwhbUIk9hqS88riX%2BDemvIu6tyqfKtgWacg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81c37d671f9d9164-FRA
alt-svc
h3=":443"; ma=86400
content-length
27703
main.js
peticaopublica.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/ Frame 9A48
Redirect Chain
  • https://peticaopublica.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://peticaopublica.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://peticaopublica.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H3
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c3ab03bf78509ac66a68d5ce65a948c70f03a3bef2d815655631c5e9e777960
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZy6mc7GVi68k5y%2BIPlchWvY2Vjv5xHZ2CsYbMuWiLCdn8Vp%2Boz3GTRYRHbV1d4inVpBl1qRItKHzn1qWs0QS2EEeMdU8A%2BzRuSVumsLk1cgSgXQIFgNwaxrOXI9w0KWLD%2Ba5wTRfPBhshnEGLtHFsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
81c37d67a8449164-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 26 Oct 2023 14:46:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8p8JViROj6TsjIBijc9ml0wO4fqcU91ajqgsQ0CrbbcfM1KaWH%2FRIldsaYvzd5ovRHfib48NjxtZXQcCIEXWhnr4yxFL1dnZ1Lb%2Bd%2B8W1pfxIM4G%2FXezS8h6ao7BvaYbhlQgxtIWnmBgU6TpurgM4FE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
cache-control
max-age=300, public
cf-ray
81c37d675fe49164-FRA
alt-svc
h3=":443"; ma=86400
sdk.js
connect.facebook.net/pt_PT/ 		302 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_PT/sdk.js?hash=c18b6794635a45e4007870a74fd22658
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_PT/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc14236ba1ec738e5560c7f06f36e79a49b1775ba8ece2c41788bc359f0b7025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://peticaopublica.com/
Origin
https://peticaopublica.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 14:46:38 GMT
content-md5
U0/xE+r8m2aJJhRqVVwJ2A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88349
reporting-endpoints
x-fb-debug
htdtzHXd7ydDzb3W3d9aGHAb6+20T7LW8yNqNmmoijys2spiMF+q0PJwu2o/9IIkUi/maF/3ANv6gnJ/m14oBQ==
x-fb-content-md5
970b4ef4024edef5bc7d04251a2bc75e
cross-origin-opener-policy
same-origin-allow-popups
etag
"111973ce97876f4582f0f55907da00f5"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 25 Oct 2024 14:09:04 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 		395 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4672676048761329&plah=peticaopublica.com&bust=31079150
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d96ca5e87eaf77e19fd327905435712cb078b430a41219cebc8014f17c58067d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137223
x-xss-protection
0
server
cafe
etag
1817080884537736024
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 14:46:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231024/r20190131/ Frame B38C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231024/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://peticaopublica.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
38306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 04:08:12 GMT
etag
4569948109300706969
expires
Thu, 09 Nov 2023 04:08:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
81c37d644fd81957
peticaopublica.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 9A48 		0
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://peticaopublica.com/cdn-cgi/challenge-platform/h/g/jsd/r/81c37d644fd81957
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shuzTAXnwprby8kJSlZ%2FqkPxTBuwUSoeg2LUfVI5E%2BGnw2pmhhKH%2BO27yKgPFr3qtBmOIu9ctl6H%2FODszuVFBUG0EgrpI6fn8ANORPMao0jHF7y5SIkYvsU4sC%2FOV8V1PxaW8HhqZ4EwaQfquHqi1Gc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
81c37d690a259164-FRA
alt-svc
h3=":443"; ma=86400
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=227435127401392&input_token&origin=1&redirect_uri=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_PT/sdk.js?hash=c18b6794635a45e4007870a74fd22658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 26 Oct 2023 14:46:38 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
+kKKMW8wrQQEYnE5+8pZUx4soZencRdXBuuSev5whldcpkyhJiiYVzMWVLN9ZwMGoDfDkV4o1YfQfwAEPndS6w==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://peticaopublica.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C7TBNGVBZJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4269839-28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
664609a62cdae9fa081c232bdf25cb136847488c7c84134982c99f3f4edcb99e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80162
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 26 Oct 2023 14:46:38 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4269839-28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 13:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3305
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 26 Oct 2023 15:51:33 GMT
a
www.googletagmanager.com/ 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-4269839-28&v=3&t=t&pid=1261404545&cv=1&rv=3ap0&tc=5&x=2&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=peticaopublica.com%2Fconfirm.aspx&tdp=UA-4269839-28;;0;0;0&z=0
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=UA-4269839-28&v=3&t=t&pid=1261404545&cv=1&rv=3ap0&tc=5&x=2&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=peticaopublica.com%2Fconfirm.aspx&tdp=UA-4269839-28;;0;0;0&z=0
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 14:46:38 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-4269839-28&v=3&t=t&pid=1261404545&cv=1&rv=3ap0&tc=5&x=2&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2ccdgalast&z=0
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-4269839-28&v=3&t=t&pid=1261404545&cv=1&rv=3ap0&tc=5&x=2&es=1&e=gtag.config&eid=1&h=Ag&tr=1rep.1zone&ti=1rep.1zone&z=0
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-4269839-28&v=3&t=t&pid=1261404545&cv=1&rv=3ap0&tc=5&x=2&es=1&e=gtag.config&eid=2&h=Ag&epr=1UA&z=0
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-4269839-28&v=3&t=t&pid=1261404545&cv=1&rv=3ap0&tc=5&x=2&es=1&e=gtm.dom&eid=3&h=Ag&z=0
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie.js
partner.googleadservices.com/gampad/ 		403 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=peticaopublica.com&callback=_gfp_s_&client=ca-pub-4672676048761329
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4672676048761329&plah=peticaopublica.com&bust=31079150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a1ee72441962e248a5af7e310083e3463bc2a5f515cca7d9ef88d24d73b9af8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
256
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D55D 		126 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4672676048761329&plah=peticaopublica.com&bust=31079150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5abca46a95c8e6acbfdca56af0c47590fe284a66b8de14c308199c40c57e9881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://peticaopublica.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 14:46:38 GMT
expires
Thu, 26 Oct 2023 14:46:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3D63 		314 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&adk=1812271804&adf=3025194257&lmt=1698324398&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x540_l%7C308x540_r&format=0x0&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598103&bpp=4&bdt=510&idt=287&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=7835028558528&frm=20&pv=1&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=297
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4672676048761329&plah=peticaopublica.com&bust=31079150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3cdff6962b6f2100c8004186cc7a05391807f361c0bb1142e27cd87f0f1bc166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://peticaopublica.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
64560
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 14:46:38 GMT
expires
Thu, 26 Oct 2023 14:46:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-C7TBNGVBZJ&gtm=45je3an0v9119077083&_p=1434727141&gcd=11l1l1l1l1&cid=1381629901.1698331598&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1698331598&sct=1&seg=0&dl=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&dt=Divulgar%20%3A%20Peti%C3%A7%C3%A3o%20P%C3%BAblica&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C7TBNGVBZJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 14:46:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://peticaopublica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1434727141&t=pageview&_s=1&dl=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&ul=en-us&de=UTF-8&dt=Divulgar%20%3A%20Peti%C3%A7%C3%A3o%20P%C3%BAblica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=984962713&gjid=1645583155&cid=1381629901.1698331598&tid=UA-4269839-28&_gid=1295838011.1698331598&_r=1&gtm=457e3ap0h2&gcd=11l1l1l1l1&jsscut=1&z=1586082186
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://peticaopublica.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 14:46:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://peticaopublica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame D55D 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 14:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 12:59:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Oct 2023 14:46:39 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame D55D 		2 KB
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
46153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/ Frame D55D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
46153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame D55D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 10:01:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
17139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 10:01:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame D55D 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
46153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D55D 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 14:46:39 GMT
b043ffb3bb2c6d533211f24c7a1dfd38.js
www.gstatic.com/mysidia/ Frame D55D 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b043ffb3bb2c6d533211f24c7a1dfd38.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 14:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15030
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 00:39:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Jan 2024 14:24:05 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2FB9 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 14:23:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D55D 		161 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 		159 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/reactive_library_fy2021.js?bust=31079150
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4672676048761329&plah=peticaopublica.com&bust=31079150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0902292cfb4cca347abda4ed02ef6738418370c954bc80e7f43ce4d948fbeaf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55371
x-xss-protection
0
server
cafe
etag
17013929660572028110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 14:46:39 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2FB9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 14:46:39 GMT
expires
Thu, 26 Oct 2023 14:46:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 14:46:39 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D55D 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfbf4966205b930564c9a24a46b6697b4aca54e9f3caaee16984041a8c05a57f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/ Frame 0EDC 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4672676048761329&plah=peticaopublica.com&bust=31079150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://peticaopublica.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
40361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 03:33:58 GMT
etag
4569948109300706969
expires
Thu, 09 Nov 2023 03:33:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/ Frame 76BD 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4672676048761329&plah=peticaopublica.com&bust=31079150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://peticaopublica.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
40361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 03:33:58 GMT
etag
4569948109300706969
expires
Thu, 09 Nov 2023 03:33:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/ Frame 7E7D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4672676048761329&plah=peticaopublica.com&bust=31079150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://peticaopublica.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
40361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 03:33:58 GMT
etag
4569948109300706969
expires
Thu, 09 Nov 2023 03:33:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 0EDC 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 14:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 13:00:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Oct 2023 14:46:39 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0EDC 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 15:33:28 GMT
x-content-type-options
nosniff
age
429191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 20 Oct 2024 15:33:28 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0EDC 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 09:35:28 GMT
x-content-type-options
nosniff
age
364271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 21 Oct 2024 09:35:28 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/elements/html/ Frame 0EDC 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1cc933a2cffa5971635779412d5ea0fcd6d3d7950271c6784c5e44c0a76c8beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:21:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
44720
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6584
x-xss-protection
0
server
cafe
etag
17761768058797188040
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 02:21:19 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/elements/html/ Frame 0EDC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
46153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8598
x-xss-protection
0
server
cafe
etag
10300645532664441910
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame FE80 		195 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uEGUI16AAOnYGPwlK_6DKCWs11KWA&u=%7CKZAay%2B6biTj7gVG8wKgn2a4m4ZNKNdmarx2ia7u4%2BlU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyEFE1rdvVCsaODxXBPCNVJbrLTtLbLydwupFEyA9CEUVCtbLHAKBXqv5mPmRXC9lQaAkggspYnDCZiH-ng-rBJkU7iuxtHa6lsAPesJ5cTu4RQ4U3Idh_iyyyHg-Ce3UmyTtYugoJGUboH0AEj3x1a_epUNkwXoWRWnHA9hq6YucMF2mTu1HzG7pKVZlfAReOoEaVWb5fx5wKlyCa0MtOMuoX_xGGzRDIsFYNn2epu_T1du9Cm-FcLJT6MiOPA2zp-nj--bLW64JM817b4viWRAMxhtpHL9kLTD0hlrILROUY4KxyIbPCISQ9KbnhIVrChARjmoACx6DF0PB99a6y-DA2GO7jBQ3KtrjrzmiRgjFKY_wwTIvWfmlo9er1HRFhFRJYltMy30GEdh9RldIhnG8oqvJMn4i1RwhdiAbW1EWmjQToaEiFGTm6z3P7yOIyrxac6vqaI8L0OM8WiXSuyPtmtJfLS9_lD0H3TfaBPgFUVcX1uBJVkEPgQHTXzP3GS5ZHqOcmq85rhgV_6MNt5fhEEsLXqxbLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKaUZzns6ZeGtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0L1tpThP0ERcjd6jB0PFJ19paFlw_6LSAh14Xmv_WX3AwF4Eah2IZ0yrd_Qzf2M1Basv0GeIGi2LRlNJfLPUUVfokXInKYZ3LnTabNT8tDul_muFTXcVK0kApfc4VxmBdOf8Cx8IdJNqpQa7SDvRX_pzb5YMifSUfwqPVtOb_OGr8NStmyYKKFjSpvvh7uXfqMOT6XVNN0HsCI7X_dOPSGO_0yMzTnfJ79scy2DtMZbNkW0I1L8ZHddT92vC8lUxIdtPbYHutOI24Wzt8RIPzogojgbeux6CySxpQzQkozWABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QzdjLH3v7FREVJ5tN0S9Xa9lxnA%26client%3Dca-pub-4672676048761329%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3a00b214c7d48a6c5c85ce377933ba88b893610bbf739e2853a66f16db4f19e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 14:46:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dbIdISjhi_2JdFONR576XvMa4SMEXlnwgPIn-ZprJlrWoQiWBecxoXEBvyLp7ZT2uMcUQ7Q-AGZ6Em7fTX3pQUufZPH7kI1gaPnr3Nszx0v7VTY1B0RfX8O2iTk0A-wCYkHzNqKNBpXId2GYjhmPZt2X9Zt7gmBA5sikGV9cd3wY30VTPagS51Ep9jj0yBBRHOYwj-eQEsGvj0OA-izBPs7yGmll7X5yolYVIR8FR7nCAeAnW9rGivaxMcZd3n2M23_7aw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
69367819
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame 76BD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 10:01:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
17139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 10:01:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame 76BD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
46153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 76BD 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 14:46:39 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame E47C 		194 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uIGUI16AAOnYJzr91s1JeS-9ANzJA&u=%7CKZAay%2B6biTgRF%2BUp9t9rKDsUhdJkJCnnQbxYVettZH8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyHiQdXBm1N4jpZltslEHSQeBEh7p0LhkTDHqvpBBLOopjFAMy2aBSRFaEm57QWtwrRwAZb2HmstEmPF6bJXlW8bd2e9l88LMvvJBdWXo8j33hkRJDCaX3J4JEvXG9kl4ksrb2crTd-lTc0hTmeV-ca7-Juq-Ey8QWTh1MPfVbvWHzrbFVE37w3br7bFItDCaYIaqaZOEth9Fyu4aIn6VOXXxp5IEtVMv6v08bBeGp4Roe2SV7kwRp0oPSBTWI88VWGj_NXfNZ3PY0SN3dQUsJX36JlY98j-ZydPAiWa-hFGwoVxhTjdLkaNm1m4BfVojp5Kbq8pROUNlfDYYTfLKzHY4MofNEdYPgSGIMZhqrKUeA9bmPCPRkatfdIp8AzUHuAanBg0zJ-5t-R-nvyNb4-Pfn7gnSLTzAxDZ6_Nw_hrQlSTm6eELeBnFJtigkwLsWXE4P9OioIa9Y3JmfQgMy6mr0xl30wX8CYAB29SEFz6n2lRfVVop42nAQ6G1lyBWy2E8wqKwWbmrE8cnRJsYsHc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-9qzns6ZeKtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0IkjTANHwPfecSETwuhjUN4_cyUDbQtnImNVF7LEHiS0rlCC5kcr5pDbCcco1csTX17-HtgOiGKwjtasHQqMUGMEAlXi5v13iHORF2jNL-uvZTkablvsH9B994h6B4poG8rIf3cKCJQNvFtbz0hry1VLdO9SkXETrvZZ8TAGPnI_obvk46vIBlSEbM-579HeP3fUrOecmP2pmzBh1Mjbtgzt3mJOCjFO-mZc4_d3R9lK87Ea5ivbDBJZAjLIWmK4CoSIhkZqDQbcuStLvtNvDNtB4fC6j_LScTXrI0cSsbyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eBVPN6bDtHMmejwOTsvSgS6yIXQ%26client%3Dca-pub-4672676048761329%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0f809520f5e60b5c7d34c1bec3eac38b27f7c5e6c5622bb33f996437853b19cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 14:46:39 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=uD2w5Cjhi_2JdFONfP8CYV_Q31DZLoap3Nj4nzwNVLoh8CoDKTMQ0efFjnXPOw3DOGGtkWwhsIp9ZxcWfYbZovDhjwsM2vkEUMhOVPWrI7acgO5d25s23dd2rMiZgsVkleWbpYp1cHTfnYeWiJkT-BMX3TvUr_Q9_nG2cJw8oE-SdRAf-XoSgdnFCLiaiZS8t6N0keu9aqw5DG7zNAW9j7afpHsZ7JnLew0SMMjwwSMP06SJtqXhSWvT8HWnUhrk4Iqe9Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
67158723
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame 7E7D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 10:01:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
17139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 10:01:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame 7E7D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
46153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7E7D 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 14:46:39 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D55D 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 09:09:18 GMT
x-content-type-options
nosniff
age
193042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Oct 2024 09:09:18 GMT
css
fonts.googleapis.com/ Frame C1FB 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 12:54:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Oct 2023 14:46:40 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame C1FB 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
46154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/ Frame C1FB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
46154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EF59 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1362
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 14:23:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame C1FB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 10:01:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
17140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 10:01:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame C1FB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
46154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C1FB 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 14:46:40 GMT
b043ffb3bb2c6d533211f24c7a1dfd38.js
www.gstatic.com/mysidia/ Frame C1FB 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b043ffb3bb2c6d533211f24c7a1dfd38.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 14:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15030
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 00:39:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Jan 2024 14:24:05 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame E47C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uIGUI16AAOnYJzr91s1JeS-9ANzJA&u=%7CKZAay%2B6biTgRF%2BUp9t9rKDsUhdJkJCnnQbxYVettZH8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyHiQdXBm1N4jpZltslEHSQeBEh7p0LhkTDHqvpBBLOopjFAMy2aBSRFaEm57QWtwrRwAZb2HmstEmPF6bJXlW8bd2e9l88LMvvJBdWXo8j33hkRJDCaX3J4JEvXG9kl4ksrb2crTd-lTc0hTmeV-ca7-Juq-Ey8QWTh1MPfVbvWHzrbFVE37w3br7bFItDCaYIaqaZOEth9Fyu4aIn6VOXXxp5IEtVMv6v08bBeGp4Roe2SV7kwRp0oPSBTWI88VWGj_NXfNZ3PY0SN3dQUsJX36JlY98j-ZydPAiWa-hFGwoVxhTjdLkaNm1m4BfVojp5Kbq8pROUNlfDYYTfLKzHY4MofNEdYPgSGIMZhqrKUeA9bmPCPRkatfdIp8AzUHuAanBg0zJ-5t-R-nvyNb4-Pfn7gnSLTzAxDZ6_Nw_hrQlSTm6eELeBnFJtigkwLsWXE4P9OioIa9Y3JmfQgMy6mr0xl30wX8CYAB29SEFz6n2lRfVVop42nAQ6G1lyBWy2E8wqKwWbmrE8cnRJsYsHc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-9qzns6ZeKtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0IkjTANHwPfecSETwuhjUN4_cyUDbQtnImNVF7LEHiS0rlCC5kcr5pDbCcco1csTX17-HtgOiGKwjtasHQqMUGMEAlXi5v13iHORF2jNL-uvZTkablvsH9B994h6B4poG8rIf3cKCJQNvFtbz0hry1VLdO9SkXETrvZZ8TAGPnI_obvk46vIBlSEbM-579HeP3fUrOecmP2pmzBh1Mjbtgzt3mJOCjFO-mZc4_d3R9lK87Ea5ivbDBJZAjLIWmK4CoSIhkZqDQbcuStLvtNvDNtB4fC6j_LScTXrI0cSsbyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eBVPN6bDtHMmejwOTsvSgS6yIXQ%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 14:46:40 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame E47C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uIGUI16AAOnYJzr91s1JeS-9ANzJA&u=%7CKZAay%2B6biTgRF%2BUp9t9rKDsUhdJkJCnnQbxYVettZH8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyHiQdXBm1N4jpZltslEHSQeBEh7p0LhkTDHqvpBBLOopjFAMy2aBSRFaEm57QWtwrRwAZb2HmstEmPF6bJXlW8bd2e9l88LMvvJBdWXo8j33hkRJDCaX3J4JEvXG9kl4ksrb2crTd-lTc0hTmeV-ca7-Juq-Ey8QWTh1MPfVbvWHzrbFVE37w3br7bFItDCaYIaqaZOEth9Fyu4aIn6VOXXxp5IEtVMv6v08bBeGp4Roe2SV7kwRp0oPSBTWI88VWGj_NXfNZ3PY0SN3dQUsJX36JlY98j-ZydPAiWa-hFGwoVxhTjdLkaNm1m4BfVojp5Kbq8pROUNlfDYYTfLKzHY4MofNEdYPgSGIMZhqrKUeA9bmPCPRkatfdIp8AzUHuAanBg0zJ-5t-R-nvyNb4-Pfn7gnSLTzAxDZ6_Nw_hrQlSTm6eELeBnFJtigkwLsWXE4P9OioIa9Y3JmfQgMy6mr0xl30wX8CYAB29SEFz6n2lRfVVop42nAQ6G1lyBWy2E8wqKwWbmrE8cnRJsYsHc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-9qzns6ZeKtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0IkjTANHwPfecSETwuhjUN4_cyUDbQtnImNVF7LEHiS0rlCC5kcr5pDbCcco1csTX17-HtgOiGKwjtasHQqMUGMEAlXi5v13iHORF2jNL-uvZTkablvsH9B994h6B4poG8rIf3cKCJQNvFtbz0hry1VLdO9SkXETrvZZ8TAGPnI_obvk46vIBlSEbM-579HeP3fUrOecmP2pmzBh1Mjbtgzt3mJOCjFO-mZc4_d3R9lK87Ea5ivbDBJZAjLIWmK4CoSIhkZqDQbcuStLvtNvDNtB4fC6j_LScTXrI0cSsbyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eBVPN6bDtHMmejwOTsvSgS6yIXQ%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 14:46:40 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E47C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uIGUI16AAOnYJzr91s1JeS-9ANzJA&u=%7CKZAay%2B6biTgRF%2BUp9t9rKDsUhdJkJCnnQbxYVettZH8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyHiQdXBm1N4jpZltslEHSQeBEh7p0LhkTDHqvpBBLOopjFAMy2aBSRFaEm57QWtwrRwAZb2HmstEmPF6bJXlW8bd2e9l88LMvvJBdWXo8j33hkRJDCaX3J4JEvXG9kl4ksrb2crTd-lTc0hTmeV-ca7-Juq-Ey8QWTh1MPfVbvWHzrbFVE37w3br7bFItDCaYIaqaZOEth9Fyu4aIn6VOXXxp5IEtVMv6v08bBeGp4Roe2SV7kwRp0oPSBTWI88VWGj_NXfNZ3PY0SN3dQUsJX36JlY98j-ZydPAiWa-hFGwoVxhTjdLkaNm1m4BfVojp5Kbq8pROUNlfDYYTfLKzHY4MofNEdYPgSGIMZhqrKUeA9bmPCPRkatfdIp8AzUHuAanBg0zJ-5t-R-nvyNb4-Pfn7gnSLTzAxDZ6_Nw_hrQlSTm6eELeBnFJtigkwLsWXE4P9OioIa9Y3JmfQgMy6mr0xl30wX8CYAB29SEFz6n2lRfVVop42nAQ6G1lyBWy2E8wqKwWbmrE8cnRJsYsHc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-9qzns6ZeKtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0IkjTANHwPfecSETwuhjUN4_cyUDbQtnImNVF7LEHiS0rlCC5kcr5pDbCcco1csTX17-HtgOiGKwjtasHQqMUGMEAlXi5v13iHORF2jNL-uvZTkablvsH9B994h6B4poG8rIf3cKCJQNvFtbz0hry1VLdO9SkXETrvZZ8TAGPnI_obvk46vIBlSEbM-579HeP3fUrOecmP2pmzBh1Mjbtgzt3mJOCjFO-mZc4_d3R9lK87Ea5ivbDBJZAjLIWmK4CoSIhkZqDQbcuStLvtNvDNtB4fC6j_LScTXrI0cSsbyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eBVPN6bDtHMmejwOTsvSgS6yIXQ%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 20 Oct 2024 14:46:40 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E47C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uIGUI16AAOnYJzr91s1JeS-9ANzJA&u=%7CKZAay%2B6biTgRF%2BUp9t9rKDsUhdJkJCnnQbxYVettZH8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyHiQdXBm1N4jpZltslEHSQeBEh7p0LhkTDHqvpBBLOopjFAMy2aBSRFaEm57QWtwrRwAZb2HmstEmPF6bJXlW8bd2e9l88LMvvJBdWXo8j33hkRJDCaX3J4JEvXG9kl4ksrb2crTd-lTc0hTmeV-ca7-Juq-Ey8QWTh1MPfVbvWHzrbFVE37w3br7bFItDCaYIaqaZOEth9Fyu4aIn6VOXXxp5IEtVMv6v08bBeGp4Roe2SV7kwRp0oPSBTWI88VWGj_NXfNZ3PY0SN3dQUsJX36JlY98j-ZydPAiWa-hFGwoVxhTjdLkaNm1m4BfVojp5Kbq8pROUNlfDYYTfLKzHY4MofNEdYPgSGIMZhqrKUeA9bmPCPRkatfdIp8AzUHuAanBg0zJ-5t-R-nvyNb4-Pfn7gnSLTzAxDZ6_Nw_hrQlSTm6eELeBnFJtigkwLsWXE4P9OioIa9Y3JmfQgMy6mr0xl30wX8CYAB29SEFz6n2lRfVVop42nAQ6G1lyBWy2E8wqKwWbmrE8cnRJsYsHc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-9qzns6ZeKtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0IkjTANHwPfecSETwuhjUN4_cyUDbQtnImNVF7LEHiS0rlCC5kcr5pDbCcco1csTX17-HtgOiGKwjtasHQqMUGMEAlXi5v13iHORF2jNL-uvZTkablvsH9B994h6B4poG8rIf3cKCJQNvFtbz0hry1VLdO9SkXETrvZZ8TAGPnI_obvk46vIBlSEbM-579HeP3fUrOecmP2pmzBh1Mjbtgzt3mJOCjFO-mZc4_d3R9lK87Ea5ivbDBJZAjLIWmK4CoSIhkZqDQbcuStLvtNvDNtB4fC6j_LScTXrI0cSsbyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eBVPN6bDtHMmejwOTsvSgS6yIXQ%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 20 Oct 2024 14:46:40 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame E47C 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=raVul96CE6D-1zVCyUDLT1rTLHQi-GXe74NwqZNvFuLOiGG1azkioSzCFihooldk-AzG0x8tp3ao7vKrerfDIH7xPwjhZ_CjixrsqK7Fp182RPBBfDgpCYdHcRxPbqiT6ASqSoW4SG0THa7fhFnAwIEHlpld15hlQxxjL0nyJhLQ1JQKCmV3WEJSxpTZe7IwV5PPlWDEu4FqJ6KRs_LzJp6-iDCOf7CWabF2z7Q0DUyCaAUuZIa0e0ylPU8DgW21s69ui0_5b8NHLan0_rd_gnIVNBqiNXum7QvxRSN3Nhqv7r5Hhkk_yKhwFzAECC8X0ISZBfoXpauLJcZX7-SLymEhhq5qqXSi_PFfd0rYhxQG50LYaNRYxBQ4_ezPlA3TLXeV8WCW8rta5xoseQdyFtJZ_uq-J1Bcjt3b5IPtdNkfxBE9GpfVxbaO3j7vr4aQiARhGQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uIGUI16AAOnYJzr91s1JeS-9ANzJA&u=%7CKZAay%2B6biTgRF%2BUp9t9rKDsUhdJkJCnnQbxYVettZH8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyHiQdXBm1N4jpZltslEHSQeBEh7p0LhkTDHqvpBBLOopjFAMy2aBSRFaEm57QWtwrRwAZb2HmstEmPF6bJXlW8bd2e9l88LMvvJBdWXo8j33hkRJDCaX3J4JEvXG9kl4ksrb2crTd-lTc0hTmeV-ca7-Juq-Ey8QWTh1MPfVbvWHzrbFVE37w3br7bFItDCaYIaqaZOEth9Fyu4aIn6VOXXxp5IEtVMv6v08bBeGp4Roe2SV7kwRp0oPSBTWI88VWGj_NXfNZ3PY0SN3dQUsJX36JlY98j-ZydPAiWa-hFGwoVxhTjdLkaNm1m4BfVojp5Kbq8pROUNlfDYYTfLKzHY4MofNEdYPgSGIMZhqrKUeA9bmPCPRkatfdIp8AzUHuAanBg0zJ-5t-R-nvyNb4-Pfn7gnSLTzAxDZ6_Nw_hrQlSTm6eELeBnFJtigkwLsWXE4P9OioIa9Y3JmfQgMy6mr0xl30wX8CYAB29SEFz6n2lRfVVop42nAQ6G1lyBWy2E8wqKwWbmrE8cnRJsYsHc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-9qzns6ZeKtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0IkjTANHwPfecSETwuhjUN4_cyUDbQtnImNVF7LEHiS0rlCC5kcr5pDbCcco1csTX17-HtgOiGKwjtasHQqMUGMEAlXi5v13iHORF2jNL-uvZTkablvsH9B994h6B4poG8rIf3cKCJQNvFtbz0hry1VLdO9SkXETrvZZ8TAGPnI_obvk46vIBlSEbM-579HeP3fUrOecmP2pmzBh1Mjbtgzt3mJOCjFO-mZc4_d3R9lK87Ea5ivbDBJZAjLIWmK4CoSIhkZqDQbcuStLvtNvDNtB4fC6j_LScTXrI0cSsbyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eBVPN6bDtHMmejwOTsvSgS6yIXQ%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 14:46:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1680195
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame FE80 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uEGUI16AAOnYGPwlK_6DKCWs11KWA&u=%7CKZAay%2B6biTj7gVG8wKgn2a4m4ZNKNdmarx2ia7u4%2BlU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyEFE1rdvVCsaODxXBPCNVJbrLTtLbLydwupFEyA9CEUVCtbLHAKBXqv5mPmRXC9lQaAkggspYnDCZiH-ng-rBJkU7iuxtHa6lsAPesJ5cTu4RQ4U3Idh_iyyyHg-Ce3UmyTtYugoJGUboH0AEj3x1a_epUNkwXoWRWnHA9hq6YucMF2mTu1HzG7pKVZlfAReOoEaVWb5fx5wKlyCa0MtOMuoX_xGGzRDIsFYNn2epu_T1du9Cm-FcLJT6MiOPA2zp-nj--bLW64JM817b4viWRAMxhtpHL9kLTD0hlrILROUY4KxyIbPCISQ9KbnhIVrChARjmoACx6DF0PB99a6y-DA2GO7jBQ3KtrjrzmiRgjFKY_wwTIvWfmlo9er1HRFhFRJYltMy30GEdh9RldIhnG8oqvJMn4i1RwhdiAbW1EWmjQToaEiFGTm6z3P7yOIyrxac6vqaI8L0OM8WiXSuyPtmtJfLS9_lD0H3TfaBPgFUVcX1uBJVkEPgQHTXzP3GS5ZHqOcmq85rhgV_6MNt5fhEEsLXqxbLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKaUZzns6ZeGtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0L1tpThP0ERcjd6jB0PFJ19paFlw_6LSAh14Xmv_WX3AwF4Eah2IZ0yrd_Qzf2M1Basv0GeIGi2LRlNJfLPUUVfokXInKYZ3LnTabNT8tDul_muFTXcVK0kApfc4VxmBdOf8Cx8IdJNqpQa7SDvRX_pzb5YMifSUfwqPVtOb_OGr8NStmyYKKFjSpvvh7uXfqMOT6XVNN0HsCI7X_dOPSGO_0yMzTnfJ79scy2DtMZbNkW0I1L8ZHddT92vC8lUxIdtPbYHutOI24Wzt8RIPzogojgbeux6CySxpQzQkozWABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QzdjLH3v7FREVJ5tN0S9Xa9lxnA%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 14:46:40 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame FE80 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uEGUI16AAOnYGPwlK_6DKCWs11KWA&u=%7CKZAay%2B6biTj7gVG8wKgn2a4m4ZNKNdmarx2ia7u4%2BlU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyEFE1rdvVCsaODxXBPCNVJbrLTtLbLydwupFEyA9CEUVCtbLHAKBXqv5mPmRXC9lQaAkggspYnDCZiH-ng-rBJkU7iuxtHa6lsAPesJ5cTu4RQ4U3Idh_iyyyHg-Ce3UmyTtYugoJGUboH0AEj3x1a_epUNkwXoWRWnHA9hq6YucMF2mTu1HzG7pKVZlfAReOoEaVWb5fx5wKlyCa0MtOMuoX_xGGzRDIsFYNn2epu_T1du9Cm-FcLJT6MiOPA2zp-nj--bLW64JM817b4viWRAMxhtpHL9kLTD0hlrILROUY4KxyIbPCISQ9KbnhIVrChARjmoACx6DF0PB99a6y-DA2GO7jBQ3KtrjrzmiRgjFKY_wwTIvWfmlo9er1HRFhFRJYltMy30GEdh9RldIhnG8oqvJMn4i1RwhdiAbW1EWmjQToaEiFGTm6z3P7yOIyrxac6vqaI8L0OM8WiXSuyPtmtJfLS9_lD0H3TfaBPgFUVcX1uBJVkEPgQHTXzP3GS5ZHqOcmq85rhgV_6MNt5fhEEsLXqxbLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKaUZzns6ZeGtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0L1tpThP0ERcjd6jB0PFJ19paFlw_6LSAh14Xmv_WX3AwF4Eah2IZ0yrd_Qzf2M1Basv0GeIGi2LRlNJfLPUUVfokXInKYZ3LnTabNT8tDul_muFTXcVK0kApfc4VxmBdOf8Cx8IdJNqpQa7SDvRX_pzb5YMifSUfwqPVtOb_OGr8NStmyYKKFjSpvvh7uXfqMOT6XVNN0HsCI7X_dOPSGO_0yMzTnfJ79scy2DtMZbNkW0I1L8ZHddT92vC8lUxIdtPbYHutOI24Wzt8RIPzogojgbeux6CySxpQzQkozWABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QzdjLH3v7FREVJ5tN0S9Xa9lxnA%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 14:46:40 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame FE80 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uEGUI16AAOnYGPwlK_6DKCWs11KWA&u=%7CKZAay%2B6biTj7gVG8wKgn2a4m4ZNKNdmarx2ia7u4%2BlU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyEFE1rdvVCsaODxXBPCNVJbrLTtLbLydwupFEyA9CEUVCtbLHAKBXqv5mPmRXC9lQaAkggspYnDCZiH-ng-rBJkU7iuxtHa6lsAPesJ5cTu4RQ4U3Idh_iyyyHg-Ce3UmyTtYugoJGUboH0AEj3x1a_epUNkwXoWRWnHA9hq6YucMF2mTu1HzG7pKVZlfAReOoEaVWb5fx5wKlyCa0MtOMuoX_xGGzRDIsFYNn2epu_T1du9Cm-FcLJT6MiOPA2zp-nj--bLW64JM817b4viWRAMxhtpHL9kLTD0hlrILROUY4KxyIbPCISQ9KbnhIVrChARjmoACx6DF0PB99a6y-DA2GO7jBQ3KtrjrzmiRgjFKY_wwTIvWfmlo9er1HRFhFRJYltMy30GEdh9RldIhnG8oqvJMn4i1RwhdiAbW1EWmjQToaEiFGTm6z3P7yOIyrxac6vqaI8L0OM8WiXSuyPtmtJfLS9_lD0H3TfaBPgFUVcX1uBJVkEPgQHTXzP3GS5ZHqOcmq85rhgV_6MNt5fhEEsLXqxbLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKaUZzns6ZeGtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0L1tpThP0ERcjd6jB0PFJ19paFlw_6LSAh14Xmv_WX3AwF4Eah2IZ0yrd_Qzf2M1Basv0GeIGi2LRlNJfLPUUVfokXInKYZ3LnTabNT8tDul_muFTXcVK0kApfc4VxmBdOf8Cx8IdJNqpQa7SDvRX_pzb5YMifSUfwqPVtOb_OGr8NStmyYKKFjSpvvh7uXfqMOT6XVNN0HsCI7X_dOPSGO_0yMzTnfJ79scy2DtMZbNkW0I1L8ZHddT92vC8lUxIdtPbYHutOI24Wzt8RIPzogojgbeux6CySxpQzQkozWABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QzdjLH3v7FREVJ5tN0S9Xa9lxnA%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 20 Oct 2024 14:46:40 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame FE80 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uEGUI16AAOnYGPwlK_6DKCWs11KWA&u=%7CKZAay%2B6biTj7gVG8wKgn2a4m4ZNKNdmarx2ia7u4%2BlU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyEFE1rdvVCsaODxXBPCNVJbrLTtLbLydwupFEyA9CEUVCtbLHAKBXqv5mPmRXC9lQaAkggspYnDCZiH-ng-rBJkU7iuxtHa6lsAPesJ5cTu4RQ4U3Idh_iyyyHg-Ce3UmyTtYugoJGUboH0AEj3x1a_epUNkwXoWRWnHA9hq6YucMF2mTu1HzG7pKVZlfAReOoEaVWb5fx5wKlyCa0MtOMuoX_xGGzRDIsFYNn2epu_T1du9Cm-FcLJT6MiOPA2zp-nj--bLW64JM817b4viWRAMxhtpHL9kLTD0hlrILROUY4KxyIbPCISQ9KbnhIVrChARjmoACx6DF0PB99a6y-DA2GO7jBQ3KtrjrzmiRgjFKY_wwTIvWfmlo9er1HRFhFRJYltMy30GEdh9RldIhnG8oqvJMn4i1RwhdiAbW1EWmjQToaEiFGTm6z3P7yOIyrxac6vqaI8L0OM8WiXSuyPtmtJfLS9_lD0H3TfaBPgFUVcX1uBJVkEPgQHTXzP3GS5ZHqOcmq85rhgV_6MNt5fhEEsLXqxbLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKaUZzns6ZeGtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0L1tpThP0ERcjd6jB0PFJ19paFlw_6LSAh14Xmv_WX3AwF4Eah2IZ0yrd_Qzf2M1Basv0GeIGi2LRlNJfLPUUVfokXInKYZ3LnTabNT8tDul_muFTXcVK0kApfc4VxmBdOf8Cx8IdJNqpQa7SDvRX_pzb5YMifSUfwqPVtOb_OGr8NStmyYKKFjSpvvh7uXfqMOT6XVNN0HsCI7X_dOPSGO_0yMzTnfJ79scy2DtMZbNkW0I1L8ZHddT92vC8lUxIdtPbYHutOI24Wzt8RIPzogojgbeux6CySxpQzQkozWABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QzdjLH3v7FREVJ5tN0S9Xa9lxnA%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 20 Oct 2024 14:46:40 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame FE80 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=8xwiiN6CE6D-1zVCyUDLT1rTLHSZyVbpfMttA8lcufLqfaGhZ_S7rnF-tcMlEx6VnMin6z5RQf5ARoQc8ukZSuV_ERMd5ARHIdrH94f8J3FUJcpxIBO6_AhocXlg8V04NdQiQPhYuswG8OvHVHZuukrp76EbfuqaRqT0b8VSK-FljdMUgSrp9LXgL1pp4ZZ2wsP8MELtY5df2PU72CzxC4i0ttLcRJuG20t34AnzmhQd_nBCzR8Vy9buNf5eFpRyanjmbsl3BCTPU4UPVz5QZ9qx6pTVyqV_3WrQ5Ocsqxs5YEuq8eVMmdOrs-GXWeUIpjCUyx5AW6nTICUQ_NdrgLypVrRsXzTriwd8LtgUy96SBsATsA6v9MrzKkQRZ_wECynMXpeZZgxUXkEtfXJ7HdH_9jETyiVhz0LOdLvn7lHdjQqN
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uEGUI16AAOnYGPwlK_6DKCWs11KWA&u=%7CKZAay%2B6biTj7gVG8wKgn2a4m4ZNKNdmarx2ia7u4%2BlU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyEFE1rdvVCsaODxXBPCNVJbrLTtLbLydwupFEyA9CEUVCtbLHAKBXqv5mPmRXC9lQaAkggspYnDCZiH-ng-rBJkU7iuxtHa6lsAPesJ5cTu4RQ4U3Idh_iyyyHg-Ce3UmyTtYugoJGUboH0AEj3x1a_epUNkwXoWRWnHA9hq6YucMF2mTu1HzG7pKVZlfAReOoEaVWb5fx5wKlyCa0MtOMuoX_xGGzRDIsFYNn2epu_T1du9Cm-FcLJT6MiOPA2zp-nj--bLW64JM817b4viWRAMxhtpHL9kLTD0hlrILROUY4KxyIbPCISQ9KbnhIVrChARjmoACx6DF0PB99a6y-DA2GO7jBQ3KtrjrzmiRgjFKY_wwTIvWfmlo9er1HRFhFRJYltMy30GEdh9RldIhnG8oqvJMn4i1RwhdiAbW1EWmjQToaEiFGTm6z3P7yOIyrxac6vqaI8L0OM8WiXSuyPtmtJfLS9_lD0H3TfaBPgFUVcX1uBJVkEPgQHTXzP3GS5ZHqOcmq85rhgV_6MNt5fhEEsLXqxbLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKaUZzns6ZeGtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0L1tpThP0ERcjd6jB0PFJ19paFlw_6LSAh14Xmv_WX3AwF4Eah2IZ0yrd_Qzf2M1Basv0GeIGi2LRlNJfLPUUVfokXInKYZ3LnTabNT8tDul_muFTXcVK0kApfc4VxmBdOf8Cx8IdJNqpQa7SDvRX_pzb5YMifSUfwqPVtOb_OGr8NStmyYKKFjSpvvh7uXfqMOT6XVNN0HsCI7X_dOPSGO_0yMzTnfJ79scy2DtMZbNkW0I1L8ZHddT92vC8lUxIdtPbYHutOI24Wzt8RIPzogojgbeux6CySxpQzQkozWABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QzdjLH3v7FREVJ5tN0S9Xa9lxnA%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 14:46:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1610716
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame E47C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uIGUI16AAOnYJzr91s1JeS-9ANzJA&u=%7CKZAay%2B6biTgRF%2BUp9t9rKDsUhdJkJCnnQbxYVettZH8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyHiQdXBm1N4jpZltslEHSQeBEh7p0LhkTDHqvpBBLOopjFAMy2aBSRFaEm57QWtwrRwAZb2HmstEmPF6bJXlW8bd2e9l88LMvvJBdWXo8j33hkRJDCaX3J4JEvXG9kl4ksrb2crTd-lTc0hTmeV-ca7-Juq-Ey8QWTh1MPfVbvWHzrbFVE37w3br7bFItDCaYIaqaZOEth9Fyu4aIn6VOXXxp5IEtVMv6v08bBeGp4Roe2SV7kwRp0oPSBTWI88VWGj_NXfNZ3PY0SN3dQUsJX36JlY98j-ZydPAiWa-hFGwoVxhTjdLkaNm1m4BfVojp5Kbq8pROUNlfDYYTfLKzHY4MofNEdYPgSGIMZhqrKUeA9bmPCPRkatfdIp8AzUHuAanBg0zJ-5t-R-nvyNb4-Pfn7gnSLTzAxDZ6_Nw_hrQlSTm6eELeBnFJtigkwLsWXE4P9OioIa9Y3JmfQgMy6mr0xl30wX8CYAB29SEFz6n2lRfVVop42nAQ6G1lyBWy2E8wqKwWbmrE8cnRJsYsHc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-9qzns6ZeKtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0IkjTANHwPfecSETwuhjUN4_cyUDbQtnImNVF7LEHiS0rlCC5kcr5pDbCcco1csTX17-HtgOiGKwjtasHQqMUGMEAlXi5v13iHORF2jNL-uvZTkablvsH9B994h6B4poG8rIf3cKCJQNvFtbz0hry1VLdO9SkXETrvZZ8TAGPnI_obvk46vIBlSEbM-579HeP3fUrOecmP2pmzBh1Mjbtgzt3mJOCjFO-mZc4_d3R9lK87Ea5ivbDBJZAjLIWmK4CoSIhkZqDQbcuStLvtNvDNtB4fC6j_LScTXrI0cSsbyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eBVPN6bDtHMmejwOTsvSgS6yIXQ%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 14:46:40 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EF59
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 14:46:40 GMT
expires
Thu, 26 Oct 2023 14:46:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 14:46:40 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
goqpW93bp9aeFbbQx7VuMcxuxw-E00l_j_Kc0hv6SrY.js
pagead2.googlesyndication.com/bg/ Frame 7913 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/goqpW93bp9aeFbbQx7VuMcxuxw-E00l_j_Kc0hv6SrY.js
Requested by
Host: peticaopublica.com
URL: https://peticaopublica.com/confirm.aspx?id=117993,374771,92897
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
828aa95bdddba7d69e15b6d0c7b56e31cc6ec70f84d3497f8ff29cd21bfa4ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
132427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19667
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 01:59:33 GMT
animejs.js
static.criteo.net/animejs/ Frame FE80 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uEGUI16AAOnYGPwlK_6DKCWs11KWA&u=%7CKZAay%2B6biTj7gVG8wKgn2a4m4ZNKNdmarx2ia7u4%2BlU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyEFE1rdvVCsaODxXBPCNVJbrLTtLbLydwupFEyA9CEUVCtbLHAKBXqv5mPmRXC9lQaAkggspYnDCZiH-ng-rBJkU7iuxtHa6lsAPesJ5cTu4RQ4U3Idh_iyyyHg-Ce3UmyTtYugoJGUboH0AEj3x1a_epUNkwXoWRWnHA9hq6YucMF2mTu1HzG7pKVZlfAReOoEaVWb5fx5wKlyCa0MtOMuoX_xGGzRDIsFYNn2epu_T1du9Cm-FcLJT6MiOPA2zp-nj--bLW64JM817b4viWRAMxhtpHL9kLTD0hlrILROUY4KxyIbPCISQ9KbnhIVrChARjmoACx6DF0PB99a6y-DA2GO7jBQ3KtrjrzmiRgjFKY_wwTIvWfmlo9er1HRFhFRJYltMy30GEdh9RldIhnG8oqvJMn4i1RwhdiAbW1EWmjQToaEiFGTm6z3P7yOIyrxac6vqaI8L0OM8WiXSuyPtmtJfLS9_lD0H3TfaBPgFUVcX1uBJVkEPgQHTXzP3GS5ZHqOcmq85rhgV_6MNt5fhEEsLXqxbLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKaUZzns6ZeGtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0L1tpThP0ERcjd6jB0PFJ19paFlw_6LSAh14Xmv_WX3AwF4Eah2IZ0yrd_Qzf2M1Basv0GeIGi2LRlNJfLPUUVfokXInKYZ3LnTabNT8tDul_muFTXcVK0kApfc4VxmBdOf8Cx8IdJNqpQa7SDvRX_pzb5YMifSUfwqPVtOb_OGr8NStmyYKKFjSpvvh7uXfqMOT6XVNN0HsCI7X_dOPSGO_0yMzTnfJ79scy2DtMZbNkW0I1L8ZHddT92vC8lUxIdtPbYHutOI24Wzt8RIPzogojgbeux6CySxpQzQkozWABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QzdjLH3v7FREVJ5tN0S9Xa9lxnA%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 14:46:40 GMT
all
csm.eu.criteo.net/ Frame E47C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=uD2w5Cjhi_2JdFONfP8CYV_Q31DZLoap3Nj4nzwNVLoh8CoDKTMQ0efFjnXPOw3DOGGtkWwhsIp9ZxcWfYbZovDhjwsM2vkEUMhOVPWrI7acgO5d25s23dd2rMiZgsVkleWbpYp1cHTfnYeWiJkT-BMX3TvUr_Q9_nG2cJw8oE-SdRAf-XoSgdnFCLiaiZS8t6N0keu9aqw5DG7zNAW9j7afpHsZ7JnLew0SMMjwwSMP06SJtqXhSWvT8HWnUhrk4Iqe9Q&sds=2&rev=89054&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uIGUI16AAOnYJzr91s1JeS-9ANzJA&u=%7CKZAay%2B6biTgRF%2BUp9t9rKDsUhdJkJCnnQbxYVettZH8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyHiQdXBm1N4jpZltslEHSQeBEh7p0LhkTDHqvpBBLOopjFAMy2aBSRFaEm57QWtwrRwAZb2HmstEmPF6bJXlW8bd2e9l88LMvvJBdWXo8j33hkRJDCaX3J4JEvXG9kl4ksrb2crTd-lTc0hTmeV-ca7-Juq-Ey8QWTh1MPfVbvWHzrbFVE37w3br7bFItDCaYIaqaZOEth9Fyu4aIn6VOXXxp5IEtVMv6v08bBeGp4Roe2SV7kwRp0oPSBTWI88VWGj_NXfNZ3PY0SN3dQUsJX36JlY98j-ZydPAiWa-hFGwoVxhTjdLkaNm1m4BfVojp5Kbq8pROUNlfDYYTfLKzHY4MofNEdYPgSGIMZhqrKUeA9bmPCPRkatfdIp8AzUHuAanBg0zJ-5t-R-nvyNb4-Pfn7gnSLTzAxDZ6_Nw_hrQlSTm6eELeBnFJtigkwLsWXE4P9OioIa9Y3JmfQgMy6mr0xl30wX8CYAB29SEFz6n2lRfVVop42nAQ6G1lyBWy2E8wqKwWbmrE8cnRJsYsHc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-9qzns6ZeKtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0IkjTANHwPfecSETwuhjUN4_cyUDbQtnImNVF7LEHiS0rlCC5kcr5pDbCcco1csTX17-HtgOiGKwjtasHQqMUGMEAlXi5v13iHORF2jNL-uvZTkablvsH9B994h6B4poG8rIf3cKCJQNvFtbz0hry1VLdO9SkXETrvZZ8TAGPnI_obvk46vIBlSEbM-579HeP3fUrOecmP2pmzBh1Mjbtgzt3mJOCjFO-mZc4_d3R9lK87Ea5ivbDBJZAjLIWmK4CoSIhkZqDQbcuStLvtNvDNtB4fC6j_LScTXrI0cSsbyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eBVPN6bDtHMmejwOTsvSgS6yIXQ%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 14:46:39 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E47C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uIGUI16AAOnYJzr91s1JeS-9ANzJA&u=%7CKZAay%2B6biTgRF%2BUp9t9rKDsUhdJkJCnnQbxYVettZH8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyHiQdXBm1N4jpZltslEHSQeBEh7p0LhkTDHqvpBBLOopjFAMy2aBSRFaEm57QWtwrRwAZb2HmstEmPF6bJXlW8bd2e9l88LMvvJBdWXo8j33hkRJDCaX3J4JEvXG9kl4ksrb2crTd-lTc0hTmeV-ca7-Juq-Ey8QWTh1MPfVbvWHzrbFVE37w3br7bFItDCaYIaqaZOEth9Fyu4aIn6VOXXxp5IEtVMv6v08bBeGp4Roe2SV7kwRp0oPSBTWI88VWGj_NXfNZ3PY0SN3dQUsJX36JlY98j-ZydPAiWa-hFGwoVxhTjdLkaNm1m4BfVojp5Kbq8pROUNlfDYYTfLKzHY4MofNEdYPgSGIMZhqrKUeA9bmPCPRkatfdIp8AzUHuAanBg0zJ-5t-R-nvyNb4-Pfn7gnSLTzAxDZ6_Nw_hrQlSTm6eELeBnFJtigkwLsWXE4P9OioIa9Y3JmfQgMy6mr0xl30wX8CYAB29SEFz6n2lRfVVop42nAQ6G1lyBWy2E8wqKwWbmrE8cnRJsYsHc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-9qzns6ZeKtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0IkjTANHwPfecSETwuhjUN4_cyUDbQtnImNVF7LEHiS0rlCC5kcr5pDbCcco1csTX17-HtgOiGKwjtasHQqMUGMEAlXi5v13iHORF2jNL-uvZTkablvsH9B994h6B4poG8rIf3cKCJQNvFtbz0hry1VLdO9SkXETrvZZ8TAGPnI_obvk46vIBlSEbM-579HeP3fUrOecmP2pmzBh1Mjbtgzt3mJOCjFO-mZc4_d3R9lK87Ea5ivbDBJZAjLIWmK4CoSIhkZqDQbcuStLvtNvDNtB4fC6j_LScTXrI0cSsbyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eBVPN6bDtHMmejwOTsvSgS6yIXQ%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 14:46:40 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E47C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uIGUI16AAOnYJzr91s1JeS-9ANzJA&u=%7CKZAay%2B6biTgRF%2BUp9t9rKDsUhdJkJCnnQbxYVettZH8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyHiQdXBm1N4jpZltslEHSQeBEh7p0LhkTDHqvpBBLOopjFAMy2aBSRFaEm57QWtwrRwAZb2HmstEmPF6bJXlW8bd2e9l88LMvvJBdWXo8j33hkRJDCaX3J4JEvXG9kl4ksrb2crTd-lTc0hTmeV-ca7-Juq-Ey8QWTh1MPfVbvWHzrbFVE37w3br7bFItDCaYIaqaZOEth9Fyu4aIn6VOXXxp5IEtVMv6v08bBeGp4Roe2SV7kwRp0oPSBTWI88VWGj_NXfNZ3PY0SN3dQUsJX36JlY98j-ZydPAiWa-hFGwoVxhTjdLkaNm1m4BfVojp5Kbq8pROUNlfDYYTfLKzHY4MofNEdYPgSGIMZhqrKUeA9bmPCPRkatfdIp8AzUHuAanBg0zJ-5t-R-nvyNb4-Pfn7gnSLTzAxDZ6_Nw_hrQlSTm6eELeBnFJtigkwLsWXE4P9OioIa9Y3JmfQgMy6mr0xl30wX8CYAB29SEFz6n2lRfVVop42nAQ6G1lyBWy2E8wqKwWbmrE8cnRJsYsHc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm-9qzns6ZeKtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0IkjTANHwPfecSETwuhjUN4_cyUDbQtnImNVF7LEHiS0rlCC5kcr5pDbCcco1csTX17-HtgOiGKwjtasHQqMUGMEAlXi5v13iHORF2jNL-uvZTkablvsH9B994h6B4poG8rIf3cKCJQNvFtbz0hry1VLdO9SkXETrvZZ8TAGPnI_obvk46vIBlSEbM-579HeP3fUrOecmP2pmzBh1Mjbtgzt3mJOCjFO-mZc4_d3R9lK87Ea5ivbDBJZAjLIWmK4CoSIhkZqDQbcuStLvtNvDNtB4fC6j_LScTXrI0cSsbyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eBVPN6bDtHMmejwOTsvSgS6yIXQ%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 14:46:40 GMT
all
csm.eu.criteo.net/ Frame FE80 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dbIdISjhi_2JdFONR576XvMa4SMEXlnwgPIn-ZprJlrWoQiWBecxoXEBvyLp7ZT2uMcUQ7Q-AGZ6Em7fTX3pQUufZPH7kI1gaPnr3Nszx0v7VTY1B0RfX8O2iTk0A-wCYkHzNqKNBpXId2GYjhmPZt2X9Zt7gmBA5sikGV9cd3wY30VTPagS51Ep9jj0yBBRHOYwj-eQEsGvj0OA-izBPs7yGmll7X5yolYVIR8FR7nCAeAnW9rGivaxMcZd3n2M23_7aw&sds=2&rev=89054&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uEGUI16AAOnYGPwlK_6DKCWs11KWA&u=%7CKZAay%2B6biTj7gVG8wKgn2a4m4ZNKNdmarx2ia7u4%2BlU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyEFE1rdvVCsaODxXBPCNVJbrLTtLbLydwupFEyA9CEUVCtbLHAKBXqv5mPmRXC9lQaAkggspYnDCZiH-ng-rBJkU7iuxtHa6lsAPesJ5cTu4RQ4U3Idh_iyyyHg-Ce3UmyTtYugoJGUboH0AEj3x1a_epUNkwXoWRWnHA9hq6YucMF2mTu1HzG7pKVZlfAReOoEaVWb5fx5wKlyCa0MtOMuoX_xGGzRDIsFYNn2epu_T1du9Cm-FcLJT6MiOPA2zp-nj--bLW64JM817b4viWRAMxhtpHL9kLTD0hlrILROUY4KxyIbPCISQ9KbnhIVrChARjmoACx6DF0PB99a6y-DA2GO7jBQ3KtrjrzmiRgjFKY_wwTIvWfmlo9er1HRFhFRJYltMy30GEdh9RldIhnG8oqvJMn4i1RwhdiAbW1EWmjQToaEiFGTm6z3P7yOIyrxac6vqaI8L0OM8WiXSuyPtmtJfLS9_lD0H3TfaBPgFUVcX1uBJVkEPgQHTXzP3GS5ZHqOcmq85rhgV_6MNt5fhEEsLXqxbLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKaUZzns6ZeGtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0L1tpThP0ERcjd6jB0PFJ19paFlw_6LSAh14Xmv_WX3AwF4Eah2IZ0yrd_Qzf2M1Basv0GeIGi2LRlNJfLPUUVfokXInKYZ3LnTabNT8tDul_muFTXcVK0kApfc4VxmBdOf8Cx8IdJNqpQa7SDvRX_pzb5YMifSUfwqPVtOb_OGr8NStmyYKKFjSpvvh7uXfqMOT6XVNN0HsCI7X_dOPSGO_0yMzTnfJ79scy2DtMZbNkW0I1L8ZHddT92vC8lUxIdtPbYHutOI24Wzt8RIPzogojgbeux6CySxpQzQkozWABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QzdjLH3v7FREVJ5tN0S9Xa9lxnA%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 14:46:39 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FE80 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uEGUI16AAOnYGPwlK_6DKCWs11KWA&u=%7CKZAay%2B6biTj7gVG8wKgn2a4m4ZNKNdmarx2ia7u4%2BlU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyEFE1rdvVCsaODxXBPCNVJbrLTtLbLydwupFEyA9CEUVCtbLHAKBXqv5mPmRXC9lQaAkggspYnDCZiH-ng-rBJkU7iuxtHa6lsAPesJ5cTu4RQ4U3Idh_iyyyHg-Ce3UmyTtYugoJGUboH0AEj3x1a_epUNkwXoWRWnHA9hq6YucMF2mTu1HzG7pKVZlfAReOoEaVWb5fx5wKlyCa0MtOMuoX_xGGzRDIsFYNn2epu_T1du9Cm-FcLJT6MiOPA2zp-nj--bLW64JM817b4viWRAMxhtpHL9kLTD0hlrILROUY4KxyIbPCISQ9KbnhIVrChARjmoACx6DF0PB99a6y-DA2GO7jBQ3KtrjrzmiRgjFKY_wwTIvWfmlo9er1HRFhFRJYltMy30GEdh9RldIhnG8oqvJMn4i1RwhdiAbW1EWmjQToaEiFGTm6z3P7yOIyrxac6vqaI8L0OM8WiXSuyPtmtJfLS9_lD0H3TfaBPgFUVcX1uBJVkEPgQHTXzP3GS5ZHqOcmq85rhgV_6MNt5fhEEsLXqxbLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKaUZzns6ZeGtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0L1tpThP0ERcjd6jB0PFJ19paFlw_6LSAh14Xmv_WX3AwF4Eah2IZ0yrd_Qzf2M1Basv0GeIGi2LRlNJfLPUUVfokXInKYZ3LnTabNT8tDul_muFTXcVK0kApfc4VxmBdOf8Cx8IdJNqpQa7SDvRX_pzb5YMifSUfwqPVtOb_OGr8NStmyYKKFjSpvvh7uXfqMOT6XVNN0HsCI7X_dOPSGO_0yMzTnfJ79scy2DtMZbNkW0I1L8ZHddT92vC8lUxIdtPbYHutOI24Wzt8RIPzogojgbeux6CySxpQzQkozWABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QzdjLH3v7FREVJ5tN0S9Xa9lxnA%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 14:46:40 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame FE80 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTp7zgAG1uEGUI16AAOnYGPwlK_6DKCWs11KWA&u=%7CKZAay%2B6biTj7gVG8wKgn2a4m4ZNKNdmarx2ia7u4%2BlU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T5Tu-ofP-POZPSFEXltvfyEFE1rdvVCsaODxXBPCNVJbrLTtLbLydwupFEyA9CEUVCtbLHAKBXqv5mPmRXC9lQaAkggspYnDCZiH-ng-rBJkU7iuxtHa6lsAPesJ5cTu4RQ4U3Idh_iyyyHg-Ce3UmyTtYugoJGUboH0AEj3x1a_epUNkwXoWRWnHA9hq6YucMF2mTu1HzG7pKVZlfAReOoEaVWb5fx5wKlyCa0MtOMuoX_xGGzRDIsFYNn2epu_T1du9Cm-FcLJT6MiOPA2zp-nj--bLW64JM817b4viWRAMxhtpHL9kLTD0hlrILROUY4KxyIbPCISQ9KbnhIVrChARjmoACx6DF0PB99a6y-DA2GO7jBQ3KtrjrzmiRgjFKY_wwTIvWfmlo9er1HRFhFRJYltMy30GEdh9RldIhnG8oqvJMn4i1RwhdiAbW1EWmjQToaEiFGTm6z3P7yOIyrxac6vqaI8L0OM8WiXSuyPtmtJfLS9_lD0H3TfaBPgFUVcX1uBJVkEPgQHTXzP3GS5ZHqOcmq85rhgV_6MNt5fhEEsLXqxbLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKaUZzns6ZeGtG_qawuIP4M6O0ATJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi00NjcyNjc2MDQ4NzYxMzI5yAEJqQLLVTQzi62xPqgDAcgDAqoE4QFP0L1tpThP0ERcjd6jB0PFJ19paFlw_6LSAh14Xmv_WX3AwF4Eah2IZ0yrd_Qzf2M1Basv0GeIGi2LRlNJfLPUUVfokXInKYZ3LnTabNT8tDul_muFTXcVK0kApfc4VxmBdOf8Cx8IdJNqpQa7SDvRX_pzb5YMifSUfwqPVtOb_OGr8NStmyYKKFjSpvvh7uXfqMOT6XVNN0HsCI7X_dOPSGO_0yMzTnfJ79scy2DtMZbNkW0I1L8ZHddT92vC8lUxIdtPbYHutOI24Wzt8RIPzogojgbeux6CySxpQzQkozWABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QzdjLH3v7FREVJ5tN0S9Xa9lxnA%26client%3Dca-pub-4672676048761329%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 14:46:40 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame D55D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CyALJzns6ZcuJGvaKwuIP3ImCyAbBzLroc-yR0ayoEcCNtwEQASCB7ooKYJX68IGMB6AB7fK2pAPIAQGpAuU803kfsbE-qAMByAPDBKoE4gFP0Mw2fcDTTFzw3dCtSBIeiZWCm_ObUeHAR3O...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225901375134922459469%22,%22debug_reporting%22:true,%22destination%22:%22https://katalogdruck-berlin.de%22,%22event_report_w...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225901375134922459469%22,%22debug_reporting%22:true,%22destination%22:%22https://katalogdruck-berlin.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22881703277%22],%224%22:[%2210-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214162629318992714913%22}&andc=true
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"5901375134922459469","debug_reporting":true,"destination":"https://katalogdruck-berlin.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["881703277"],"4":["10-26"],"6":["true"]},"priority":"500","source_event_id":"14162629318992714913"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 14:46:40 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 26 Oct 2023 14:46:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5901375134922459469","debug_reporting":true,"destination":"https://katalogdruck-berlin.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["881703277"],"4":["10-26"],"6":["true"]},"priority":"500","source_event_id":"14162629318992714913"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
goqpW93bp9aeFbbQx7VuMcxuxw-E00l_j_Kc0hv6SrY.js
pagead2.googlesyndication.com/bg/ Frame 397C 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/goqpW93bp9aeFbbQx7VuMcxuxw-E00l_j_Kc0hv6SrY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4672676048761329&output=html&h=90&slotname=6728524802&adk=3680969736&adf=3315955579&pi=t.ma~as.6728524802&w=728&lmt=1698324398&format=728x90&url=https%3A%2F%2Fpeticaopublica.com%2Fconfirm.aspx%3Fid%3D117993%2C374771%2C92897&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698331598078&bpp=4&bdt=486&idt=285&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=7835028558528&frm=20&pv=2&ga_vid=1381629901.1698331598&ga_sid=1698331598&ga_hid=1434727141&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44805915%2C44805932%2C44806738%2C31078297%2C31079150%2C44806140%2C31061690&oid=2&pvsid=92945985938622&tmod=1366883008&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dLB5EVUr9P&p=https%3A//peticaopublica.com&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
828aa95bdddba7d69e15b6d0c7b56e31cc6ec70f84d3497f8ff29cd21bfa4ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
132427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19667
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 01:59:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231024&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4672676048761329&plah=peticaopublica.com&bust=31079150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ef86f7aa4173914e50b0230a8f6a1b23890f8266f1a2701ed85985b87d318b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12262
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225901375134922459469%22,%22debug_reporting%22:true,%22destination%22:%22https://katalogdruck-berlin.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22881703277%22],%224%22:[%2210-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214162629318992714913%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 14:46:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4672676048761329&plah=peticaopublica.com&bust=31079150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 14:46:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB32 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://peticaopublica.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 10:33:19 GMT
expires
Fri, 25 Oct 2024 10:33:19 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4324 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b967d52be45de54acbaeb15fa9d4f6524aa3f7381da6b4f056aa34a6ee20935b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-baAkGAXkX4VQWI5TkgpsnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peticaopublica.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-baAkGAXkX4VQWI5TkgpsnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 14:46:40 GMT
expires
Thu, 26 Oct 2023 14:46:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js
pagead2.googlesyndication.com/bg/ Frame CB32 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb4f29577d6c338e7112291edaf1cd010feeb10dcddd20291a46c1d45ff39545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 12:26:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
8425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15202
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 12:26:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4324 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231024&jk=92945985938622&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-4269839-28&v=3&t=t&pid=1261404545&cv=1&rv=3ap0&tc=5&x=2&es=1&e=gtm.load&eid=4&u=Ag&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:41 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame CB32 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XN4-uA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:46:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D55D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvD9b5Co33j3a3aIlEeD0nvOCbpHQU_eG7EIWYTYs238-aGXopG7jKe1bX4dMatRqfYSYA_MJXFosIw_-P3KyIuLrpO76E9FlkJb4GQ7Z_5bzkQJwB8OC3L0vXl8MuIFoMc0oUJgjhBY_KB&sai=AMfl-YQcYlZZQx-i4i7kkjo32H_GKep1Wdgx-OIKe9y3eJlNkBkgjW_0tTfFED_lVTJJEErE8gjOUhAy6lSLgN6TjA_lNAgp2RgJrJMhZGG1IXnBUxmmzy_-kPFPes358HEg8vombcOGMoFUY8q6&sig=Cg0ArKJSzB84884UIbtuEAE&cid=CAQSSwDICaaNRKeXNVw0V39TEQitsC-7NtXEpYpaiwUKaVIK0dEaLmB_0I6ZpP11Il8nhU1m6rnrXlmxxoicF-yH8hkr6ZkCmnWSzQwwGRgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3680969736&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698331598382&rpt=2040&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 14:46:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231024&jk=92945985938622&bg=!6uml6abNAAZRemZlcXo7ADQBe5WfODAjrkO32xX3chxhUdmBdfbiGoixHeWJzxm8E0LRkIFahWdKaDtKYgaGLQcNx6swAgAAAFhSAAAAA2gBBwoAPBcMAF3Nf7evRpBkZgqRahfYkaNmHfdYyaEyE2ykFf69JdofIosmAcQ6WoVcnrgHttCMMPAVMH5AddotA5kCvF0tOozp_aTt3fW8LwNnqFITIXCrPfFCYwhxWKcbDfm6rVAE5Fmervyd0jebuR740aScsvtxOBju928Yf5_CFwiK_SNWLUNBm7N60ABSXkW73OnrsTCvpW7gVfw3IxSZdeibMggJeAy1ExXzlNuEK8IzzblIKvr1HA-PTwXfi8IGOzn8Ez_yWFTvcWIKu0j919ruUwD6CR3--0JRIJ2wxuyISvENIh9AHeWTCZFiYuYeqzuy-qbpEq4JGdOSrGew2NDxElIK5auIX5Cwh9u86T7_S2xyAtgKqdHTZVEmhWJwbgxqr38uLB6RbJwlOP_8rUuGiHDXWpDTpHiwE4Iebh7gc-A3VjHk9kNQYJf9pZIMxZxIfZ-d84pBh60gTsP9ywaUoOIrKO5J-33VN7rY7htpyR764YDFjRMMUCo_0ZZS1_dA9QZZizO4QRq4Pvgse6g4KE0GzAXlkVZi7gsKZjbBGxYJBKhalv2cqQbmiN0RyBdq3nCEXpFCychr9QOYql_r0Ab6ruzZ9keFqJlUz9KrJBeTiaaWX37VI0esFMy1VddDzm_kC1dqAy-Utt8n5HYE9rYhAxmDxC0y5deR2DrBaRdyZ2WOacLEOb549Ts9E8KF7STaCoX6L3cH2dCjg58UbIlNpuWUEcu-5ri1r09j3BdiRntEdzRhfotMJO1-_gNgCMWMF9stDTS-ridJ86rSGiziIgvWbctIBqHWIdgG8P1Idgo27nUJhdzYFpewc_Ku-EB5hX-Q00EtV56AQx7IFdL24-VOiybb0z7ZywIdGwHDVqPZFXI1e6jQg05yL1ZXCsu9WebMnk-at2awuyZHgWaHmcplvYmZRSjqP5YDPdXVcaMXQTB5boREU11xE23brrmWnqduSoYDkN1Tmmn8FMXi9edQYEtxU8otv8Z_suSr7BUWEhEDLMQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peticaopublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture function| $ function| jQuery boolean| fsub function| checkLoginState function| fblogin object| _0xb0ea function| callFBapi function| fbPostUtil function| doSearch function| fbAsyncInit object| adsbygoogle function| gtag object| dataLayer object| FB object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| __buffer object| google_tag_manager string| GoogleAnalyticsObject function| ga function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
.peticaopublica.com/ Name: cf_clearance
Value: fUhpgtdFZ_X3tKKUsrqpbeO0Lok82uh6hszf1czzTug-1698331598-0-1-9c8efebf.404cefe8.90d806f7-0.2.1698331598
.peticaopublica.com/ Name: _ga_C7TBNGVBZJ
Value: GS1.1.1698331598.1.0.1698331598.0.0.0
.peticaopublica.com/ Name: _ga
Value: GA1.2.1381629901.1698331598
.peticaopublica.com/ Name: _gid
Value: GA1.2.1295838011.1698331598
.peticaopublica.com/ Name: _gat_gtag_UA_4269839_28
Value: 1
.peticaopublica.com/ Name: __gads
Value: ID=50ea65d6ca34acb9:T=1698331598:RT=1698331598:S=ALNI_MZtc3s4Dx35cncyaFssL4ZLQDb_aQ
.peticaopublica.com/ Name: __gpi
Value: UID=00000cc464775ea2:T=1698331598:RT=1698331598:S=ALNI_MbDw-PeGT1YofS8LNgAzYOGdl1Hjg
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnYRjtTmmdGFQngXaX2HRQ-KMWfEOZswh9k5GG7DPABEcHKCxtRAquCPLzMH-k
.googleadservices.com/ Name: ar_debug
Value: 1

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1(Line 19)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
ajax.googleapis.com
cat.nl3.eu.criteo.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
peticaopublica.com
region1.google-analytics.com
static.criteo.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.181.226
178.250.1.6
2001:4860:4802:32::36
2606:4700:3031::ac43:bf4e
2606:4700:3033::6815:1426
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
06791fb5b0dfc1198551e43af58f5c598b7c7a79a108285d53e734cc3901efff
07bd1ea24fbc2f0607872574fee322a9635fcb444939d100d382173b8a9bb4f0
086cfe73cc11df12e47f10d558660a959adcbaca1ba46c932a1af2b48d5c6d07
0902292cfb4cca347abda4ed02ef6738418370c954bc80e7f43ce4d948fbeaf2
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a1ee72441962e248a5af7e310083e3463bc2a5f515cca7d9ef88d24d73b9af8
0f809520f5e60b5c7d34c1bec3eac38b27f7c5e6c5622bb33f996437853b19cc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185046ed45e3d5a0a5b2a2230f02e7fc2996dbb7c0854ac5b4e70869da9863be
1c3ab03bf78509ac66a68d5ce65a948c70f03a3bef2d815655631c5e9e777960
1cc933a2cffa5971635779412d5ea0fcd6d3d7950271c6784c5e44c0a76c8beb
1ef86f7aa4173914e50b0230a8f6a1b23890f8266f1a2701ed85985b87d318b0
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a00b214c7d48a6c5c85ce377933ba88b893610bbf739e2853a66f16db4f19e6
3cdff6962b6f2100c8004186cc7a05391807f361c0bb1142e27cd87f0f1bc166
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
45b83f73cac7b8cb54c6d1244f731859cb68e95f9aec6ca50a9e231cd6d30c68
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5abca46a95c8e6acbfdca56af0c47590fe284a66b8de14c308199c40c57e9881
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
664609a62cdae9fa081c232bdf25cb136847488c7c84134982c99f3f4edcb99e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7c39e92f64292b166660818b969ea326e7f154e80aa9d0217b81188891604d7e
828aa95bdddba7d69e15b6d0c7b56e31cc6ec70f84d3497f8ff29cd21bfa4ab6
8448835e3df21d9484bebbf99f8dcc9876fb081cb296f40104109cd4f13184b5
8748e9ab61535e63c1fe67c381c01fd5967e0f35f3c1e9c3ddf3f5fb933f063b
8839219bab2d7ad9d107cc27029210b4b7a82ea45ceaecd46e4b7d4ebd2f7825
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb
9f0ffaec03631fe89c3f8891054f8a1342c66c3bc2461362e9cd5962ef8b40c2
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b0544f34dc517eb791e50ec51ea4f991fe553b31332afcc3c9c8c0b0cbbab6b0
b967d52be45de54acbaeb15fa9d4f6524aa3f7381da6b4f056aa34a6ee20935b
bc14236ba1ec738e5560c7f06f36e79a49b1775ba8ece2c41788bc359f0b7025
cb4f29577d6c338e7112291edaf1cd010feeb10dcddd20291a46c1d45ff39545
cf453d72100bfb884b3fef301389b289060a0fc89f94b01fef0ad2fb7c07246e
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d96ca5e87eaf77e19fd327905435712cb078b430a41219cebc8014f17c58067d
db16faa30420da6feaded1b701cec270e74830d85bbca5187b046faeb4ae80c3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfbf4966205b930564c9a24a46b6697b4aca54e9f3caaee16984041a8c05a57f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29
fd7c7dcb3ee2357d5700144a128d0d95a3fb0589cb605eabf4a31355096dfda3