noticias.r7.com Open in urlscan Pro
88.221.168.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lnkd.in/d4EBnBb4
Effective URL:
https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=
Submission: On October 27 via manual (October 27th 2022, 3:56:00 pm UTC) from US — Scanned from DE

Summary HTTP 164 Redirects Links 125 Behaviour Indicators

Summary

This website contacted 45 IPs in 8 countries across 36 domains to perform 164 HTTP transactions. The main IP is 88.221.168.50, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is noticias.r7.com. The Cisco Umbrella rank of the primary domain is 379019.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 2nd 2022. Valid for: a year.

This is the only time noticias.r7.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	88.221.168.50 88.221.168.50	16625 (AKAMAI-AS) (AKAMAI-AS)
22	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
6	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700:e6:... 2606:4700:e6::ac40:c620	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2014	15169 (GOOGLE) (GOOGLE)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3035::6815:193e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
3 7	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5 13	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
12	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
1 1	2600:9000:224... 2600:9000:224a:6a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2 3	52.46.143.56 52.46.143.56	() ()
2 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:ca6f:e9b9:9a27:46cf	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.122.74 52.95.122.74	16509 (AMAZON-02) (AMAZON-02)
164	45

2 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lnkd.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.221.168.50 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-50.deploy.static.akamaitechnologies.com

noticias.r7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.r7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.r7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c63f9271d165e2f1430fc1e288fcc915.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d-1225005938571827334.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3p.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e6::ac40:c620 (United States)

ASN13335 (CLOUDFLARENET, US)

audio8.audima.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
audima.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r7-dp6.rj.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

c3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:193e (United States)

ASN13335 (CLOUDFLARENET, US)

publyads.jstag.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

pkioshima-recordtv.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.173.62 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.18.2 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:6a00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.252 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.143.56 (None, ) 2 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:ca6f:e9b9:9a27:46cf (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.122.74 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com 1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com c63f9271d165e2f1430fc1e288fcc915.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147 ade.googlesyndication.com	183 KB
35	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	553 KB
16	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 363	238 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	305 KB
11	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 492 eus.rubiconproject.com — Cisco Umbrella Rank: 596 pixel.rubiconproject.com — Cisco Umbrella Rank: 347 token.rubiconproject.com — Cisco Umbrella Rank: 682	14 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 763 gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786	9 KB
8	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 232 acdn.adnxs.com — Cisco Umbrella Rank: 618	23 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205	4 KB
6	audima.co audio8.audima.co — Cisco Umbrella Rank: 806784 audima.co — Cisco Umbrella Rank: 121970	23 KB
6	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 156	5 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542	4 KB
4	r7.com noticias.r7.com — Cisco Umbrella Rank: 379019 assets.r7.com — Cisco Umbrella Rank: 497897 img.r7.com — Cisco Umbrella Rank: 431510	88 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 777	823 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	140 KB
3	taboola.com c3.taboola.com — Cisco Umbrella Rank: 33671 cdn.taboola.com — Cisco Umbrella Rank: 865 trc.taboola.com — Cisco Umbrella Rank: 697	11 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6045 adservice.google.de — Cisco Umbrella Rank: 8724	1 KB
3	ampproject.net d-1225005938571827334.ampproject.net 3p.ampproject.net — Cisco Umbrella Rank: 5982	18 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 680	58 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 627	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 ajax.googleapis.com — Cisco Umbrella Rank: 306	7 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	85 KB
2	gstatic.com fonts.gstatic.com	88 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426	596 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	265 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 375	651 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 717	442 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 40043	611 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 602	191 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 729	463 B
1	github.io pkioshima-recordtv.github.io — Cisco Umbrella Rank: 546079
1	jstag.space publyads.jstag.space — Cisco Umbrella Rank: 435465	70 KB
1	appspot.com r7-dp6.rj.r.appspot.com	187 B
1	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 32	498 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1269	130 KB
1	lnkd.in 1 redirects lnkd.in — Cisco Umbrella Rank: 49093	318 B
164	36

	Domain	Requested by
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
17	securepubads.g.doubleclick.net	cdn.ampproject.org audio8.audima.co 1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
16	cdn.ampproject.org	noticias.r7.com cdn.ampproject.org
13	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
12	s0.2mdn.net	noticias.r7.com s0.2mdn.net
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com s0.2mdn.net
7	ib.adnxs.com	3 redirects publyads.jstag.space googleads.g.doubleclick.net acdn.adnxs.com
6	sb.scorecardresearch.com	noticias.r7.com 1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	audio8.audima.co	cdn.ampproject.org audio8.audima.co
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	2 redirects
4	gum.criteo.com	2 redirects static.criteo.net
4	www.google.com	1 redirects tpc.googlesyndication.com 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	s.amazon-adsystem.com	2 redirects
3	mug.criteo.com
3	onetag-sys.com	2 redirects 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
3	www.googletagservices.com	1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
3	1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com	cdn.ampproject.org
3	adservice.google.com	cdn.ampproject.org securepubads.g.doubleclick.net
2	eus.rubiconproject.com	publyads.jstag.space eus.rubiconproject.com
2	static.criteo.net	publyads.jstag.space static.criteo.net
2	googleads4.g.doubleclick.net	noticias.r7.com
2	c1.adform.net	2 redirects
2	googleads.g.doubleclick.net	6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com noticias.r7.com
2	6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	audio8.audima.co cdnjs.cloudflare.com
2	3p.ampproject.net	cdn.ampproject.org
2	img.r7.com	noticias.r7.com
2	fonts.gstatic.com	noticias.r7.com fonts.googleapis.com
1	ade.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org
1	px.ads.linkedin.com
1	acdn.adnxs.com	publyads.jstag.space
1	ajax.googleapis.com	s0.2mdn.net
1	s.ad.smaato.net	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	pixel-sync.sitescout.com	6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
1	cms.quantserve.com	6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
1	c63f9271d165e2f1430fc1e288fcc915.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bidder.criteo.com	publyads.jstag.space
1	fastlane.rubiconproject.com	publyads.jstag.space
1	trc.taboola.com	cdn.taboola.com
1	cdn.taboola.com	c3.taboola.com
1	pkioshima-recordtv.github.io	1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
1	publyads.jstag.space	audio8.audima.co
1	audima.co	audio8.audima.co
1	c3.taboola.com	cdn.ampproject.org
1	r7-dp6.rj.r.appspot.com	cdn.ampproject.org
1	www.google.de
1	stats.g.doubleclick.net	1 redirects
1	www.google-analytics.com	1 redirects
1	fonts.googleapis.com	audio8.audima.co
1	a.teads.tv	cdn.ampproject.org
1	d-1225005938571827334.ampproject.net	cdn.ampproject.org
1	assets.r7.com	noticias.r7.com
1	noticias.r7.com
1	lnkd.in	1 redirects
164	61

This site contains links to these domains. Also see Links.

Domain
www.r7.com
recordtv.r7.com
www.youtube.com
www.playplus.com
afazenda.r7.com
esportes.r7.com
monitor7.r7.com
sociedadeonline.com
www.recordtvamericas.com
recordtvjapan.com
brasilcaminhoneiro.com.br
aclr.r7.com
prisma.r7.com
entretenimento.r7.com
lifestyle.r7.com
rpet.r7.com
www.estrelando.com.br
www.vagalume.com.br
renda-extra.r7.com
entrevista.r7.com
estudio.r7.com
podcasts.r7.com
receitas.r7.com
trilhassonoras.r7.com
videos.r7.com
virtz.r7.com
www.mundorecord.com.br
recordtv.gupy.io
comercial.recordtv.com.br
www.bancodigimais.com.br
www.erecord.com.br
www.redefamilia.com.br
www.ressoar.org.br
recordtvamericas.com
www.universal.org
www.univervideo.com
redealeluia.com.br
news.google.com
m.facebook.com
twitter.com
www.linkedin.com
busca.r7.com

Subject Issuer	Validity	Valid
*.r7.com DigiCert SHA2 Secure Server CA	`2022-01-02` - `2023-01-03`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-13` - `2023-07-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=
Frame ID: 303B2BEFB6647254D3856EAC919C4C19
Requests: 38 HTTP requests in this frame

Frame: https://audio8.audima.co/amp-iframe.html
Frame ID: EEBA0006B052A14DD6006F75DA11BFBB
Requests: 8 HTTP requests in this frame

Frame: https://audio8.audima.co/iframe-banner-r7.html
Frame ID: 3E9F959F7E3938D4AAB9961CBC19A1A4
Requests: 2 HTTP requests in this frame

Frame: https://c3.taboola.com/amp/amp-analytics-taboola.html?url=http%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022&aid=r7-r7com&cnsntstr=&cnsntst=-1
Frame ID: 33A5B3A5E23604815A8A56B790485639
Requests: 3 HTTP requests in this frame

Frame: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0
Frame ID: F53D992DD0A171E3B8ED07D7AB0A7FFF
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B660AD647E3319799BF218B09217EA45
Requests: 15 HTTP requests in this frame

Frame: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0
Frame ID: F5FAE423C9231D58AA1D4D9053C254B8
Requests: 16 HTTP requests in this frame

Frame: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 0E6D5CE9F5545484F97C0550F6114F27
Requests: 1 HTTP requests in this frame

Frame: https://c63f9271d165e2f1430fc1e288fcc915.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 78BDD744B4780643B0830AF11ED43DDD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6B3C2A99BE9BD6E8D0DD39913F6CE8D0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FEA39E898BAE4B3B28A935A82B346253
Requests: 2 HTTP requests in this frame

Frame: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: F0D8DAA2AF77E9E76063317F4EF086CD
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYouf4xgEwAQ&v=APEucNVZ9t56iAY_aSM2JKRI_PvJE3hAQI4wvVGb4m6GXZsPkgS2hf0dbpkKI4bVogtvW2B9gk1Ui-biAUeAeOG2JEg_jCE23vPj4AriwYgz3OicS8jW9MzhXramskNSbfKdr-TtqnWzCeJ2pwVvybyrCRmAEm0cKkRnCeV5PpFNVNwqU3-OZL8
Frame ID: 3AF3107D7B6E0C6C1821A360BBC374B8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 38D31A2A34C4936E86AD4166D3100A0B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2C2E5882B30A42462DF78122C9FF6612
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11952265205864672055/index.html?e=69&leftOffset=0&topOffset=0&c=6WhksLAajy&t=1&renderingType=2&ev=01_247
Frame ID: 9E58587339CF17169E9B0BD1724183AA
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B59D69B07EAA5D5AC01465AF5B3D5834
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B71A98B4BAC330EC237B1D8B3FC35BB1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 8767037004F44341946CB26E60173EEC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=noticias.r7.com
Frame ID: 1BE8A54AFF4DEBDC435CFE70A7960CD9
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8179F0A5CF1BF02BEFD3EA753BDA9A4B
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5A6BF2C10FACA2D1CAE31F30E5B3FC64
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bolsonaro tem 51,2% dos votos válidos, diz pesquisa - Notícias - R7 Eleições 2022

Page URL History Show full URLs

https://lnkd.in/d4EBnBb4 HTTP 301
https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp= Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Lightbox (JavaScript Libraries) Expand

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

164
Requests

88 %
HTTPS

59 %
IPv6

36
Domains

61
Subdomains

45
IPs

8
Countries

2049 kB
Transfer

5531 kB
Size

25
Cookies

125 Outgoing links

These are links going to different origins than the main page.

URL: https://www.r7.com/
Title: R7.com

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/reis
Title: Home

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/reis/entrevistas
Title: Entrevistas

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/reis/fotos
Title: Fotos

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/reis/novidades
Title: Novidades

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/reis/quizzes
Title: Quizzes

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/reis/videos
Title: Vídeos

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/ForadeS%C3%A9riepodcast/featured
Title: Podcast Fora de Série

Search URL Search Domain Scan URL

URL: https://www.playplus.com/detalhes/276310
Title: Assista na Íntegra

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14
Title: Home

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14/novidades/fotos/conheca-os-peoes-de-a-fazenda-14-13092022#/foto/1
Title: Peões

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14/novidades
Title: Novidades

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14/fotos
Title: Fotos

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14/na-tv
Title: Passou na TV

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14/24-horas
Title: 24 Horas

Search URL Search Domain Scan URL

URL: https://www.playplus.com/detalhes/281163
Title: Assista Na Íntegra

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14/votacao
Title: Votação

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14/conteudo-exclusivo/celeiro-da-justica
Title: Celeiro da Justiça

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14/conteudo-exclusivo/galistour
Title: GalisTour

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14/conteudo-exclusivo/live-do-eliminado
Title: Live do Eliminado

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14/conteudo-exclusivo/podcast-a-fazenda
Title: Podcast

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14/conteudo-exclusivo/questionario-ao-peao
Title: Questionário ao Peão

Search URL Search Domain Scan URL

URL: https://afazenda.r7.com/a-fazenda-14/momento-aurora
Title: Momento Aurora

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/automobilismo
Title: Automobilismo

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/futebol/campeonato-carioca
Title: Cariocão 2022

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/futebol/copa-do-mundo
Title: Copa do Mundo

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/e-sports
Title: e-Sports

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/fora-de-jogo
Title: Fora de Jogo

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/futebol
Title: Futebol

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/lance
Title: Lance

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/mais-esportes
Title: Mais Esportes

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/olimpiadas
Title: Olimpíadas

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/futebol/campeonato-paulista
Title: Paulistão 2022

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/domingo-espetacular/cobertura-especial-crise-e-pobreza-na-venezuela
Title: Crise e Pobreza na Venezuela

Search URL Search Domain Scan URL

URL: https://monitor7.r7.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/
Title: HOME RECORD TV

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/programacao
Title: Programação

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/recordtv-emissoras
Title: Emissoras

Search URL Search Domain Scan URL

URL: https://sociedadeonline.com/
Title: Rádio Sociedade

Search URL Search Domain Scan URL

URL: https://www.recordtvamericas.com/
Title: Record TV Américas

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/record-europa
Title: Record TV Europa

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/recordtv-interior-sp
Title: Record TV Interior SP

Search URL Search Domain Scan URL

URL: https://recordtvjapan.com/
Title: Record TV Japão

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/record-tv-litoral-e-vale
Title: Record TV Litoral e Vale

Search URL Search Domain Scan URL

URL: http://recordtv.r7.com/tv-digital/
Title: TV Digital

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/videos
Title: Vídeos

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/balanco-geral
Title: Balanço Geral

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/balanco-geral-manha
Title: Balanço Geral Manhã

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/camera-record
Title: Câmera Record

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/cidade-alerta
Title: Cidade Alerta

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/domingo-espetacular
Title: Domingo Espetacular

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/fala-brasil
Title: Fala Brasil

Search URL Search Domain Scan URL

URL: http://brasilcaminhoneiro.com.br/
Title: Brasil Caminhoneiro

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/hoje-em-dia
Title: Hoje em Dia

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/hora-do-faro
Title: Hora do Faro

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/love-school-escola-amor
Title: The Love School - Escola do Amor

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/amor-sem-igual
Title: Amor Sem Igual

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/chamas-da-vida
Title: Chamas da Vida

Search URL Search Domain Scan URL

URL: https://recordtv.r7.com/os-dez-mandamentos
Title: Os Dez Mandamentos

Search URL Search Domain Scan URL

URL: https://aclr.r7.com/
Title: ACLR

Search URL Search Domain Scan URL

URL: https://prisma.r7.com/todos-os-blogs
Title: Home

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/prisma/flavio-ricco
Title: Flavio Ricco

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/prisma/keila-jimenez
Title: Keila Jimenez

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/prisma/ligia-braslauskas-literatura
Title: Literatura

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/prisma/melhor-nao-ler
Title: Melhor não ler

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/prisma/toque-toque
Title: Toque Toque

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/prisma/odair-braz-jr
Title: Odair Braz Jr

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/prisma/cosme-rimoli
Title: Cosme Rimoli

Search URL Search Domain Scan URL

URL: https://esportes.r7.com/prisma/r7-so-esportes
Title: R7 só esportes

Search URL Search Domain Scan URL

URL: https://lifestyle.r7.com/prisma/como-ser-saudavel
Title: Como ser saudável

Search URL Search Domain Scan URL

URL: https://lifestyle.r7.com/prisma/e-de-comer
Title: É de comer

Search URL Search Domain Scan URL

URL: https://rpet.r7.com/prisma/entre-pets-e-beijos
Title: Entre Pets e Beijos

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/cinema-e-series
Title: Cinema e Séries

Search URL Search Domain Scan URL

URL: https://www.estrelando.com.br/
Title: Estrelando

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/famosos-e-tv
Title: Famosos e TV

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/games
Title: Games

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/musica
Title: Música

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/o-programa-de-todos-os-programas
Title: O Programa de Todos os Programas

Search URL Search Domain Scan URL

URL: https://www.vagalume.com.br/
Title: Vagalume

Search URL Search Domain Scan URL

URL: https://entretenimento.r7.com/viagens
Title: Viagens

Search URL Search Domain Scan URL

URL: https://lifestyle.r7.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://lifestyle.r7.com/beleza
Title: Beleza

Search URL Search Domain Scan URL

URL: https://lifestyle.r7.com/bem-estar
Title: Bem-Estar

Search URL Search Domain Scan URL

URL: https://lifestyle.r7.com/casa-e-decoracao
Title: Casa e Decoração

Search URL Search Domain Scan URL

URL: https://lifestyle.r7.com/dietas
Title: Dietas

Search URL Search Domain Scan URL

URL: https://lifestyle.r7.com/filhos
Title: Filhos

Search URL Search Domain Scan URL

URL: https://lifestyle.r7.com/moda
Title: Moda

Search URL Search Domain Scan URL

URL: https://www.playplus.com/
Title: PLAYPLUS

Search URL Search Domain Scan URL

URL: https://renda-extra.r7.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://renda-extra.r7.com/minha-historia
Title: Minha História

Search URL Search Domain Scan URL

URL: https://renda-extra.r7.com/seu-bolso
Title: Seu Bolso

Search URL Search Domain Scan URL

URL: https://renda-extra.r7.com/profissionalize-se
Title: Profissionalize-se

Search URL Search Domain Scan URL

URL: https://www.r7.com/apps
Title: R7 APPs

Search URL Search Domain Scan URL

URL: https://www.r7.com/cupons
Title: R7 CUPONS

Search URL Search Domain Scan URL

URL: https://entrevista.r7.com/
Title: R7 ENTREVISTA

Search URL Search Domain Scan URL

URL: https://estudio.r7.com/
Title: R7 ESTÚDIO

Search URL Search Domain Scan URL

URL: https://rpet.r7.com/
Title: RPET

Search URL Search Domain Scan URL

URL: https://podcasts.r7.com/
Title: R7 PODCASTS

Search URL Search Domain Scan URL

URL: https://receitas.r7.com/
Title: R7 RECEITAS

Search URL Search Domain Scan URL

URL: https://trilhassonoras.r7.com/
Title: R7 TRILHAS SONORAS

Search URL Search Domain Scan URL

URL: https://videos.r7.com/
Title: R7 VÍDEOS

Search URL Search Domain Scan URL

URL: https://virtz.r7.com/
Title: VIRTZ

Search URL Search Domain Scan URL

URL: https://www.mundorecord.com.br/
Title: MUNDO RECORD

Search URL Search Domain Scan URL

URL: https://recordtv.gupy.io/
Title: CARREIRA

Search URL Search Domain Scan URL

URL: http://recordtv.r7.com/cite/
Title: CITE (FALE CONOSCO)

Search URL Search Domain Scan URL

URL: http://comercial.recordtv.com.br/
Title: COMERCIAL

Search URL Search Domain Scan URL

URL: https://www.bancodigimais.com.br/
Title: BANCO DIGI+

Search URL Search Domain Scan URL

URL: https://www.erecord.com.br/
Title: RECORD ENTRETENIMENTO

Search URL Search Domain Scan URL

URL: https://www.redefamilia.com.br/
Title: REDE FAMÍLIA

Search URL Search Domain Scan URL

URL: https://www.ressoar.org.br/
Title: INSTITUTO RESSOAR

Search URL Search Domain Scan URL

URL: https://recordtvamericas.com/
Title: AMÉRICAS

Search URL Search Domain Scan URL

URL: https://www.universal.org/
Title: UNIVERSAL.ORG

Search URL Search Domain Scan URL

URL: https://www.univervideo.com/
Title: UNIVER

Search URL Search Domain Scan URL

URL: https://redealeluia.com.br/
Title: REDE ALELUIA

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKqrkQswvPqlAw?ceid=BR:pt-419&oc=3&hl=pt-BR&gl=BR

Search URL Search Domain Scan URL

URL: http://m.facebook.com/sharer.php?u=http://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022&t=

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=&url=http://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022&via=portalr7

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=http://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022

Search URL Search Domain Scan URL

URL: https://busca.r7.com/?q=pesquisa
Title: pesquisa

Search URL Search Domain Scan URL

URL: https://busca.r7.com/?q=elei%C3%A7%C3%B5es
Title: eleições

Search URL Search Domain Scan URL

URL: https://busca.r7.com/?q=lula
Title: lula

Search URL Search Domain Scan URL

URL: https://busca.r7.com/?q=bolsonaro
Title: bolsonaro

Search URL Search Domain Scan URL

URL: https://busca.r7.com/?q=brasil
Title: brasil

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lnkd.in/d4EBnBb4 HTTP 301
https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Bolsonaro%20tem%C2%A051%2C2%25%20dos%20votos%20v%C3%A1lidos%2C%20diz%20pesquisa%C2%A0%20-%20Not%C3%ADcias%20-%20R7%20Elei%C3%A7%C3%B5es%202022&sr=1600x1200&_utmht=1666886155041&cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&tid=UA-10631407-5&dl=https%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022%3Famp%3D&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.7053608666971132&_r=1&a=3065&z=0.1927607250572656&dp=%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022%3Famp%3D&cd1=http%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022&cd2=&cd3=Bolsonaro%20tem%C2%A051%2C2%25%20dos%20votos%20v%C3%A1lidos%2C%20diz%20pesquisa%C2%A0%20-%20Not%C3%ADcias%20-%20R7%20Elei%C3%A7%C3%B5es%202022&cd7=artigo&cd8=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&cd14=noticias&cd15=eleicoes-2022&cd16=R7&cd21=16%2F10%2F2022&cd22=16%3A21&cd20=11&cd27=amp HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10631407-5&cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&jid=0.7053608666971132&_v=a1&z=0.1927607250572656 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10631407-5&cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&jid=0.7053608666971132&_v=a1&z=0.1927607250572656 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10631407-5&cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&jid=0.7053608666971132&_v=a1&z=0.1927607250572656&slf_rd=1&random=1003222444

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoAmY_AM8IzRF82RzFV1FU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoAmY_AM8IzRF82RzFV1FU&google_cver=1&C=1

Request Chain 97

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1qqDDaq-7Ldp2rRA5qWIAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoAmY_AM8IzRF82RzFV1FU&google_cver=1

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDAL1zOSdXhQWKvBUwaTIjw&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDAL1zOSdXhQWKvBUwaTIjw%26google_cver%3D1

Request Chain 99

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc2NjcxMTkyMjk3MjgxNjU4OA%3D%3D

Request Chain 109

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELDRLl9AqI0p_Z9cTBLBXr0&google_cver=1&google_push=AZmPxg8X2INPceh4VDfE_Hp5c4Ae59ZPDUSUWRS7lrKS7mfsIgslAUSeZqzyCLzx7jcBwiNn51DiaPYIIxZG-OH5qPiFRwxFitMY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8X2INPceh4VDfE_Hp5c4Ae59ZPDUSUWRS7lrKS7mfsIgslAUSeZqzyCLzx7jcBwiNn51DiaPYIIxZG-OH5qPiFRwxFitMY&google_hm=Wj7CJSdvQDqZ5AeNUMcRb0U

Request Chain 110

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKlDp_k8zuDF6C-QJT6EJUE&google_cver=1&google_push=AZmPxg-f7AndXy0DhcUqQj2ZeRTj1EtG8j6rtLsp0-b9w26aQYz8xi1TN1NxNa41GNQU87Ab-mOPR4vOpXcduRQgxFiVfkgZaxm4 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKlDp_k8zuDF6C-QJT6EJUE&google_cver=1&google_push=AZmPxg-f7AndXy0DhcUqQj2ZeRTj1EtG8j6rtLsp0-b9w26aQYz8xi1TN1NxNa41GNQU87Ab-mOPR4vOpXcduRQgxFiVfkgZaxm4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc4Mjk3OTQzNDA3OTQ1MjY0Nw&google_push=AZmPxg-f7AndXy0DhcUqQj2ZeRTj1EtG8j6rtLsp0-b9w26aQYz8xi1TN1NxNa41GNQU87Ab-mOPR4vOpXcduRQgxFiVfkgZaxm4

Request Chain 111

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENxAG0wp3kan1p53bdaP198&google_cver=1&google_push=AZmPxg_HJG66vP2Q7-rmjnaWLBUHr0pXL-kPFxwxCkcvof-Eij7icK6ST9j-gpqz8D5r69ekN4vOPR_iX1-0SHJchHRV140__Yy_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_HJG66vP2Q7-rmjnaWLBUHr0pXL-kPFxwxCkcvof-Eij7icK6ST9j-gpqz8D5r69ekN4vOPR_iX1-0SHJchHRV140__Yy_

Request Chain 112

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFDVzG7T7FD2ELjn7gp0gLo&google_cver=1&google_push=AZmPxg-6vNGGL_gm5Ltwg_nevQGRaAJjwN3s8fMa5-Lzs6n5fojE2aMgGcvW_-KoChUyOgR2KX16DQEKAxEdTH2tFTAScGQYLjEd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-6vNGGL_gm5Ltwg_nevQGRaAJjwN3s8fMa5-Lzs6n5fojE2aMgGcvW_-KoChUyOgR2KX16DQEKAxEdTH2tFTAScGQYLjEd

Request Chain 113

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFDVzG7T7FD2ELjn7gp0gLo&google_cver=1&google_push=AZmPxg_e9miIUyEKUt_ek7RmNsJECrT60la-IbhYAGbIEFF0PSFk3drWKgQBRMTNGetmo-WufXIz76mCuDp1i1Ou1yvIfWMF651bKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_e9miIUyEKUt_ek7RmNsJECrT60la-IbhYAGbIEFF0PSFk3drWKgQBRMTNGetmo-WufXIz76mCuDp1i1Ou1yvIfWMF651bKQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 149

https://gum.criteo.com/sid/json?origin=publishertag&domain=audio8.audima.co&sn=ChromeSyncframe&so=0&topUrl=noticias.r7.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=DQ4oa3xibjJzZ0llSVZJeENZSEE2YlJNczFFNDUwa0d1cC8ySXNnQVNaZ1VTZ3VwSzRhVjdySEVSa1pGTUdybER2aFdUV1M3MVY1ZUtMRUpuQ0p1Umhib2lVOEdxSjBORytHQUM4M1N5Z0VwaEZ2dEVuLzBkalhmMVpGUFBPdGdaTytFOVBTRktCeGs5bTJJVTlLenNQdk13T3hlRDY4cSt2Mm9wdXpQYUhVSTNJYmpKNTR1WktzZytrVE5xUEVyY1RpSitWWE1rcTBNdFpOOVFtcDltcm4xL1lQVVYyeTYyeTBIaHREcXUwQ1hka1dwNUd4NmtZa3RjZjhOV3krSEs2U2k2YkZIM2VZZ2hvTzBIbFRHRGxxaURidE1xYVBrc3BSaXZlR1JlVHRRQ05sVT18&cppv=2

Request Chain 150

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnoticias.r7.com%2F&domain=audio8.audima.co&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=eRa99nw3VkpMMk1PLzdKTTZiRC9NUGx4cWdSMUJ2NDcrSFpybjkzS1NZL2xTVVpZM1Qya2hFNmgzNmIvSk9LaVR5b2s4cWFUUXlLam1SZGtMMWo5RVFadkh6VG5MSWl5dENnNlRNSVF3Q21FUThaWGRqb200b1NLRmFNTzVTWTQ1OHdoY2NlQzhITmwyV0dtWmVmZHJ5dittdVdPajBPaEY4Y0ExNjNPMXlXbmFmY2VvTE1VSERRYXg3WG1WS25GZjk4TElPOTNid2M3dUhVZnBpQ3RJeGVaZ2ZsM2xEMkQvRDJQRDYySyttY3RDWDJGQXJVVTBhcERTS1dzK0k4TVdxenBzMk1QUjZkTm9hbldkKzV0VTdlc2N5QXpLaXdLTk1GMWd3Y1ZOT2YzUHMrND18&cppv=2

Request Chain 156

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dpgy4JIBR1WXaiR_aWgDzA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dpgy4JIBR1WXaiR_aWgDzA

Request Chain 157

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9R8Z973-22-A648

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDJGWeLkV2iId7iaTfuv4Jg&google_cver=1

Request Chain 160

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/l6ohZwlPI4u8B8rdrFQMDMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8129461901590456320

Request Chain 161

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=l7RXhpG-Tn-_EvMkTrzU8g&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=l7RXhpG-Tn-_EvMkTrzU8g

Request Chain 162

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjIwMDViZTViZWQ4M2U4ZjM0NzcwYmQ3OWExOGFiOTBkNGIwOWU3YQ

Request Chain 163

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSOFo5NzMtMjItQTY0OA==

164 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022 Show response
noticias.r7.com/eleicoes-2022/
Redirect Chain

https://lnkd.in/d4EBnBb4
https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

141 KB
26 KB

3810ms
3702ms

Document
text/html

88.221.168.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 88.221.168.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-50.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7e5cb8f6d99d577dcd70dc2f1fee6fa847a16b5f36c5d20cb9dd55e2de2e75b8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: !no-store, must-revalidate, max-age=60
content-encoding: gzip
content-length: 26191
content-type: text/html; charset=utf-8
date: Thu, 27 Oct 2022 15:55:54 GMT
etag: "acd12616430dba01fb8f1db40b3cbabc"
vary: Accept-Encoding
x-ua-compatible: IE=Edge,chrome=1

Redirect headers

content-length: 0
date: Thu, 27 Oct 2022 15:55:49 GMT
location: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=
server: Apache-Coyote/1.1
vary: Accept-Encoding
x-cache: TCP_MISS
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
x-li-uuid: AAXsBizdrsLG4aPs2cWwHg==
x-msedge-ref: Ref A: 94C03995E23E42DAAB8106CD581D6D8E Ref B: FRAEDGE1214 Ref C: 2022-10-27T15:55:49Z

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 276 KB
71 KB 117ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad2d94bc9242f8bc340a18b57e4515ba7726222cccff509b140254060744915e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 15:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72656
x-xss-protection: 0
server: sffe
etag: "bbbc87a61b096581"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 15:55:54 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 81 KB
23 KB 170ms
99ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9b53e109c7232f3045fe2df204525df9a166743f8fc0b9285bca0c227168413

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 15:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23048
x-xss-protection: 0
server: sffe
etag: "bccc869aadbc1eb4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 15:55:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 109 KB
31 KB 77ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2164a3211cc8cb0f494c8925129fdc89f1acdc7fd35419de169c3415801c499

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 15:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31972
x-xss-protection: 0
server: sffe
etag: "750ba38df7e54722"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 15:55:54 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 185ms
135ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd247b5b6412f4a83d6be7f1addf05635b26635e6a6ffb3db69b95fe940c4917

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 15:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10256
x-xss-protection: 0
server: sffe
etag: "23f464919529ac52"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 15:55:54 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 92ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4309265903052524638da5af6d5447080aa47a72e9591a63f02c407f2b6c0be

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 15:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9660
x-xss-protection: 0
server: sffe
etag: "0306c954ffbc2f1e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 15:55:54 GMT

GET
H2 200 amp-accordion-0.1.js Show response
cdn.ampproject.org/v0/ 17 KB
7 KB 74ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.js

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

928a02d4975285b6175eeb4aaa3dc4a141bb0dea4886de5a5ae5d6b286f0cc43

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 15:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5871
x-xss-protection: 0
server: sffe
etag: "cc3dd8035c25f017"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 15:55:54 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
9 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d15e9f643566a563cb466e4e01f2ac349c5c1619d7cd26ed70f45e6b5cfdab0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 15:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8939
x-xss-protection: 0
server: sffe
etag: "028901d5cdac014e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 15:55:54 GMT

GET
H2 200 amp-fx-flying-carpet-0.1.js Show response
cdn.ampproject.org/v0/ 7 KB
3 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-fx-flying-carpet-0.1.js

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400a40463fe43a3a619a314e6fe85d9033af590c7011adf41887530e9680f519

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 15:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2536
x-xss-protection: 0
server: sffe
etag: "11aea0aa504f9fe3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 15:55:54 GMT

GET
H2 200 amp-mega-menu-0.1.js Show response
cdn.ampproject.org/v0/ 11 KB
4 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mega-menu-0.1.js

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e99d38d859962273792f13f1506761d92eb652775ca256af34ff6a64eacd3bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 15:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3595
x-xss-protection: 0
server: sffe
etag: "21fcdf43518f8413"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 15:55:54 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 76ms
23ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.r7.com/
Origin: https://noticias.r7.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 23:32:45 GMT
x-content-type-options: nosniff
age: 231789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 23:32:45 GMT

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 066103c0c05ccda0cbd344d96ccdfd3dc24b9ae570ed257618eae925f663504f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 logo-r7-mobile-f6bb71007ae5ee824b02b59613a1dab4.svg
assets.r7.com/assets/vertical/ 806 B
701 B 57ms
18ms Image
image/svg+xml 88.221.168.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.r7.com/assets/vertical/logo-r7-mobile-f6bb71007ae5ee824b02b59613a1dab4.svg
Requested by: Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 88.221.168.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-50.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 282d748e297291ae1c2d1d3109a02ce829f917e34f29dedbd9d74ecc3333445c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:54 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 15:40:28 GMT
etag: "61e9826c-326"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: !no-store, must-revalidate, max-age=31536000
accept-ranges: bytes
content-length: 495
expires: Wed, 23 Feb 2022 06:44:23 GMT

GET
H2 200 eleicoes-2022-03082022110324425
img.r7.com/images/ 7 KB
8 KB 60ms
18ms Image
image/jpeg 88.221.168.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.r7.com/images/eleicoes-2022-03082022110324425?dimensions=300x50&no_crop=true

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

88.221.168.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-50.deploy.static.akamaitechnologies.com

Software

Resource Hash

11f4e1c70ee07415781060cf1340d79ca49e73218eb6809d3f6f86693f761378

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:54 GMT
x-content-type-options: nosniff
x-content-digest: bcb58215cce91a565df6cb19cdad322373ea0f1b
x-original-content-length: 20958
etag: "PSA-aj-fStuOxIF5X"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: !no-store, must-revalidate, max-age=31536000
content-disposition: filename="eleicoes-2022-03082022110324425.jpeg"
accept-ranges: bytes
content-length: 7403
expires: Wed, 24 Aug 2022 14:03:58 GMT

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e70d28028676f2056c2f5932997ab44e60b1dd9c63e09f043ad56230f380cca0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lula-pt-e-jair-bolsonaro-pl-que-disputam-o-2-turno-da-eleicao-presidencial-06102022154343057
img.r7.com/images/ 54 KB
54 KB 62ms
20ms Image
image/jpeg 88.221.168.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.r7.com/images/lula-pt-e-jair-bolsonaro-pl-que-disputam-o-2-turno-da-eleicao-presidencial-06102022154343057?dimensions=771x420&

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

88.221.168.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-50.deploy.static.akamaitechnologies.com

Software

Resource Hash

4ce4c133af7a3640330955596956b91da16c0395c22ab5a2afb79d8cb2d31557

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:54 GMT
x-content-type-options: nosniff
x-content-digest: f7a0ac5f11d7aadce8844a8be17b6af95b5a8b28
x-original-content-length: 56791
etag: "PSA-aj-E2BJGKEltV"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: !no-store, must-revalidate, max-age=31536000
content-disposition: filename="lula-pt-e-jair-bolsonaro-pl-que-disputam-o-2-turno-da-eleicao-presidencial-06102022154343057.jpeg"
accept-ranges: bytes
content-length: 55053
expires: Fri, 28 Oct 2022 09:25:05 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012210172057000/v0/ 8 KB
3 KB 49ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210172057000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eca37871db74e9bfe2f151b95a17fe2d97f240c7db8300c9e2ad200772d383cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.r7.com/
Origin: https://noticias.r7.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Oct 2022 23:01:28 GMT
age: 60866
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2993
x-xss-protection: 0
server: sffe
etag: "41b57bdb55ba6b86"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Oct 2023 23:01:28 GMT

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
264 B 56ms
16ms Image
image/gif 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=14194541&cv=2.0&cj=1
Requested by: Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:54 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 43
x-amz-cf-id: 0tS4CGZ6Bh2b0X_ahUHQNuOS1nQufl3xNtkF-JGIToDNZFpEXby23A==
x-cache: Miss from cloudfront
content-type: image/gif

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012210172057000/v0/ 12 KB
4 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210172057000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1015b52f3adc6a317d7cb0d123b45eb32ef3cc33289e122d7b31fd04dcaa1398

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.r7.com/
Origin: https://noticias.r7.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Oct 2022 23:01:28 GMT
age: 60866
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3838
x-xss-protection: 0
server: sffe
etag: "b3bcb79edd33208c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Oct 2023 23:01:28 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012210172057000/v0/ 239 KB
63 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210172057000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c4cfb70c60a7a209643da25dfeb58918ba537b3c830d4b942e29ce78c9199bd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.r7.com/
Origin: https://noticias.r7.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Oct 2022 23:01:28 GMT
age: 60866
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64356
x-xss-protection: 0
server: sffe
etag: "00ea9c4fcf3f35ad"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Oct 2023 23:01:28 GMT

GET
H2 200 frame.html
d-1225005938571827334.ampproject.net/2210172057000/ 0
0 96ms
23ms Other
text/html 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-1225005938571827334.ampproject.net/2210172057000/frame.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 teads.js
3p.ampproject.net/2210172057000/vendor/ 27 KB
9 KB 139ms
16ms Other
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3p.ampproject.net/2210172057000/vendor/teads.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ca8f3308359cce49ec0669121162fa66b54a51e518b88996324314e1e656735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:04:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8938
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 08:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Oct 2023 23:04:43 GMT

GET
H2 200 teads-format.min.js
a.teads.tv/media/format/v3/ 594 KB
130 KB 127ms
30ms Other
text/javascript 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 574e606dd328ee0151b17115729313e90da8ef190d298d1ec736c6c4b731b99c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:54 GMT
content-encoding: br
last-modified: Thu, 27 Oct 2022 12:38:23 GMT
x-amz-request-id: 40ZMVTQ60K7Q473C
etag: "c75121a8b67a315a397ba8331ff16a20"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: d
accept-ranges: bytes
content-length: 132722
x-amz-id-2: 5xzJQKuYiPUy2HBOt31kIB/hrrpROz8uNJ8Pq9+0zoJQLKeh/C3XAir4rDbMAv9XOeJRmUN3h9Y=
expires: Thu, 27 Oct 2022 16:25:54 GMT

GET
H2 200 taboola.js
3p.ampproject.net/2210172057000/vendor/ 27 KB
9 KB 141ms
18ms Other
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3p.ampproject.net/2210172057000/vendor/taboola.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc64bd757699fdaa5f3bfe214ee5a29575f3f39a13653c1876e2d295a2cc215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 05:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8887
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 08:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Oct 2023 05:46:36 GMT

GET
H2 200 amp-iframe.html Show response
audio8.audima.co/ Frame EEBA 4 KB
2 KB 202ms
144ms Document
text/html 2606:4700:e6::ac40:c620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio8.audima.co/amp-iframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a17729c9105d967bed5d5d756cd73d2fe7ce84c9444e560e76e4190d0e8b6ca8

Request headers

Referer: https://noticias.r7.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400 public
cf-cache-status: DYNAMIC
cf-ray: 760c9e616db72163-DUS
content-encoding: br
content-type: text/html
date: Thu, 27 Oct 2022 15:55:54 GMT
expires: Thu, 27 Oct 2022 19:55:54 GMT
last-modified: Wed, 26 Oct 2022 12:26:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqQVNiQN8IQ5%2B8FwxAoXS0wyjBm%2FCPYAIOQWrwQfuncyFPKO%2Fc2EYWz%2BYcD%2BJ0sIx8Qc5kFoPzkfK%2FOyQP0vL6eHLR1Xe5NK8IYfTnvJociNrJdwk3SnuuiOfz32lNg0Snac%2BbRlvJbCXpaQjGva"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 iframe-banner-r7.html Show response
audio8.audima.co/ Frame 3E9F 2 KB
861 B 206ms
149ms Document
text/html 2606:4700:e6::ac40:c620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio8.audima.co/iframe-banner-r7.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de0217c34c0122c41df6069c40727a6b3c518a6c713bf33c0a560c1c6bdc21db

Request headers

Referer: https://noticias.r7.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400 public
cf-cache-status: DYNAMIC
cf-ray: 760c9e616dbd2163-DUS
content-encoding: br
content-type: text/html
date: Thu, 27 Oct 2022 15:55:54 GMT
expires: Thu, 27 Oct 2022 19:55:54 GMT
last-modified: Wed, 26 Oct 2022 12:26:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pX2MGf%2FY4PuU9eAGFMEY3ZKeO00DDY1WnbzIKtW1nPRHJgZlBQgtUgs7NHLtkm7qZwxGLyohNDXeMRk3PagqZCjv8mKaIiBUDxZfVHAnur2Qb%2FLnhGqOznoGFvyUjyjVdaq04eILRhXP8whyHr8X"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
574 B 65ms
26ms Fetch
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=noticias.r7.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://noticias.r7.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://noticias.r7.com
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 1032ms
980ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F7542%2Fr7noticias%2Feleicoes-2022&adk=2776864775&sz=320x50&output=html&impl=ifr&ifi=1&msz=320x-1&psz=320x-1&fws=4&scp=keywords%3Dpesquisa%2Celeicoes%2Clula%2Cbolsonaro%2Cbrasil&adf=190587403&nhd=0&adx=640&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2210172057000&d_imp=1&c=8088003065&ga_cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&ga_hid=3065&dt=1666886154420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=http%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022&loc=https%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022%3Famp%3D&bdt=303&dtd=72&__amp_source_origin=https%3A%2F%2Fnoticias.r7.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fe50ea73fd12cde68729c670d9dc544f0182fba8bdc188c8b900c2c5bfeed6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-38
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10432
x-xss-protection: 0
google-lineitem-id: 6079957322
x-qqid: CKa__-jigPsCFf1DHQkdN7AM3Q
amp-access-control-allow-source-origin: https://noticias.r7.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400042347
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://noticias.r7.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Thu, 27 Oct 2022 15:55:55 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 1712ms
1660ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F7542%2Fr7noticias%2Feleicoes-2022&adk=2879363929&sz=300x250&output=html&impl=ifr&ifi=2&msz=300x-1&psz=300x-1&fws=4&scp=keywords%3Dpesquisa%2Celeicoes%2Clula%2Cbolsonaro%2Cbrasil&adf=1674970725&nhd=0&adx=650&ady=1863&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2210172057000&d_imp=1&c=8088003065&ga_cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&ga_hid=3065&dt=1666886154420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=http%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022&loc=https%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022%3Famp%3D&bdt=303&dtd=73&__amp_source_origin=https%3A%2F%2Fnoticias.r7.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cf28313a7fab90b33c3369b191c18a0eea60415d9546d76f080a69996ddc8fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-38
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11093
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CILS0enigPsCFQFJGwodIawOnA
amp-access-control-allow-source-origin: https://noticias.r7.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://noticias.r7.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Thu, 27 Oct 2022 15:55:56 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 700ms
649ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F7542%2Fr7noticias%2Feleicoes-2022&adk=3874418918&sz=300x600&output=html&impl=ifr&ifi=3&msz=1568x-1&psz=1568x-1&fws=4&scp=keywords%3Dpesquisa%2Celeicoes%2Clula%2Cbolsonaro%2Cbrasil&adf=4198093691&nhd=0&adx=650&ady=300&oid=2&act=fc&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2210172057000&d_imp=1&c=8088003065&ga_cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&ga_hid=3065&dt=1666886154420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=http%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022&loc=https%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022%3Famp%3D&bdt=303&dtd=74&__amp_source_origin=https%3A%2F%2Fnoticias.r7.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

569688eb0d705cbc594af04a34f8394fe9960ea5f15cd6010bf856474adc14e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-38
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10360
x-xss-protection: 0
google-lineitem-id: 6079957322
x-qqid: CKO8_-jigPsCFQTFGwodRaMCxQ
amp-access-control-allow-source-origin: https://noticias.r7.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400042305
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://noticias.r7.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Thu, 27 Oct 2022 15:55:55 GMT

GET
H2 200 ads
securepubads.g.doubleclick.net/gampad/ 0
0 386ms
335ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F7542%2Fr7noticias%2Feleicoes-2022&adk=2629486430&sz=300x200&output=html&impl=ifr&ifi=4&msz=1568x-1&psz=1568x-1&fws=4&scp=keywords%3Dpesquisa%2Celeicoes%2Clula%2Cbolsonaro%2Cbrasil&adf=3848338215&nhd=0&adx=16&ady=2825&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2210172057000&d_imp=1&c=8088003065&ga_cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&ga_hid=3065&dt=1666886154420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=http%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022&loc=https%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022%3Famp%3D&bdt=303&dtd=75&__amp_source_origin=https%3A%2F%2Fnoticias.r7.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

amp-ff-empty-creative: true
date: Thu, 27 Oct 2022 15:55:54 GMT
x-content-type-options: nosniff
x-creativesize: 0x0
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
x-qqid: CITs_-jigPsCFXJIHQkdOI4Grg
amp-access-control-allow-source-origin: https://noticias.r7.com
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://noticias.r7.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-empty-creative
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 27 Oct 2022 15:55:54 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 1430ms
1384ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F7542%2Fr7noticias%2Feleicoes-2022&adk=286015221&sz=320x50&output=html&impl=ifr&ifi=5&msz=0x-1&psz=0x-1&fws=4&scp=keywords%3Dpesquisa%2Celeicoes%2Clula%2Cbolsonaro%2Cbrasil&adf=278927225&nhd=0&adx=640&ady=1150&oid=2&act=sa&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2210172057000&d_imp=1&c=8088003065&ga_cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&ga_hid=3065&dt=1666886154497&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=http%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022&loc=https%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022%3Famp%3D&bdt=380&dtd=2&__amp_source_origin=https%3A%2F%2Fnoticias.r7.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41bda8144b864ca926422619eec9fd80bf8cca61576be61b32581a37a75d0693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-38
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10441
x-xss-protection: 0
google-lineitem-id: 6079957322
x-qqid: CPH2_-jigPsCFYHsGwodI80IPw
amp-access-control-allow-source-origin: https://noticias.r7.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400042377
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://noticias.r7.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Thu, 27 Oct 2022 15:55:55 GMT

GET
H3 200 iframe-thin.css
audio8.audima.co/ Frame EEBA 10 KB
3 KB 83ms
49ms Stylesheet
text/css 2606:4700:e6::ac40:c620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio8.audima.co/iframe-thin.css
Requested by: Host: audio8.audima.co
URL: https://audio8.audima.co/amp-iframe.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38207a30631e8764ab5a22abb356ba4a4e4a2cc5883356eefd31202815c1872d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/amp-iframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12470
cf-polished: origSize=9966
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Wed, 26 Oct 2022 12:27:16 GMT
server: cloudflare
etag: W/"635927a4-26ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dihP3f9ufPP%2BPHz1HkUtUA6l3zGW4qSs3W0SltgVMgcCjKm83l%2Bjp5cAVzJCTQWFxg8r86hOLNYY%2BaTigFSDhJNKqkwcaTJB256i2sEL6U4rnF4iGGc1tp8PDcR5yvWpqwVify2qOFDUBq%2BMdao8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 760c9e6279ca9a12-FRA
expires: Thu, 27 Oct 2022 16:28:04 GMT

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ Frame EEBA 69 KB
11 KB 322ms
36ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css

Requested by

Host: audio8.audima.co
URL: https://audio8.audima.co/amp-iframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 13878140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10277
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-1137b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 760c9e640b029975-FRA
expires: Tue, 17 Oct 2023 15:55:54 GMT

GET
H3 200 amp-audio-tts-player.js Show response
audio8.audima.co/ Frame EEBA 33 KB
13 KB 65ms
33ms Script
application/javascript 2606:4700:e6::ac40:c620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio8.audima.co/amp-audio-tts-player.js
Requested by: Host: audio8.audima.co
URL: https://audio8.audima.co/amp-iframe.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 147f479b249a8d8d91689574ed000b6fcd493095613691206b0a3dbb7515361a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/amp-iframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12274
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Wed, 26 Oct 2022 12:27:16 GMT
server: cloudflare
etag: W/"635927a4-84f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhK3LoJhydWG9uM9SHaVUAKNgHkGeSS7BTDAf500cN6EZe6WQZlturb%2F%2Ba80W7XNbDFdojOughvtNe4ozreYO0keIS2M0dql654EA%2F9QbJ9cnp9uxOdMpuxqGsjIOMVJSrMRMM3dd6%2BnOuXcB2GH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 760c9e6279ce9a12-FRA
expires: Thu, 27 Oct 2022 16:31:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame EEBA 6 KB
1 KB 65ms
25ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap

Requested by

Host: audio8.audima.co
URL: https://audio8.audima.co/iframe-thin.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41164ecc4643a94f1881912ddca649032a58a93bce844370c8e6369dbf246d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 15:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 14:33:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 15:55:54 GMT

GET
H3 200 535308d8f2af97fc03b61ad2de3c26b7.png
audio8.audima.co/img/ Frame EEBA 2 KB
3 KB 32ms
31ms Image
image/png 2606:4700:e6::ac40:c620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audio8.audima.co/img/535308d8f2af97fc03b61ad2de3c26b7.png
Requested by: Host: audio8.audima.co
URL: https://audio8.audima.co/iframe-thin.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ad12268da77c77a50ec33f5771a9ef64d33d53335c03a23b3d459be4544b5c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/iframe-thin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2386
pragma: public
last-modified: Wed, 26 Oct 2022 12:27:16 GMT
server: cloudflare
etag: "635927a4-952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08dWqhOw1oTB%2FGzwFCGUA3Y1uIwFq0IMmtvHtHC5fe0BTpuK35GKF5Q8WkhQvLtl3YubT5k3X1GYKA1qzRVDMtyJm2ZYexnzYLeWbRwp6ICr0Sf%2BSU4kLxyaSz9vu3yQvLoZXhT11D6RQXqLHGMx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 760c9e645dcc9a12-FRA
expires: Thu, 27 Oct 2022 16:48:10 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ Frame EEBA 74 KB
74 KB 44ms
26ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css
Origin: https://audio8.audima.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:54 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 690935
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75728
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-127d0"
vary: Accept-Encoding
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 760c9e647ef19945-FRA
expires: Tue, 17 Oct 2023 15:55:54 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame EEBA 44 KB
44 KB 47ms
15ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://audio8.audima.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 248720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:50:34 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012210172057000/v0/analytics-vendors/ 2 KB
812 B 16ms
15ms Fetch
application/json 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210172057000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://noticias.r7.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Oct 2022 23:01:21 GMT
age: 60874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 782
x-xss-protection: 0
server: sffe
etag: "fdd944a57e0a0b3b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Oct 2023 23:01:21 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012210172057000/v0/analytics-vendors/ 2 KB
812 B 16ms
16ms Fetch
application/json 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210172057000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://noticias.r7.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Oct 2022 23:01:21 GMT
age: 60874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 782
x-xss-protection: 0
server: sffe
etag: "fdd944a57e0a0b3b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Oct 2023 23:01:21 GMT

GET
H3 200 comscore.json Show response
cdn.ampproject.org/rtv/012210172057000/v0/analytics-vendors/ 559 B
311 B 17ms
17ms Fetch
application/json 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210172057000/v0/analytics-vendors/comscore.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b913d6f06cebe5484a2bf0de91fa809e331c5b4c7885a8bb67e971f1be57c48

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://noticias.r7.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Oct 2022 23:02:44 GMT
age: 60791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
server: sffe
etag: "7aedd3f4ee2a40a5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Oct 2023 23:02:44 GMT

GET
H3 200 taboola.json Show response
cdn.ampproject.org/rtv/012210172057000/v0/analytics-vendors/ 440 B
257 B 18ms
18ms Fetch
application/json 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210172057000/v0/analytics-vendors/taboola.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d36546c3e8be26641a6c78b2486c21c8dbb4aded41b7a71a3d80d5cacc86970

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://noticias.r7.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Oct 2022 23:01:20 GMT
age: 60875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
server: sffe
etag: "bf3f42517d5c9278"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Oct 2023 23:01:20 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Bolsonaro%20tem%C2%A051%2C2%25%20dos%20votos%20v%C3%A1lidos%2C%20diz%20pesquisa%C2%A0%20-%20Not%C3%ADcias%20-%20R7%20Elei%C3%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10631407-5&cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&jid=0.7053608666971132&_v=a1&z=0.1927607250572656
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10631407-5&cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&jid=0.7053608666971132&_v=a1&z=0.1927607250572656
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10631407-5&cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&jid=0.7053608666971132&_v=a1&z=0.1927607250572656&slf_rd=1&random=1003222444

42 B
501 B

90ms
52ms

Ping
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10631407-5&cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&jid=0.7053608666971132&_v=a1&z=0.1927607250572656&slf_rd=1&random=1003222444

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10631407-5&cid=amp-u8_BU0DUL8Yq-B8ZF_xrqQ&jid=0.7053608666971132&_v=a1&z=0.1927607250572656&slf_rd=1&random=1003222444
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 amp
r7-dp6.rj.r.appspot.com/ 0
187 B 291ms
231ms Ping
text/plain 2a00:1450:4001:827::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://r7-dp6.rj.r.appspot.com/amp?event=page_view
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noticias.r7.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
264 B 17ms
17ms Image
image/gif 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=14194541&cs_ucfr=&cs_amp_consent=&cs_pv=3065&c12=amp-rNSpxOBryd208WpEf2Hs4g&rn=0.7169951434607302&c8=Bolsonaro%20tem%C2%A051%2C2%25%20dos%20votos%20v%C3%A1lidos%2C%20diz%20pesquisa%C2%A0%20-%20Not%C3%ADcias%20-%20R7%20Elei%C3%A7%C3%B5es%202022&c7=http%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022&c9=&cs_c7amp=https%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022%3Famp%3D&comscorekw=amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 43
x-amz-cf-id: D--etBQXByCopkUmq7XwbYCixInx3JicVu_QyKQirMO55rkybnv_KQ==
x-cache: Miss from cloudfront
content-type: image/gif

GET
H2 200 amp-analytics-taboola.html Show response
c3.taboola.com/amp/ Frame 33A5 2 KB
1 KB 300ms
237ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/amp/amp-analytics-taboola.html?url=http%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022&aid=r7-r7com&cnsntstr=&cnsntst=-1
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70e66891c0d02108d0f7f93e6943381865a8d322dfb1a04e49621190c5465518

Request headers

Referer: https://noticias.r7.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

abp: 65
accept-ranges: bytes
age: 0
cache-control: private,max-age=14400
content-encoding: gzip
content-length: 843
content-type: text/html
date: Thu, 27 Oct 2022 15:55:55 GMT
etag: "e3c0db1cd9b958839e654c65c9668ef1"
last-modified: Tue, 06 Jul 2021 08:59:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: BI2YwSxZWSW4S3WySUYTI74A6tPj/es7GQW0+7/M/tCAz4VCg7j8ZAGBWyGPBGRqghrr328IkiQ=
x-amz-replication-status: COMPLETED
x-amz-request-id: HE797M0FB435S7C6
x-amz-version-id: UmQZc8B.r27no4p1WtAjXeIhs2TI77eH
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4030-HHN
x-timer: S1666886155.138938,VS0,VE222

GET
H2 200 dfp_frame_r7_new.txt Show response
audima.co/ Frame 3E9F 3 KB
2 KB 180ms
131ms XHR
text/plain 2606:4700:e6::ac40:c620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audima.co/dfp_frame_r7_new.txt
Requested by: Host: audio8.audima.co
URL: https://audio8.audima.co/iframe-banner-r7.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b88d4fad579a92c21fdf067edfd9f8a1eba2002907856b729ced5b5e3af9789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 04 Oct 2022 17:22:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"633c6bbb-a48"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvM9KFphIzfSf31aGT87VrGAG1u1Tc00VckuRNxexbSnI%2BghemWT02fxxqZWrpQr%2Fm3bcs%2F5rliJGoFFpY4ZzgyU%2Fij%2BeOyXlxesrzCm5r1krNPbNIz4RPBRBxx6PWkGMuK89%2FRz0jw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: *
cf-ray: 760c9e65d982bba3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 container.html
1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 117ms
31ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noticias.r7.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 container.html Show response
1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F53D 6 KB
4 KB 103ms
24ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.r7.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 15:55:55 GMT
expires: Fri, 27 Oct 2023 15:55:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B660 79 KB
27 KB 92ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: audio8.audima.co
URL: https://audio8.audima.co/iframe-banner-r7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91bbb60ad70d111f3c6a7c95189b395e8245ea4e3a8dd0e52839c82e0d2931eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27372
x-xss-protection: 0
server: sffe
etag: "1375 / 726 of 1000 / last-modified: 1666884091"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Oct 2022 15:55:55 GMT

GET
H2 200 prebid7.2.0.js Show response
publyads.jstag.space/ Frame B660 228 KB
70 KB 89ms
32ms Script
application/javascript 2606:4700:3035::6815:193e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publyads.jstag.space/prebid7.2.0.js

Requested by

Host: audio8.audima.co
URL: https://audio8.audima.co/iframe-banner-r7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:193e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

954581c979b209cb6812bd2b086fbc8f3bebc7f64d143c2cac8a1bc22ffb887d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47127
cf-polished: origSize=234146
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 22 Jun 2022 17:42:14 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyg2eWKLpo6DBaSXt9cSnQSgpkL7JzRl5OeA07n4sJHaSGNJXvnGd4SQv%2FTL3oK6RPTeNcoXbFMk3vU3QH%2BqdjPRbAejLJW2uRB9%2BOvcGWHinCgnt7d%2F96i0l9c8yTdjLijKzCRS2z5BFAGAVHOTpp25Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 760c9e670fed21b1-DUS
expires: Sat, 26 Nov 2022 02:50:27 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame F53D 4 KB
2 KB 16ms
16ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:15:47 GMT
content-encoding: gzip
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 42608
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: hTpr8vEJm62xL4Z00PheMclhkUDOB2eGlAztvI7fbHDCtxffmBF0-Q==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F53D 79 KB
27 KB 146ms
139ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
URL: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74cbbf9e1c109d5ddc444aa022b423392b67e5470f6994a0f7b5fe34805eb28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27370
x-xss-protection: 0
server: sffe
etag: "1375 / 280 of 1000 / last-modified: 1666884040"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Oct 2022 15:55:55 GMT

GET
H2 404 300x600.js
pkioshima-recordtv.github.io/dfp_adunitDiv_multisize/ Frame F53D 0
0 157ms
114ms Script
text/html 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pkioshima-recordtv.github.io/dfp_adunitDiv_multisize/300x600.js
Requested by: Host: 1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
URL: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F53D 152 KB
47 KB 78ms
26ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
URL: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 15:55:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F53D 0
29 B 62ms
55ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTWX6TMTZLAPxgGX-qXHYRCh7YA8KKUEiC9UszbDyPGtkqXPmLOEtIp20r3zCEC6phydzGShTsZwfD8lFy1vtOOhvJDTpYwTZA5ZVDidsyNy27t69N1ihzPIIpNEe4VDq1orpgufHbXSXfvvqxrn6S648O1vMEtf047JOHQ3jf_39L1L51sGTZfjBpolppdmfwcUTvUu4xh3iEaKLg1WfKicsFo_0bBWsiQmjmmyPDMPEd6dDsE-kCMgrGk3pVQZ-3bqHbjD11zTl5EfTuX1npbVEThPTyHjKuU6mh0ToY47d99A1U52Kajcylkh3OE3A_i8q00WTHRw&sai=AMfl-YQQwRWF68SZAoCCC7Nm0ViGlLxRDqmPoZa98Wz5QrOuyYdEJsNB6Tua8fEFsINzvs3I6D85Mq5tOX9J4Yyv3Q&sig=Cg0ArKJSzDrpYVvDkCqNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
URL: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Oct 2022 15:55:55 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame F53D 0
189 B 16ms
16ms Image
text/plain 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=14194541&c3=1419454107&cs_it=b3&cv=3.8.0.210223&ns__t=1666886155333&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2F1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D0&c8=SafeFrame%20Container&c9=https%3A%2F%2Fnoticias.r7.com%2F
Requested by: Host: 1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
URL: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: C-KYAhqeHJWP7SP4wfu3uqsbVWOp7z0cKzgJRjGEGOqx1iFmB2Dc0w==
x-cache: Miss from cloudfront

GET
H2 200 trk.js Show response
cdn.taboola.com/libtrc/r7-r7com/ Frame 33A5 21 KB
8 KB 18ms
17ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/r7-r7com/trk.js
Requested by: Host: c3.taboola.com
URL: https://c3.taboola.com/amp/amp-analytics-taboola.html?url=http%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022&aid=r7-r7com&cnsntstr=&cnsntst=-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9c651ae285c3b2a975d260325d7f3502e19117de76cb676d21e36d8cee551e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: CPjKJnhoyaBMML.HVOJNxC52r4ZXjf1L
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Oct 2022 15:55:55 GMT
x-amz-request-id: GCQNEJ3M8RP7M3D6
age: 23726
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 7681
x-amz-id-2: WCkGgumLXkGFv511geJl7LR/krWIoHwotx5if636ur5IxxdIUFQbnmulH264x9A298eDjsFHbpQ=
x-served-by: cache-hhn4030-HHN
last-modified: Thu, 27 Oct 2022 09:17:05 GMT
server: AmazonS3
x-timer: S1666886155.385524,VS0,VE1
etag: "26da4d801d3767a02c4243fbe67cd735"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 65
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 json Show response
trc.taboola.com/r7-r7com/trc/3/ Frame 33A5 3 KB
2 KB 132ms
110ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/r7-r7com/trc/3/json?tim=1666886155398&data=%7B%22id%22%3A621%2C%22ii%22%3A%22%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1666886155396%2C%22cv%22%3A%2220221027-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fnoticias.r7.com%2Feleicoes-2022%2Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022%22%2C%22e%22%3A%22https%3A%2F%2Fampproject.net%22%2C%22cb%22%3A%22TRKSC.trkCallback%22%2C%22qs%22%3A%22%3Furl%3Dhttp%253A%252F%252Fnoticias.r7.com%252Feleicoes-2022%252Fbolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022%26aid%3Dr7-r7com%26cnsntstr%3D%26cnsntst%3D-1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dr7-r7com%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22ad%22%3A%7B%22sdkd%22%3A%7B%22os%22%3A%22AMP%22%2C%22osv%22%3A1%2C%22sdkt%22%3A%22Taboola%20AMP%20Driver%22%2C%22sdkv%22%3A%221%22%7D%7D%7D&pubit=n
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/r7-r7com/trk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a355a5ffc6d879bb3d56bbc77d2dcbd79151b9a411d4090f3119ecd0cf4cae85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms: 94
date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn4030-HHN
server: nginx
x-timer: S1666886155.434766,VS0,VE94
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 pubads_impl_2022102501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B660 378 KB
128 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130606
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 08:35:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 27 Oct 2023 14:18:22 GMT

GET
DATA 200
OK truncated
/ Frame F53D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52d9bec8fed03a373938b5e47a32f902bfacd858bc03ceaf9baaa0d01438795d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pubads_impl_2022102401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F53D 378 KB
128 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79bbd067eff59b0e77f2c105b6a23129e341e4e0ed12a27e2618216fc1e850e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130586
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 08:37:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 27 Oct 2023 15:48:20 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B660 287 B
1 KB 154ms
84ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18270&site_id=274002&zone_id=1545744&size_id=43&rf=https%3A%2F%2Fnoticias.r7.com%2F&tg_i.pbadslot=%2F21831561254%2Faudima_player_r7&tk_flint=pbjs_lite_v7.2.0&x_source.tid=e4084874-2213-4179-8f3e-71406faef3a4&l_pb_bid_id=2968e98964617&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21831561254%2Faudima_player_r7&slots=1&rand=0.8228700916568525
Requested by: Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1bb625bbfc513e41e26b4b827bcdefb362107eba4c22afd8e4766e30b058373f

Request headers

Referer: https://audio8.audima.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 15:55:55 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://audio8.audima.co
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 287
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B660 138 B
830 B 56ms
15ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ce655611013225d94b44591cdf45d921dc4685ac4fca441950fe4e215748a957

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://audio8.audima.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 15:55:55 GMT
AN-X-Request-Uuid: 5a54146f-a21a-4469-bb67-78af652dd2e2
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://audio8.audima.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame B660 0
218 B 86ms
27ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.2.0&cb=58176970287

Requested by

Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://audio8.audima.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 15:55:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://audio8.audima.co
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F53D 0
0 86ms
54ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0GX0W1ecvpI6uwsYniBShatt3jmsS6T-G0L6cJeFE6KoZcYO2zPT8IaSpVQ2ouFbMIeiXAZ9Ec1xFHKQF3lnDak2SDSTkb4E4MtSoAKkLeq5vk0zwdh-DHof5DIfY1_mNQwF40efZ0TAPvc8g0MtYOh2mCt1maRiptkmRa5zKsxOK9ePIjc0xq5_GF9GvoFaLjvHJYmEbiuNPY8US4XFRgUo0vEhRbHwERLUVwzEpCrVvadOZbKKaK8x8lHl9WDzUCfMmybGFIYkH2OrhiGlKfjn6pX0F5pU5Z4ict5oH8U-EIl-1h7FYOwgneTnJmJCLuYdtLAm7QEgS&sai=AMfl-YQ0mEpTcXFa-AqXLn9H8ZB6d3e5plsX7EzuNQWE2R_ELlvzsDiwt4synZe_n60V262jmZcONit9SLh9Lmd0ig&sig=Cg0ArKJSzBrwDV2B0ZJwEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Oct 2022 15:55:55 GMT

GET
H3 200 container.html Show response
1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F5FA 6 KB
3 KB 49ms
17ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.r7.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 15:55:55 GMT
expires: Fri, 27 Oct 2023 15:55:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame F5FA 4 KB
2 KB 16ms
16ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:15:47 GMT
content-encoding: gzip
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 42608
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: beffmCp5kN9J_RI-DtTGGBlrWbOyefOhtGjqynRHEwLAxUoQR0_SYQ==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F5FA 79 KB
27 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
URL: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74cbbf9e1c109d5ddc444aa022b423392b67e5470f6994a0f7b5fe34805eb28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27370
x-xss-protection: 0
server: sffe
etag: "1375 / 695 of 1000 / last-modified: 1666884040"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Oct 2022 15:55:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5FA 152 KB
46 KB 897ms
861ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
URL: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 15:55:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F5FA 0
26 B 54ms
54ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlTrwVXF8xm472XbukYi34LFgZQH8Bt8E6-0BlIkHAjv6P7jxE8E-8ANSxlQgcRh5Uew4bF_kuEsy6aJ-mRvRZXPMx7WmSmVPeZmwlfiMiCW8lCXbd970xhWmmBiwyN8me8s5_9n-W008if6eEp744uPIhoEfyEoL-hNzB-kTge8oZun91LCl7h9b28e-lXznZ4WA8NnE6WKPvEOV9CdfdEUeXCc1jPcIviXpQMwEwJZn9U9cYT5G89GwGvnzWX7BFGNudSeuwMXMl-cou60hV_cMp6K6OzK6JFeaL3acWOuH_wMUJZhsubz_sBLAHkWszV5WzodHBpg&sai=AMfl-YSbrvUZ0Dpmc8kUVap48N_hwPj-Gr3hr5-Aa6LD3sZR9KoLfiRgE8OgzbXCmdisEjUJXwpup3KXR5bDKdUh_g&sig=Cg0ArKJSzDx17nITFUriEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
URL: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ Frame F5FA 0
188 B 18ms
18ms Image
text/plain 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=14194541&c3=1419454107&cs_it=b3&cv=3.8.0.210223&ns__t=1666886155615&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2F1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D0&c8=SafeFrame%20Container&c9=https%3A%2F%2Fnoticias.r7.com%2F
Requested by: Host: 1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
URL: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: uRpOoKfcRTfK4ZvJH4--aGXlh-s6-f_m-8FJYrsoo3Ahn-Dwc6NeDA==
x-cache: Miss from cloudfront

GET
H3 200 pubads_impl_2022102401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F5FA 378 KB
128 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79bbd067eff59b0e77f2c105b6a23129e341e4e0ed12a27e2618216fc1e850e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130586
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 08:37:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 27 Oct 2023 15:48:20 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B660 107 B
792 B 77ms
24ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=audio8.audima.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B660 107 B
122 B 57ms
25ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=audio8.audima.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B660 18 KB
10 KB 317ms
316ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2327383789990905&correlator=3744436547894162&eid=31070592%2C31069563&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fif&iu_parts=21831561254%2Caudima_player_r7&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=1&adks=2409650377&sfv=1-0-38&prev_scp=grupo%3Dcontrole&eri=1&sc=1&cdm=audio8.audima.co&abxe=1&dt=1666886155693&lmt=1666886155&dlt=1666886155106&idt=390&adxs=624&adys=25&biw=-12245933&bih=-12245933&isw=320&ish=50&scr_x=-12245933&scr_y=-12245933&ucis=oufbzkpqxrx3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Faudio8.audima.co%2Fiframe-banner-r7.html&ref=https%3A%2F%2Faudio8.audima.co%2Fiframe-banner-r7.html%23amp%3D1&top=https%3A%2F%2Fnoticias.r7.com%2F&frm=24&vis=1&psz=320x50&msz=320x50&fws=256&ohw=0&ea=0&ga_vid=1119584687.1666886156&ga_sid=1666886156&ga_hid=1564864927&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a3c0d62ac94f0650f4eddbc408188b6e4f2db2bc99cda229006d3e5bae737ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9744
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://audio8.audima.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B660 15 KB
12 KB 69ms
30ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

307921aa22495c2ed44adca72527d6d8b8259b0eee51bf7171eb184f75a234e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11340
x-xss-protection: 0

GET
H2 200 container.html Show response
6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E6D 6 KB
3 KB 38ms
23ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://audio8.audima.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 15:55:55 GMT
expires: Fri, 27 Oct 2023 15:55:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame F5FA 107 B
165 B 42ms
25ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F5FA 107 B
122 B 23ms
23ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F5FA 459 B
238 B 73ms
73ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=979064342085493&correlator=2554327323888645&output=ldjh&gdfp_req=1&vrg=2022102401&ptt=17&impl=fifs&iu_parts=7542%2CotherSizes&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C320x50%7C300x50%7C168x42%7C120x30%7C216x36%7C120x20%7C168x28&fluid=height&ifi=1&adks=1968496897&sfv=1-0-38&sc=1&cdm=1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com&abxe=1&dt=1666886155727&lmt=1614716223&dlt=1666886155593&idt=115&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=320&ish=50&scr_x=-12245933&scr_y=-12245933&ucis=ljbu6v1pq5ce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2F1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D0&ref=https%3A%2F%2Fnoticias.r7.com%2F&top=https%3A%2F%2Fnoticias.r7.com%2F&frm=24&vis=1&psz=320x20&msz=320x20&fws=256&ohw=0&ea=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

793277af21228039ab8e8ac08a32842fc3f94db4873695ad173b707bb1597a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 209
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c63f9271d165e2f1430fc1e288fcc915.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 78BD 6 KB
3 KB 62ms
23ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c63f9271d165e2f1430fc1e288fcc915.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 15:55:55 GMT
expires: Fri, 27 Oct 2023 15:55:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B660 17 KB
7 KB 71ms
32ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 15:55:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B3C 13 KB
5 KB 49ms
16ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://audio8.audima.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 454
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 15:48:21 GMT
expires: Fri, 27 Oct 2023 15:48:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FEA3 783 B
536 B 66ms
32ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

484666ea0d20a9381585aa3af97c437c152557b4b17538674f1c27fdbef0e7e6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YPPzWwBrQ27AjX4JtMvPow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://audio8.audima.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-YPPzWwBrQ27AjX4JtMvPow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 15:55:55 GMT
expires: Thu, 27 Oct 2022 15:55:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B3C 36 KB
16 KB 50ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 13:17:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FEA3 0
0 66ms
48ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102501&jk=2327383789990905&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 container.html Show response
6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F0D8 6 KB
3 KB 16ms
16ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://audio8.audima.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 15:55:55 GMT
expires: Fri, 27 Oct 2023 15:55:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6B3C 0
10 B 15ms
14ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8R1hhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3AF3 624 B
838 B 82ms
42ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYouf4xgEwAQ&v=APEucNVZ9t56iAY_aSM2JKRI_PvJE3hAQI4wvVGb4m6GXZsPkgS2hf0dbpkKI4bVogtvW2B9gk1Ui-biAUeAeOG2JEg_jCE23vPj4AriwYgz3OicS8jW9MzhXramskNSbfKdr-TtqnWzCeJ2pwVvybyrCRmAEm0cKkRnCeV5PpFNVNwqU3-OZL8

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 15:55:56 GMT
expires: Thu, 27 Oct 2022 15:55:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F0D8 86 KB
35 KB 115ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUCMEiBnGGWQhKHcpWCFuTLqtc_CMVjMkRzxq_bwwEoJSpJky8_jKuhEg42FdCe51unuoI7qceMgjgxRSn9jjQ-qI76NsBDzFTQVnyPHAUNnCur5_YfmtAT-bsTnSiXT8_JwAqIq5jkyC_3GQR48VtBN1Q3RhWTBi1laNQNOXiG_Re7FA&dbm_d=AKAmf-Bv4Q3UWGkvi0kMeZ7-Vt7Yp1WtWVj-J9mWymxI9ziyBC61HRyGLemMVuj8ARmjhf-yLCQO55QvIS6sCXrVr9ZZjfwLs8iiH4_r_04lsgNZyRCeAX7hIHFBl_Xwn1NDmeixnI72r3VpAfUscYuoVs0SndkgpJSbOuyM0B4VOyJE6tUlg6WSdCIw895q5aJQSjVfHNU-fzyp67ueW48UTszfDbe8EN0ewroANLpse2JZLUkG8Bh84ovrGWPGVSUFgx7C93ZvmY9OKNjVrXqOzbO4RyaACylAVNz8CjSuBmegK0OJZC1UGsZyrZw6qTrxh0iY6VZyApuws5lr8oOWRwx8B0HXm0RXDaC6t-zCBg2FodHutezTLaQQpXvkrGMV97b17qk1jDkeyge0ECqrsywwJ1HlRXVEDKzflBuzEJiNJ6UBPT2m0JXsy-f3SO9UNOK_T6QZkZMDDjNeoLTwkGU2_Y4UthP5tk0zTuDm_jXA8KpxSrcS1oNGx3nDfvF2nzEi21GOVNngfxJb8KKRVAAp-_JI4_T2da7featYbO9lO8wTjMvYoexhMMtaPXtt5NnF8fjaF1TUrQjaxBXTI5Lu_PF0CgmBgNwz5oecR6yrpbY3csKcFABERVDHVXaY0S667enTJG7gh1ZXYB084PzF_4e3xbq3Tr9BXoXPNlkZiqSD6kYIs5X5scHlOVv_yo9h-APOv4plj26-yaRMtyf3uaT4cOMW_FGYWJazngsnJ_pyx1TdUbgBXzoRRQ45eeDsnwgoMG-wPxXvoIRR7We8Cj28Yfr4zHxdI8RUbrAR4qmnGUO01-NdtkCQwRuPepQ7Ys5c6h0YegIfK6q6GDmU04qSh8ugEko0gJvtAmqe6rfRYvNjwotLE1DQm8ABUbhclV07xGo--c0gU2B_uxunBHRQA2d9HUW-xqiN1S8RrctxXTMdXuBrohjpLkDXMiG9o3hmvzXAVA5BKvmLFnHHksdHN0BsiK8lITmxv4QMFXIE_E6tzg5q5y_MvR7Lyvzb8UNxhGkdPSc7GfxxXZD1oZAYthU7nvpiHiK6X3-fTAOipnP-t5UPPLZy0QZ7Lxo8ZvpgcT4VgmYUovhzpZaifZuiY7hdckYhOyzI4FbpctCBJJXdeaUNEvaI_2gWqsivuUbIKAoGr0fNKQCGtl_IofxI0WVqP6clNFLWny7By04X0xWjOcm7zHfgdTD1Y6tOxWj8W8WJgKD537bK6gYIfWLchiLRnc_hVrh_zywDgbQ3roDa-119bBApnfKIGnKA11YBsKQnAVwso5qtKocSTRxuLIH5y0DpOlzO7yvc6tHX-kfispIbLs6pHG8gtYjkIWquXWbQPnVq0kWsJSEo1fo7avzwZx736RA5MpdbyfmHeuRAeEx3tKK4arl1vaeVArJLtXCISa-gELPD8KPIlbGUByu-ckBdtDgA98Do39WP_ksejTF-8tsjLLP06SfaKZuh_qYXjqrOyn-5XFonFoEzu2wwk9663SOoMltAPcdMvrtrf_Omh4XW5WTivQQC2KlGX-ADMg94gNXtskYLm6Zr4jZs5LAozKlZ1XXp7AKjTDicolqBk9JSrUGUVYKRBu0UjNMZd0kSfUYNekyCbMKR8vNtbPJgwrlFRyLiApqas7-FlN4FOMvcdKNkxRGGSt8K_JL7iJF0HsysW86nZPnZD5EMzYbehKybLvr0ln3XBAGTRIUT48881VLt3lJDLG6e7tc4KaHmg80QoBA1yBUC5EqWoCcSMZT5346l7cNUAer7_xUO6YYhMdZXzKrt2Wj7mmTWHEqCqqDcDV_Rr8cL3Qq6RVKC1XAszeclBKF1Q5un9jPW1DvnJT-Mn_DXnOQL0hGDoGNnUx8q8fvU3Pu7-inGSDltvU-A1fh9XyWf1_x6ajifHAc88RYx_RPTCy96xdvn90Al2bd49MwWmWXzI1AMzcjS4AoliruCanQngMDlNv1uSf5M07HewXtdeVYDz2PtBUf-IXTdnbFbKZaoqVFGrH1auk61Lk8Qh9EMI8JYxHe3e82Ujaw3GBp13Gya3qG8qoGMRVD97WpG_FuzU-1AGk0i16XRAdkkHh_PoCZ-13eGTXuVA36Rw39pXxOUiRR2iDrKGX75rF3vjqs_eEAhlJz8ygnHhM43i16T3zIVRgnq475HSh8amLDbb66IMjoQje-iZwf61cWyLrFqNha1YVCZY6qBbN916I3ibYLz4FU5sZhIHNcoCr_a9vuI7RNpyRXCjI0fNGKNmAc4Bjt9-H80ERcf7lbvnbqlHWTZmPtoD5pUmT44QOgoOXY9HuMeNhybErIdmttZurTAstu5yR_99cYxsdFPnGIY_bBitak7dwom1kzalP_zWjCOPpXzcuBWFx_qICJtMG5Yi6YUEyFyyCL6IZR38nZ6UtZXugTImrXKXj0utGXwCbGh1Kl2CbsiX6au0Q6B_JoQtJsUNEWvQBGsyFOOnESsKjB8lhKH2uiobzDXSsQLAJnq9JDX2ANSw-DOMWekRyKLm_HxGhZXby0Ng0Pz7yNVr2HVqAesRt9DcLH52YIBxZNEzht1AHJq_ugJhLhvkkk-Rp4aZ-8V8zFk-iw_pship_k3eW_3ocOiazfIZrjUPJoeBa1UuFoepj3x6f4LzUggpJOtvqFHQV_Wn1-kc9TvrPKzp5thSKL5gkcGchNp1JWyyEvEfmRKgCmMArPzkNOU5sy0telQiECFcFeyeK-RNXaTHF7snU9Dt44IAruH175KXYt8UPsQcMgxGzhQZqbKwonjKrSmeqZ_Nj0SlT8_trXnMJwZeOa0mQe6930N2f9VgO62gyB5TskjtECAiTBsTHkKpi34TYPRegSD6DI32W2j6HK4bsCx-4fwlimHVE75iqRKXpyLT_Xq2ln1VyYhi22KmaaLhvDLJ6RqDMJi33Xmrnk9KcBUDa6SvGgV3t2rYFBlQw9BWTv8uBfJWKQZ_oBw5RjGEAtiSb2DoZ-JuImcP-BY4udCUk3g1QqbHmzlt8PYjz0IgEc7qJRlqjYYitQH8j3mAAQm1m6xAU_5BahSACP2RpbBvyyeHHeOs-Pba3YDM36npb7GxBImpflyRMqPf6S8hBdN2JELqOjFHZfvJd-0SlYo57jqkPdYBWD6QcatEYW59F0qRjL2HfK7DB3R8_OCeg8oulMFm_L7vHC4u641qVJwdx1pkcdFNSn1KQaMj4ZBOhTUqjspBsKn3qmNZorWEItFIhWhXJmDSal6J_Ae_0x4Zvy3x4TYo40bcKHjmp5SsB5dTi3Wh4vYSMsENbrAjgml7KOow95RoaEtRCOw3KLATiHpfuJMlsXotH4ojAwwpvtnXLHAFI79tIZeOBWyWYI36d9JCWceW_A&cid=CAASEuRosSJz4lOanKFizRVsNdanWg&rfl=3%2Chttps%253A%252F%252Fnoticias.r7.com%242%2C%2Chttps%253A%252F%252Faudio8.audima.co%252F%240

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d225d3094c0bfae075ef08b2d41137c1aba0002573d53a0b7c03d32b9dee8b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35600
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F0D8 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8bHGXB6JDw_GSTuf4RjNC3PmDDbbKRgMU5mwYx-U0lE4lplXyxQOYAFxsCqAFnqV7fQuAxk_eOO4-sHcM__5Hjla0Vh3SWv3SRu6qmchzaE0Hz2c

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame F0D8 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 18:23:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame F0D8 17 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 18:25:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F0D8 0
0 24ms
23ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQboisjuxZMQXLHN2XFSLjsbnYaXi9aThagDjEya9H26vsgmpb5pzUkSgvBVuGX0oFCD3GGjvONAFH_UFey6EEfwJipYA
Requested by: Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0D8 152 KB
46 KB 439ms
438ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 15:55:56 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3AF3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoAmY_AM8IzRF82RzFV1FU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoAmY_AM8IzRF82RzFV1FU&google_cver=1&C=1

43 B
766 B

16ms
16ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoAmY_AM8IzRF82RzFV1FU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYouf4xgEwAQ&v=APEucNVZ9t56iAY_aSM2JKRI_PvJE3hAQI4wvVGb4m6GXZsPkgS2hf0dbpkKI4bVogtvW2B9gk1Ui-biAUeAeOG2JEg_jCE23vPj4AriwYgz3OicS8jW9MzhXramskNSbfKdr-TtqnWzCeJ2pwVvybyrCRmAEm0cKkRnCeV5PpFNVNwqU3-OZL8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 15:55:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 15:55:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEIoAmY_AM8IzRF82RzFV1FU&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3AF3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1qqDDaq-7Ldp2rRA5qWIAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoAmY_AM8IzRF82RzFV1FU&google_cver=1

43 B
766 B

16ms
16ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoAmY_AM8IzRF82RzFV1FU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYouf4xgEwAQ&v=APEucNVZ9t56iAY_aSM2JKRI_PvJE3hAQI4wvVGb4m6GXZsPkgS2hf0dbpkKI4bVogtvW2B9gk1Ui-biAUeAeOG2JEg_jCE23vPj4AriwYgz3OicS8jW9MzhXramskNSbfKdr-TtqnWzCeJ2pwVvybyrCRmAEm0cKkRnCeV5PpFNVNwqU3-OZL8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 15:55:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoAmY_AM8IzRF82RzFV1FU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 3AF3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDAL1zOSdXhQWKvBUwaTIjw&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDAL1zOSdXhQWKvBUwaTIjw%26google_cver%3D1

43 B
1 KB

16ms
15ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDAL1zOSdXhQWKvBUwaTIjw%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYouf4xgEwAQ&v=APEucNVZ9t56iAY_aSM2JKRI_PvJE3hAQI4wvVGb4m6GXZsPkgS2hf0dbpkKI4bVogtvW2B9gk1Ui-biAUeAeOG2JEg_jCE23vPj4AriwYgz3OicS8jW9MzhXramskNSbfKdr-TtqnWzCeJ2pwVvybyrCRmAEm0cKkRnCeV5PpFNVNwqU3-OZL8

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 15:55:56 GMT
AN-X-Request-Uuid: 7a32196d-7085-4654-a763-e7dc578c074d
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 15:55:56 GMT
AN-X-Request-Uuid: 28c81957-c3f9-4f3f-8ce0-c10159d17dac
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDAL1zOSdXhQWKvBUwaTIjw%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3AF3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc2NjcxMTkyMjk3MjgxNjU4OA%3D%3D

170 B
188 B

40ms
26ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc2NjcxMTkyMjk3MjgxNjU4OA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 15:55:56 GMT
AN-X-Request-Uuid: a6bc6b32-97fc-46c9-ba3c-9838353453bc
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc2NjcxMTkyMjk3MjgxNjU4OA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F0D8 170 KB
59 KB 100ms
45ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
Origin: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 10:22:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame F0D8 8 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUCMEiBnGGWQhKHcpWCFuTLqtc_CMVjMkRzxq_bwwEoJSpJky8_jKuhEg42FdCe51unuoI7qceMgjgxRSn9jjQ-qI76NsBDzFTQVnyPHAUNnCur5_YfmtAT-bsTnSiXT8_JwAqIq5jkyC_3GQR48VtBN1Q3RhWTBi1laNQNOXiG_Re7FA&dbm_d=AKAmf-Bv4Q3UWGkvi0kMeZ7-Vt7Yp1WtWVj-J9mWymxI9ziyBC61HRyGLemMVuj8ARmjhf-yLCQO55QvIS6sCXrVr9ZZjfwLs8iiH4_r_04lsgNZyRCeAX7hIHFBl_Xwn1NDmeixnI72r3VpAfUscYuoVs0SndkgpJSbOuyM0B4VOyJE6tUlg6WSdCIw895q5aJQSjVfHNU-fzyp67ueW48UTszfDbe8EN0ewroANLpse2JZLUkG8Bh84ovrGWPGVSUFgx7C93ZvmY9OKNjVrXqOzbO4RyaACylAVNz8CjSuBmegK0OJZC1UGsZyrZw6qTrxh0iY6VZyApuws5lr8oOWRwx8B0HXm0RXDaC6t-zCBg2FodHutezTLaQQpXvkrGMV97b17qk1jDkeyge0ECqrsywwJ1HlRXVEDKzflBuzEJiNJ6UBPT2m0JXsy-f3SO9UNOK_T6QZkZMDDjNeoLTwkGU2_Y4UthP5tk0zTuDm_jXA8KpxSrcS1oNGx3nDfvF2nzEi21GOVNngfxJb8KKRVAAp-_JI4_T2da7featYbO9lO8wTjMvYoexhMMtaPXtt5NnF8fjaF1TUrQjaxBXTI5Lu_PF0CgmBgNwz5oecR6yrpbY3csKcFABERVDHVXaY0S667enTJG7gh1ZXYB084PzF_4e3xbq3Tr9BXoXPNlkZiqSD6kYIs5X5scHlOVv_yo9h-APOv4plj26-yaRMtyf3uaT4cOMW_FGYWJazngsnJ_pyx1TdUbgBXzoRRQ45eeDsnwgoMG-wPxXvoIRR7We8Cj28Yfr4zHxdI8RUbrAR4qmnGUO01-NdtkCQwRuPepQ7Ys5c6h0YegIfK6q6GDmU04qSh8ugEko0gJvtAmqe6rfRYvNjwotLE1DQm8ABUbhclV07xGo--c0gU2B_uxunBHRQA2d9HUW-xqiN1S8RrctxXTMdXuBrohjpLkDXMiG9o3hmvzXAVA5BKvmLFnHHksdHN0BsiK8lITmxv4QMFXIE_E6tzg5q5y_MvR7Lyvzb8UNxhGkdPSc7GfxxXZD1oZAYthU7nvpiHiK6X3-fTAOipnP-t5UPPLZy0QZ7Lxo8ZvpgcT4VgmYUovhzpZaifZuiY7hdckYhOyzI4FbpctCBJJXdeaUNEvaI_2gWqsivuUbIKAoGr0fNKQCGtl_IofxI0WVqP6clNFLWny7By04X0xWjOcm7zHfgdTD1Y6tOxWj8W8WJgKD537bK6gYIfWLchiLRnc_hVrh_zywDgbQ3roDa-119bBApnfKIGnKA11YBsKQnAVwso5qtKocSTRxuLIH5y0DpOlzO7yvc6tHX-kfispIbLs6pHG8gtYjkIWquXWbQPnVq0kWsJSEo1fo7avzwZx736RA5MpdbyfmHeuRAeEx3tKK4arl1vaeVArJLtXCISa-gELPD8KPIlbGUByu-ckBdtDgA98Do39WP_ksejTF-8tsjLLP06SfaKZuh_qYXjqrOyn-5XFonFoEzu2wwk9663SOoMltAPcdMvrtrf_Omh4XW5WTivQQC2KlGX-ADMg94gNXtskYLm6Zr4jZs5LAozKlZ1XXp7AKjTDicolqBk9JSrUGUVYKRBu0UjNMZd0kSfUYNekyCbMKR8vNtbPJgwrlFRyLiApqas7-FlN4FOMvcdKNkxRGGSt8K_JL7iJF0HsysW86nZPnZD5EMzYbehKybLvr0ln3XBAGTRIUT48881VLt3lJDLG6e7tc4KaHmg80QoBA1yBUC5EqWoCcSMZT5346l7cNUAer7_xUO6YYhMdZXzKrt2Wj7mmTWHEqCqqDcDV_Rr8cL3Qq6RVKC1XAszeclBKF1Q5un9jPW1DvnJT-Mn_DXnOQL0hGDoGNnUx8q8fvU3Pu7-inGSDltvU-A1fh9XyWf1_x6ajifHAc88RYx_RPTCy96xdvn90Al2bd49MwWmWXzI1AMzcjS4AoliruCanQngMDlNv1uSf5M07HewXtdeVYDz2PtBUf-IXTdnbFbKZaoqVFGrH1auk61Lk8Qh9EMI8JYxHe3e82Ujaw3GBp13Gya3qG8qoGMRVD97WpG_FuzU-1AGk0i16XRAdkkHh_PoCZ-13eGTXuVA36Rw39pXxOUiRR2iDrKGX75rF3vjqs_eEAhlJz8ygnHhM43i16T3zIVRgnq475HSh8amLDbb66IMjoQje-iZwf61cWyLrFqNha1YVCZY6qBbN916I3ibYLz4FU5sZhIHNcoCr_a9vuI7RNpyRXCjI0fNGKNmAc4Bjt9-H80ERcf7lbvnbqlHWTZmPtoD5pUmT44QOgoOXY9HuMeNhybErIdmttZurTAstu5yR_99cYxsdFPnGIY_bBitak7dwom1kzalP_zWjCOPpXzcuBWFx_qICJtMG5Yi6YUEyFyyCL6IZR38nZ6UtZXugTImrXKXj0utGXwCbGh1Kl2CbsiX6au0Q6B_JoQtJsUNEWvQBGsyFOOnESsKjB8lhKH2uiobzDXSsQLAJnq9JDX2ANSw-DOMWekRyKLm_HxGhZXby0Ng0Pz7yNVr2HVqAesRt9DcLH52YIBxZNEzht1AHJq_ugJhLhvkkk-Rp4aZ-8V8zFk-iw_pship_k3eW_3ocOiazfIZrjUPJoeBa1UuFoepj3x6f4LzUggpJOtvqFHQV_Wn1-kc9TvrPKzp5thSKL5gkcGchNp1JWyyEvEfmRKgCmMArPzkNOU5sy0telQiECFcFeyeK-RNXaTHF7snU9Dt44IAruH175KXYt8UPsQcMgxGzhQZqbKwonjKrSmeqZ_Nj0SlT8_trXnMJwZeOa0mQe6930N2f9VgO62gyB5TskjtECAiTBsTHkKpi34TYPRegSD6DI32W2j6HK4bsCx-4fwlimHVE75iqRKXpyLT_Xq2ln1VyYhi22KmaaLhvDLJ6RqDMJi33Xmrnk9KcBUDa6SvGgV3t2rYFBlQw9BWTv8uBfJWKQZ_oBw5RjGEAtiSb2DoZ-JuImcP-BY4udCUk3g1QqbHmzlt8PYjz0IgEc7qJRlqjYYitQH8j3mAAQm1m6xAU_5BahSACP2RpbBvyyeHHeOs-Pba3YDM36npb7GxBImpflyRMqPf6S8hBdN2JELqOjFHZfvJd-0SlYo57jqkPdYBWD6QcatEYW59F0qRjL2HfK7DB3R8_OCeg8oulMFm_L7vHC4u641qVJwdx1pkcdFNSn1KQaMj4ZBOhTUqjspBsKn3qmNZorWEItFIhWhXJmDSal6J_Ae_0x4Zvy3x4TYo40bcKHjmp5SsB5dTi3Wh4vYSMsENbrAjgml7KOow95RoaEtRCOw3KLATiHpfuJMlsXotH4ojAwwpvtnXLHAFI79tIZeOBWyWYI36d9JCWceW_A&cid=CAASEuRosSJz4lOanKFizRVsNdanWg&rfl=3%2Chttps%253A%252F%252Fnoticias.r7.com%242%2C%2Chttps%253A%252F%252Faudio8.audima.co%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 18:22:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame F0D8 30 KB
11 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 18:22:11 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F0D8 41 KB
15 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 12:01:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 38D3 1 KB
643 B 15ms
15ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:01:33 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 12:01:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F0D8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fe9cd4c1685f258633fe49e92538c0fa5866235aed94b7903ad2ebb8670815c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2C2E 22 KB
8 KB 16ms
16ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 100463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 12:01:33 GMT
expires: Thu, 26 Oct 2023 12:01:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 38D3 35 B
463 B 60ms
17ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEALBwAc6-F9-0_Xyb3kAwog&google_cver=1&google_push=AZmPxg_DFvFltTmPNUGG_x6Rn1WzCb_9hbrdrCvX_0RGLMLRDDBXWWsuNitGDmkEKdgPQBZMskUHj7BIyANAmwB-9MNxF_YcLEwz

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 38D3 0
191 B 138ms
34ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBjpEczNve6CkzchyhOmHrQ&google_cver=1&google_push=AZmPxg9IwmjFJ2zHPPhRBvDbDcn7dDhOEJf_KBf7suxUIm4rDe5eW7Cnx67lnh7FaSfopFcjSSlrKpkluYH62Q7QS6q1bCiVfAU6
Requested by: Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 27 Oct 2022 15:55:55 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38D3
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELDRLl9AqI0p_Z9cTBLBXr0&google_cver=1&google_push=AZmPxg8X2INPceh4VDfE_Hp5c4Ae59ZPDUSUWRS7lrKS7mfsIgslAUSeZqzyCLzx7jcBwiNn51DiaPYIIxZ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8X2INPceh4VDfE_Hp5c4Ae59ZPDUSUWRS7lrKS7mfsIgslAUSeZqzyCLzx7jcBwiNn51DiaPYIIxZG-OH5qPiFRwxFitMY&google_hm=Wj7CJSdvQDqZ5AeNUMcRb0U

170 B
188 B

28ms
26ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8X2INPceh4VDfE_Hp5c4Ae59ZPDUSUWRS7lrKS7mfsIgslAUSeZqzyCLzx7jcBwiNn51DiaPYIIxZG-OH5qPiFRwxFitMY&google_hm=Wj7CJSdvQDqZ5AeNUMcRb0U

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:55 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8X2INPceh4VDfE_Hp5c4Ae59ZPDUSUWRS7lrKS7mfsIgslAUSeZqzyCLzx7jcBwiNn51DiaPYIIxZG-OH5qPiFRwxFitMY&google_hm=Wj7CJSdvQDqZ5AeNUMcRb0U
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38D3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKlDp_k8zuDF6C-QJT6EJUE&google_cver=1&google_push=AZmPxg-f7AndXy0DhcUqQj2ZeRTj1EtG8j6rtLsp0-b9w26aQYz8xi1TN1NxNa41GNQU87Ab-mOPR4vO...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKlDp_k8zuDF6C-QJT6EJUE&google_cver=1&google_push=AZmPxg-f7AndXy0DhcUqQj2ZeRTj1EtG8j6rtLsp0-b9w26aQYz8xi1TN1NxNa41GNQU87Ab-mO...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc4Mjk3OTQzNDA3OTQ1MjY0Nw&google_push=AZmPxg-f7AndXy0DhcUqQj2ZeRTj1EtG8j6rtLsp0-b9w26aQYz8xi1TN1NxNa41GNQU87Ab-mOPR4...

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc4Mjk3OTQzNDA3OTQ1MjY0Nw&google_push=AZmPxg-f7AndXy0DhcUqQj2ZeRTj1EtG8j6rtLsp0-b9w26aQYz8xi1TN1NxNa41GNQU87Ab-mOPR4vOpXcduRQgxFiVfkgZaxm4

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc4Mjk3OTQzNDA3OTQ1MjY0Nw&google_push=AZmPxg-f7AndXy0DhcUqQj2ZeRTj1EtG8j6rtLsp0-b9w26aQYz8xi1TN1NxNa41GNQU87Ab-mOPR4vOpXcduRQgxFiVfkgZaxm4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38D3
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENxAG0wp3kan1p53bdaP198&google_cver=1&google_push=AZmPxg_HJG66vP2Q7-rmjnaWLBUHr0pXL-kPFxwxCkcvof-Eij7icK6ST9j-gpqz8D5r69ekN4vOPR_iX1-0SHJc...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_HJG66vP2Q7-rmjnaWLBUHr0pXL-kPFxwxCkcvof-Eij7icK6ST9j-gpqz8D5r69ekN4vOPR_iX1-0SHJchHRV140__Yy_

170 B
188 B

32ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_HJG66vP2Q7-rmjnaWLBUHr0pXL-kPFxwxCkcvof-Eij7icK6ST9j-gpqz8D5r69ekN4vOPR_iX1-0SHJchHRV140__Yy_

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Oct 2022 15:55:56 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_HJG66vP2Q7-rmjnaWLBUHr0pXL-kPFxwxCkcvof-Eij7icK6ST9j-gpqz8D5r69ekN4vOPR_iX1-0SHJchHRV140__Yy_
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: PolSSyzeFOOT3X7otXb568-HDjCgNL5wl8xBh3ilRZw0h7cMU0DJYQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38D3
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFDVzG7T7FD2ELjn7gp0gLo&google_cver=1&google_push=AZmPxg-6vNGGL_gm5Ltwg_nevQGRaAJjwN3s8fMa5-Lzs6n5fojE2aMgGcvW_-KoChUyOgR2KX16DQEKAxEd...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-6vNGGL_gm5Ltwg_nevQGRaAJjwN3s8fMa5-Lzs6n5fojE2aMgGcvW_-KoChUyOgR2KX16DQEKAxEdTH2tFTAScGQYLjEd

170 B
188 B

27ms
27ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-6vNGGL_gm5Ltwg_nevQGRaAJjwN3s8fMa5-Lzs6n5fojE2aMgGcvW_-KoChUyOgR2KX16DQEKAxEdTH2tFTAScGQYLjEd

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-6vNGGL_gm5Ltwg_nevQGRaAJjwN3s8fMa5-Lzs6n5fojE2aMgGcvW_-KoChUyOgR2KX16DQEKAxEdTH2tFTAScGQYLjEd
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 38D3
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFDVzG7T7FD2ELjn7gp0gLo&google_cver=1&google_push=AZmPxg_e9miIUyEKUt_ek7RmNsJECrT60la-IbhYAGbIEFF0PSFk3drWKgQBRMTNGetmo-WufXIz76mCuDp...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_e9miIUyEKUt_ek7RmNsJECrT60la-IbhYAGbIEFF0PSFk3drWKgQBRMTNGetmo-WufXIz76mCuDp1i1Ou1yvIfWMF651bKQ
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

28ms
28ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 38D3 0
12 B 58ms
23ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeNvB80DAItMjNKogoxnd3HhUaIsJI1vWEzkWmc-Z3Oz3-Y8xUEQTaczflCSE_X0X9q5yFCw

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C2E 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 13:17:57 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11952265205864672055/ Frame 9E58 15 KB
2 KB 67ms
23ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11952265205864672055/index.html?e=69&leftOffset=0&topOffset=0&c=6WhksLAajy&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4316c67b4baf0e745e30d86193d9243a0738c1ca9926986c1788a8b161d5cb5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2278
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 15:55:56 GMT
expires: Fri, 27 Oct 2023 15:55:56 GMT
last-modified: Wed, 14 Sep 2022 10:35:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F0D8 0
0 121ms
60ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdQq87K0ye80Brb6xmPAONdkJsyNI-GT5s0UWDOTdHVToiqEXM-lFKgogAis2CaQT6z4ZD9WQ8-zGCYy5YedTZIOZu13K1WDfTcFvMDbjFfA68JnQrYQg585BUcsxJdlcpC_hv6IH-UuZEm_UBjSt6qYyJHhA87FV2va1L25F5dKX0VI90cbU5Z_1tGFBIPUBwLCMinKQBc1hc86I0-d224Q9JZr8xzkJzrQzIP_3Q57LhJaYPE-Dmily0nKRGlhFEJWsYFiyC950t1Xfr_7YRrbGfzZiSLLxIbu5Ag4y2Y9-VY1LGgrskjRlx7rF6yacawbpXNYjBT6YrOJqyGsDnGXW9fsuPjnyS2FT5Un1224lmEKv5uxApyy69fCRvmc0NHE3n2yS34QEwUj46eXZm8rytafnZMqiE_JZ_FHZ-KdhVlqcbgr0EdFfAuYaiXmdd-yq_5Vrh41NvI1voc3Krt7PlB1gh09qXiZXTfhQzk_6JsZmVe1oCs6tYeNUgWGZLomtmWrPaZjhOzp2RNSDxUf4gKcWeLCaLAjYYkXVwnufEcE_GMxtXwrJoxl6QhyGvymYzM4yAcNr4HiEknDOwhyPkZs2DxYfHFhNVN70HCGiSSQ3T8fLsAXBsDbA-eG5NIbzXCMKF_5WePwGGklvGOmePAkDuZ9ztFccTG9bx-FnSlA4v9EGlPXQA7LaWU0e74AEd04AfhQn-B0CWq62FJAjWI5aoiHUvmNSNZhDZb6_f2yb5X1yys0h7JTHvtLohRRVg7zYRloKAmhUl6-HvjnZKfBTooT2_sKP5Sb3Dm4HLt54VIdU6UQk0tVq719oxYGeXKFynITjB4L-DTTt-eX9g-nnTXo5IqoWWBz7MWcyLMdmhsQtjo1v5IStmwsyOTlY1TlUs7XRbtVIUONhPiSex2Igqx5S5td8Gm-MTMdk2zOnngLypB-UKFHCDcalNzGW-fsf3XcvBNj6rmFeCHaNrq8XEWhyxqTHqnDl9lsPEaveDIn2-1F2qTAVwhQ8ijWlt2kYVRI_IqMe0JQSwa3-UJa6FGZAijHldBYfdPHkf9Ckh6nwbGn07iHzHsJFENFTtlRn9z20eqbQywezUSKeZKKNHAt8IZ3adpoN1tjaRl3G9URmQRITwemfAhZA1gUxH8ROhbfwMcpQ-2dgKURn-E1H8IzNR656EqQ6-0gnsSlMHtrCy2JUZWIuA3ZWbW1xFc3vL51mkE1JHuvw1hVEtSP3v4FHzWVLYnzFkXCcRBPv9bc0J4ZGFDP_zE4Wf2u6U2Rxrs9kt&sai=AMfl-YTxr9ZdMO-2aoAVPHYhKtU5FgEqe46utR2gFKCNSpFzzKho20C4rwXBWzvAQibkp8Qj3pRD7tJMeLnv0gxAa9rp-AMs0msy06PuyXTgpIWL176uSl_kBkCoGCVjFVQzWs25Se8zC2mpJ_JhTrETKaokMkEi9nGB1pc&sig=Cg0ArKJSzL7U89Zv4YE1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=161&cbvp=1&cstd=154&cisv=r20221026.27956&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 15:55:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Oct 2022 15:55:56 GMT

GET
H3 200 1661867165592.css
s0.2mdn.net/sadbundle/11952265205864672055/ Frame 9E58 10 KB
3 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11952265205864672055/1661867165592.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952265205864672055/index.html?e=69&leftOffset=0&topOffset=0&c=6WhksLAajy&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a40ebffc77ee93ae3aa2f89a75f13bb7111087ed7567a0818ab365d0ff06499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11952265205864672055/index.html?e=69&leftOffset=0&topOffset=0&c=6WhksLAajy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 13:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2535
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 10:35:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 13:06:20 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9E58 118 KB
40 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952265205864672055/index.html?e=69&leftOffset=0&topOffset=0&c=6WhksLAajy&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11952265205864672055/index.html?e=69&leftOffset=0&topOffset=0&c=6WhksLAajy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 17:25:10 GMT

GET
H3 200 1661867165592.js Show response
s0.2mdn.net/sadbundle/11952265205864672055/ Frame 9E58 34 KB
11 KB 16ms
16ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11952265205864672055/1661867165592.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952265205864672055/index.html?e=69&leftOffset=0&topOffset=0&c=6WhksLAajy&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4989bc93c351231cf57c606028d58c3c35ec23a469cfe4475195db035df17fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11952265205864672055/index.html?e=69&leftOffset=0&topOffset=0&c=6WhksLAajy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576273
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11482
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 10:35:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 23:51:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C2E 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDFa6DKpaY96_COS6x_APiOCiwAkAAAAAOAHgBAI&bg=!NjWlNXHNAAZPh4lnb4c7ACkAdvg8WujKtw88soIwi_7xvHBFojEJgh2xY42ZRnFE4RQy3QPTyi4bXQIAAABxUgAAAANoAQeZAzAhcNOWjM0uJ7h34GTHIkTdG3Q85hOROAZd2cP5kSiV62j9m5pbddtn9CfkuDomSVEi6tittmTHFfRwWpDxAma14Zz6dA6aXICm_cKgqKYOyxXBM8NPsFmvgOJtU3MFT6QXZbW23WAfIQoPEX1GTxMcu-wlJmNl2tgVqOqqJqoQ0tD9fdnBBfTKBQKUFSM0izqIuRoWWnKjbI1fSMpjZ9AjC9NLoXgzXh4kax0g0qISjpDE6qdCYrxb8ih51pa3i75hYx4JU3OoaPVTk9PvMjqyNVQYikdmS5CoPrl3RCpun38-9uhrwkXWsB_ncVmZCOhziAwIRVXPUSpj4iZBMKYaeCIysj-ec2FBmDzx1LHiZpNGF1O13TVOTlEM12aeecHuFFeXBj-J4mt3h9sytMFo1JKpX8FHAJKi7hY0-Zi-VK3pD1HXZdWsuy1JUcYpBbCwPIXJNh0EHO-kQhOj_j8xuHtseYC0eVUcrjQfHcb30HbiR942-PIYYTEVZXuOjN039ol2mdLI-AqTqUmYY-ydtIW8fZXQd8YyI1Iw-kuTF58tV0i1Qo-AnebYnJ_p4o69gWP7a0U6OSBn66smhrwWkI_BWWO1hQYhxhfTqoJkmkWeQ4-c3D6noFjYKhjrPp2FcF2UxsNSJee559h3Ufl42SNV_sRg5S0fqQyc9LFzyLSKVR2KoSO0YbQiCKiMs2GI49_sGYWH-uW4grETUkNrYwwICx0Zfn1Bmde1vIWsJzGc_tJYte82n7u2vlHb-4Cv8JXYpluCM_FaQFgmgvjObP8J4_p3ja65c8GqH44VFcPxqZOH-3FvoUUL-NhKzWhybk0t40keQV8cSIbdEjsTPPYw-9nSMIfPFTqA8Pngrjmzu2EDWCEByr26uCAOoR5wxqRCQGe7gOlb0xA42PFCQvIb6XgqKIbEpARCOKs22ZaKyiraRQBbExp2sj7BbHMthrdjMOxvGjUriQ44jzcYwrJMO8sRTfC8OEStf05QI-XEArY-gr7Wcw48EJVuHRxJ_8_U3LCcp3yzY1FNqbIH-n4e_BvgeMRlD34ZfeoCeIcr2AhlN7fQGZI8WPmtEgA

Requested by

Host: 6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
URL: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/11952265205864672055/ Frame 9E58 5 KB
2 KB 15ms
15ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11952265205864672055/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952265205864672055/1661867165592.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2001a471069a1835710b3e8881cd76cd26c74fc1ba09474f2e5d70e41517a539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11952265205864672055/1661867165592.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 18:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1628
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 10:35:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 18:22:33 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F0D8 0
0 85ms
53ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdQq87K0ye80Brb6xmPAONdkJsyNI-GT5s0UWDOTdHVToiqEXM-lFKgogAis2CaQT6z4ZD9WQ8-zGCYy5YedTZIOZu13K1WDfTcFvMDbjFfA68JnQrYQg585BUcsxJdlcpC_hv6IH-UuZEm_UBjSt6qYyJHhA87FV2va1L25F5dKX0VI90cbU5Z_1tGFBIPUBwLCMinKQBc1hc86I0-d224Q9JZr8xzkJzrQzIP_3Q57LhJaYPE-Dmily0nKRGlhFEJWsYFiyC950t1Xfr_7YRrbGfzZiSLLxIbu5Ag4y2Y9-VY1LGgrskjRlx7rF6yacawbpXNYjBT6YrOJqyGsDnGXW9fsuPjnyS2FT5Un1224lmEKv5uxApyy69fCRvmc0NHE3n2yS34QEwUj46eXZm8rytafnZMqiE_JZ_FHZ-KdhVlqcbgr0EdFfAuYaiXmdd-yq_5Vrh41NvI1voc3Krt7PlB1gh09qXiZXTfhQzk_6JsZmVe1oCs6tYeNUgWGZLomtmWrPaZjhOzp2RNSDxUf4gKcWeLCaLAjYYkXVwnufEcE_GMxtXwrJoxl6QhyGvymYzM4yAcNr4HiEknDOwhyPkZs2DxYfHFhNVN70HCGiSSQ3T8fLsAXBsDbA-eG5NIbzXCMKF_5WePwGGklvGOmePAkDuZ9ztFccTG9bx-FnSlA4v9EGlPXQA7LaWU0e74AEd04AfhQn-B0CWq62FJAjWI5aoiHUvmNSNZhDZb6_f2yb5X1yys0h7JTHvtLohRRVg7zYRloKAmhUl6-HvjnZKfBTooT2_sKP5Sb3Dm4HLt54VIdU6UQk0tVq719oxYGeXKFynITjB4L-DTTt-eX9g-nnTXo5IqoWWBz7MWcyLMdmhsQtjo1v5IStmwsyOTlY1TlUs7XRbtVIUONhPiSex2Igqx5S5td8Gm-MTMdk2zOnngLypB-UKFHCDcalNzGW-fsf3XcvBNj6rmFeCHaNrq8XEWhyxqTHqnDl9lsPEaveDIn2-1F2qTAVwhQ8ijWlt2kYVRI_IqMe0JQSwa3-UJa6FGZAijHldBYfdPHkf9Ckh6nwbGn07iHzHsJFENFTtlRn9z20eqbQywezUSKeZKKNHAt8IZ3adpoN1tjaRl3G9URmQRITwemfAhZA1gUxH8ROhbfwMcpQ-2dgKURn-E1H8IzNR656EqQ6-0gnsSlMHtrCy2JUZWIuA3ZWbW1xFc3vL51mkE1JHuvw1hVEtSP3v4FHzWVLYnzFkXCcRBPv9bc0J4ZGFDP_zE4Wf2u6U2Rxrs9kt&sai=AMfl-YTxr9ZdMO-2aoAVPHYhKtU5FgEqe46utR2gFKCNSpFzzKho20C4rwXBWzvAQibkp8Qj3pRD7tJMeLnv0gxAa9rp-AMs0msy06PuyXTgpIWL176uSl_kBkCoGCVjFVQzWs25Se8zC2mpJ_JhTrETKaokMkEi9nGB1pc&sig=Cg0ArKJSzL7U89Zv4YE1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=299&vt=11&dtpt=138&dett=3&cstd=154&cisv=r20221026.27956&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: noticias.r7.com
URL: https://noticias.r7.com/eleicoes-2022/bolsonaro-tem-512-dos-votos-validos-diz-pesquisa-16102022?amp=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Oct 2022 15:55:56 GMT

GET
DATA 200
OK truncated
/ Frame F5FA 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df4c6b8a6de4d4a17ed064758e19cc3cf8ec1dc8b38f4a44475af7690662fffc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F5FA 15 KB
11 KB 61ms
30ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731fad91d73e265bb0bbe8ff4109b926aa033b934c7587a995cc0edc57481038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F5FA 0
0 52ms
52ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0DfOKFWGjeoo33l2NzeiRqqGQmIhoJijbmgKoSBQOEwB4XmKUjuYJMwA6MS-zfOxdr8x4J-i7w_tdSjrKwJw151s4WguXSVFswj_uRtMx82FKXskMzkUbBDkdxp8s-erEICKQM8RslnTEe2CmWr44lvnu3Oo-ewEXWw1KXnwdkC_KM3LRY1khmGIViUPobmDGvAeJwndRlExGMkzFu4kshVeq6EWMgh9fcU3BHjbED7M5wZ2Ckn7315lVhOhM2BiJj8EIPfPgylLiuIgOkUDP1s7anvmaxMYGjf0A48-eTK-ctwjVZGKS2UaA1GVXIRk7OqK_D2RZdbPl&sai=AMfl-YRq2xL7V7zN5D9dE9iVsJNlBxzPFvWrlkRF8hjkFZIbnMTtYlO7YZX2CTaDfna_P_fCuAK3-tu1DzVOPYmHTQ&sig=Cg0ArKJSzI3qma9rE4iuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Oct 2022 15:55:56 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 9E58 13 KB
6 KB 55ms
16ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952265205864672055/1661867165592.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 12:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 12:05:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9E58 7 KB
6 KB 28ms
27ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

875991033cbd96f527ba7700d19c544bac85cc2ddd90489fb6d35a10906b8bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5779
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F5FA 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 15:55:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B660 0
0 53ms
52ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102501&jk=2327383789990905&bg=!vL-lv_vNAAZPh4lnb4c7ACkAdvg8WsrqnKpxFv7ULWFVeOLHavt_uo0La6IQc1dl_bepRwryLD57WAIAAAB1UgAAAAJoAQcKAJnOjYvcdGx5Tcw0i9pykJFcUJ5X3rTz0-zHQYFMORYCQ9kkCX68l2t3wB8L7qREd2hKDiUJh0hhVjXpxdPuV7-nTmnLObsXAn_gFiUX-zYCltPXMYFgpJLURW7GMdQdmul6SavB_Epc9GyzbvXBnWgaVQHhuA5RO_lVzXiVwmb6dXVI3tS2oVSjOvdOw0FkmuPem-m8M3fgdbuZAs0oQLsQc5P56k9LdCm4_kTcPHmC73sn2LT561jjohv6VJY-1FMvTaS41H2ep28024xpEC4sw-uUk7k_l-1EzSHbQBGB0tMH9Tb7Vb81DxHlA0VjnRqU5c2kDSd1swlwbXVNzzEYzBGCJgqJkg1Sx3opEppL6j0vmgzC6lo-S_s1Lb4GCzPXVylxvCGLvkJPUN1FvO0i74UoE391bloRLlMSQPX6TxxvHGXJ7iuU33fQSQ_hPXBG-vcY_FzKIVcC6haN89tq1B9lyVrSvybxrtOrNu0Aj4baArtX3XXBzdK1kSsACiXUmPChnGczCF6hVtZxyyRv2uX0JaojuL5rtvLjSwwTLbmsHQXdxNWn1ZBKHv0IO-rX75jFda_DuS4JuN76chGGxmsFrgZ8F3Fg1LuluP0D92lcqahRpQ0nmI-jNQ5EOr5v1GcAQuW01uvH9OllcF5Xp26V0J6hqz5Q2CPNGrquX5SkbZGxw_Wxs-dlpaCLPyfAwQCrrIo46SaYcP_cJSiiQkjzqyYGFUiPoCqOCqhvfrbc2IiwfSsDIjebsuWakUVDkCGMDnE5NgQeadU4yhkgqqj4jzWLXtBNpJBH1ymNEK0k90XzeIVOoAGZBKxaj90v1IDQYvXCWQ933EzR81DpEU7bXUl3ELsF4CjSiUbOsE9wIKtDG5xcHe1fJJE7jwmkFrkmJuyoEzNd0mFfk7ldE4btc2BYXiQ84x_46q_Dbu0AeN3SnB4y2APCZnUJ3DrjysL0l5BHjp9Izrjj3UHZGVsF1fzpHblYF7uyrAowcVL6P6pmt_9KbawI4_DEP0fycTa52DY3K1TWkTmjOVVGiZpH5c98l_9dO_z1qURtIWi_vM0x-aNFNO_BbUHuyktzMbISoorecpIg1Ze4-jFWA8LQxHj5R1expkpqIxlTu76vUB_AEqEd4qkzsU_fGyJ_WlFozv-2ADQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9E58 17 KB
6 KB 136ms
136ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 15:55:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B59D 13 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 455
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 15:48:21 GMT
expires: Fri, 27 Oct 2023 15:48:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B71A 783 B
533 B 27ms
26ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27cae7a3657166369cc18e7fefb5a54129c12a0113a9730229cb306dc968e6d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2RSF6E-i2_Eam2RvaovmhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-2RSF6E-i2_Eam2RvaovmhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 15:55:56 GMT
expires: Thu, 27 Oct 2022 15:55:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 9E58 98 KB
98 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952265205864672055/1661867165592.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11952265205864672055/1661867165592.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:42:56 GMT
x-content-type-options: nosniff
age: 780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 15:57:56 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 9E58 57 KB
57 KB 17ms
17ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952265205864672055/1661867165592.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11952265205864672055/1661867165592.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:47:12 GMT
x-content-type-options: nosniff
age: 524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 16:02:12 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame B59D 36 KB
16 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 13:17:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B71A 0
0 50ms
50ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102401&jk=979064342085493&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 s18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png
s0.2mdn.net/4528404/ Frame 9E58 9 KB
9 KB 16ms
15ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/s18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856a0857f715b920260cbb1b2e3dfe5554d187824a8a449dcde41238c4ac60ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11952265205864672055/index.html?e=69&leftOffset=0&topOffset=0&c=6WhksLAajy&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 16:07:59 GMT
x-content-type-options: nosniff
age: 85677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8746
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 16:07:59 GMT

GET
H3 200 s5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame 9E58 7 KB
7 KB 17ms
16ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/s5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c427347c1169056d1f996b1a93c41e7711f2d48a0b636c5c4c89afb5079cb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11952265205864672055/index.html?e=69&leftOffset=0&topOffset=0&c=6WhksLAajy&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:48:48 GMT
x-content-type-options: nosniff
age: 25628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 08:48:48 GMT

GET
H3 200 s18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png
s0.2mdn.net/4528404/ Frame 9E58 9 KB
9 KB 15ms
15ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/s18gb-tacho_fairflat9991d849-ba8e-45c7-82a1-eaa84a1b997b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856a0857f715b920260cbb1b2e3dfe5554d187824a8a449dcde41238c4ac60ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11952265205864672055/index.html?e=69&leftOffset=0&topOffset=0&c=6WhksLAajy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 16:07:59 GMT
x-content-type-options: nosniff
age: 85677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8746
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 16:07:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B59D 0
10 B 15ms
14ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?x522Bw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8767 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 13:17:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F5FA 0
0 53ms
52ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102401&jk=979064342085493&bg=!CgmlCU3NAAZPh4lnb4c7ACkAdvg8WkSlOzvvLeAK8P_X2z-Uo2ZK81PpDfAHfS-uc1hOjHnPlV35tAIAAABjUgAAAAdoAQcKALWrwgp9bqoZPBZ-G5ly12JO4CG_6I18nRzaU7DE7MYzbJrM65foPIKSV-9sPzV-XcWs97I97_tC_ZVnF73QVXro4JH0Q86PH2m149wELeVgRPia3LRYfPTHMluSKV9koNTKzgOqW5P9fr-keO7a1NVes-5WQK0RoNkUjILDUw3iqKrjPoNyz8gYu1_Xl6WLFEuWVG-x9puj3msJQIdBEfuayp44w1Z8v2QTlYzPv7Y31UYz_G4nmQLlQRr6weu97-bUG2VVLLqwWpCP0LdUbTRAepqn2FOU_RFHyJLnR2wycMuxFxDPX_ibD-25gbXNPQ6GP3X6HYu38SO_l89NYzzUoiHdY-6FbiHA02Fjry9wGeRyaDaJA92sNqfVbma1kvJucI3x4kf7PfMliMN1rA0WxB6d8sSbW_xbXyOvxrucW9DUjusgO_1y79peu9sYpZ6ktMV5BwzhxjRyCwhORuyzC6oLJ6vbEyMpE0JR23XI2KXxuekv0FhxvUd8kbqbiwCTlPrZC-p9yodXUDOY1EMwzpC_vKWQPJ9ap-YHrrFjnew5Jli-Sb6dn8UlQkGZ_bqeUBioT9SeDOkqSx1hvrsWexnMLr0wHHA3MRDqf207hUMAtuX3h294py5T7RlpCsmGm0ushFGezqa4vYu0ckFWLxgDpXg0IiqJa8TLuRR1pS23H5Vxu-zHFh1WTM0809qhC0sYua8giIwqYUOa9S5gJhQhzAQ9uPUVzKQsRXusk3_cC5edSefjcQVoPL3u0gG-BIDxM1dIVQiYGjWRCzcLbjFVE5C1fYHy6LXNdCpUA16E3ObtFV2Typqu6lJwoktTbA-hp8L_gGUcb3RiCX5z1plaGb52gQDuPUvuv7MBa_jQ_xRfQJipduyGWGSbM6sCc0wMIu5AzffrgJ_8_l81xBIOBLs1eK6_iyxBYgGRraH7xJXHEY_luMLVt7gHswqhjQUveAD-yrixPF649gRtGbg8R20mO9_35lDr-hApSvDqHT8fRAdOzGELnJA1yzKtfMwJEzD8kxWsSd83h9O8nuU938wWyzQOSCkN-tBuatXYrJ5nYKegedZfzL-Nz8kmCW5btN39taiiLjLp1DD6gVfJR3CLcnL1sf1j81vZAFeH9Qr-gIDSm4e_XOsW6JMQ37pS9yK52fHq4MVv7_Mlt4TpBKVlCEo11rC8jMW2DQpJrGVNQ3vEHUE5wSofJRbJOq3vNxftGYCy-bBF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ Frame B660 87 KB
28 KB 91ms
33ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Oct 2022 15:55:57 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F5FA 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskvmUBlb9NvAi2cYPvQZdV-gBj28Lw1rUgvlMTVmMnW5YeOgzDPRJJGqfLFvugnGjIMr8UqPkSbboz0vjJpIoaGlOXRYu_Ov4A5pLPnf2yU9F5FzeE&sig=Cg0ArKJSzD661pofOXQPEAE&id=lidar2&mcvt=1000&p=0,0,50,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221026&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2776864775&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666886155540&rpt=996&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F0D8 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuU3ZdQof3SxNCeXXna67DuvVORwMBEEaewCs0Yi3ZZFHzLrNXGM7iCrMXgCVjYZFddhMVonpSasWhFXEgQ5pXCyScu_nje-54BWC2SiwxqVclRiTQ-ypdDKgpGFU62j51CCtGoqQ&sai=AMfl-YSsN5SQ4NM3x-S-_cK3MqF_JR5P0Dnzx9C7EyIOvGG4XckOicjr_6cCJumd-zov4_Guitug1TOCnBh0ogAHuW9nutLtv7_LP4ohqw&sig=Cg0ArKJSzLDKvaBnVZ1EEAE&cid=CAASEuRosSJz4lOanKFizRVsNdanWg&id=lidar2&mcvt=1000&p=0,0,50,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221026&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2409650377&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666886156038&rpt=515&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1BE8 15 KB
6 KB 75ms
25ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=noticias.r7.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://audio8.audima.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 15:55:56 GMT
server: Kestrel
server-processing-duration-in-ticks: 691534
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame B660 89 KB
29 KB 116ms
59ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Oct 2022 15:55:57 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1BE8
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=audio8.audima.co&sn=ChromeSyncframe&so=0&topUrl=noticias.r7.com&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=DQ4oa3xibjJzZ0llSVZJeENZSEE2YlJNczFFNDUwa0d1cC8ySXNnQVNaZ1VTZ3VwSzRhVjdySEVSa1pGTUdybER2aFdUV1M3MVY1ZUtMRUpuQ0p1Umhib2lVOEdxSjBORytHQUM4M1N5Z0VwaEZ2dEVuLzBkalhmMVpGUF...

430 B
655 B

479ms
25ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=DQ4oa3xibjJzZ0llSVZJeENZSEE2YlJNczFFNDUwa0d1cC8ySXNnQVNaZ1VTZ3VwSzRhVjdySEVSa1pGTUdybER2aFdUV1M3MVY1ZUtMRUpuQ0p1Umhib2lVOEdxSjBORytHQUM4M1N5Z0VwaEZ2dEVuLzBkalhmMVpGUFBPdGdaTytFOVBTRktCeGs5bTJJVTlLenNQdk13T3hlRDY4cSt2Mm9wdXpQYUhVSTNJYmpKNTR1WktzZytrVE5xUEVyY1RpSitWWE1rcTBNdFpOOVFtcDltcm4xL1lQVVYyeTYyeTBIaHREcXUwQ1hka1dwNUd4NmtZa3RjZjhOV3krSEs2U2k2YkZIM2VZZ2hvTzBIbFRHRGxxaURidE1xYVBrc3BSaXZlR1JlVHRRQ05sVT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5ce9636f798371116661652f7ac87c8a3edc7125a82bd6011392ddac04f6db1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2410646
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=DQ4oa3xibjJzZ0llSVZJeENZSEE2YlJNczFFNDUwa0d1cC8ySXNnQVNaZ1VTZ3VwSzRhVjdySEVSa1pGTUdybER2aFdUV1M3MVY1ZUtMRUpuQ0p1Umhib2lVOEdxSjBORytHQUM4M1N5Z0VwaEZ2dEVuLzBkalhmMVpGUFBPdGdaTytFOVBTRktCeGs5bTJJVTlLenNQdk13T3hlRDY4cSt2Mm9wdXpQYUhVSTNJYmpKNTR1WktzZytrVE5xUEVyY1RpSitWWE1rcTBNdFpOOVFtcDltcm4xL1lQVVYyeTYyeTBIaHREcXUwQ1hka1dwNUd4NmtZa3RjZjhOV3krSEs2U2k2YkZIM2VZZ2hvTzBIbFRHRGxxaURidE1xYVBrc3BSaXZlR1JlVHRRQ05sVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 767872
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame B660
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnoticias.r7.com%2F&domain=audio8.audima.co&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=eRa99nw3VkpMMk1PLzdKTTZiRC9NUGx4cWdSMUJ2NDcrSFpybjkzS1NZL2xTVVpZM1Qya2hFNmgzNmIvSk9LaVR5b2s4cWFUUXlLam1SZGtMMWo5RVFadkh6VG5MSWl5dENnNlRNSVF3Q21FUThaWGRqb200b1NLRmFNTz...

426 B
699 B

26ms
26ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=eRa99nw3VkpMMk1PLzdKTTZiRC9NUGx4cWdSMUJ2NDcrSFpybjkzS1NZL2xTVVpZM1Qya2hFNmgzNmIvSk9LaVR5b2s4cWFUUXlLam1SZGtMMWo5RVFadkh6VG5MSWl5dENnNlRNSVF3Q21FUThaWGRqb200b1NLRmFNTzVTWTQ1OHdoY2NlQzhITmwyV0dtWmVmZHJ5dittdVdPajBPaEY4Y0ExNjNPMXlXbmFmY2VvTE1VSERRYXg3WG1WS25GZjk4TElPOTNid2M3dUhVZnBpQ3RJeGVaZ2ZsM2xEMkQvRDJQRDYySyttY3RDWDJGQXJVVTBhcERTS1dzK0k4TVdxenBzMk1QUjZkTm9hbldkKzV0VTdlc2N5QXpLaXdLTk1GMWd3Y1ZOT2YzUHMrND18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aad0388fdd4a9df0720cff86946f7d3327799cc5af993b49ccd1666183674a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio8.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1870467
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=eRa99nw3VkpMMk1PLzdKTTZiRC9NUGx4cWdSMUJ2NDcrSFpybjkzS1NZL2xTVVpZM1Qya2hFNmgzNmIvSk9LaVR5b2s4cWFUUXlLam1SZGtMMWo5RVFadkh6VG5MSWl5dENnNlRNSVF3Q21FUThaWGRqb200b1NLRmFNTzVTWTQ1OHdoY2NlQzhITmwyV0dtWmVmZHJ5dittdVdPajBPaEY4Y0ExNjNPMXlXbmFmY2VvTE1VSERRYXg3WG1WS25GZjk4TElPOTNid2M3dUhVZnBpQ3RJeGVaZ2ZsM2xEMkQvRDJQRDYySyttY3RDWDJGQXJVVTBhcERTS1dzK0k4TVdxenBzMk1QUjZkTm9hbldkKzV0VTdlc2N5QXpLaXdLTk1GMWd3Y1ZOT2YzUHMrND18&cppv=2
access-control-allow-origin: https://audio8.audima.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 712932
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 73ms
24ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnoticias.r7.com%2F&domain=audio8.audima.co&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://audio8.audima.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://audio8.audima.co
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 27 Oct 2022 15:55:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 440796
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8179 281 B
554 B 79ms
23ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://audio8.audima.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Oct 2022 15:55:58 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5A6B 52 KB
17 KB 337ms
262ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://audio8.audima.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 35716
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 27 Oct 2022 15:55:59 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 19 Oct 2022 04:28:54 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 10, 420662
X-Served-By: cache-lga13626-LGA, cache-hhn4045-HHN
X-Timer: S1666886159.016150,VS0,VE0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8179 32 KB
10 KB 23ms
22ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 15:55:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14606
Connection: keep-alive
Content-Length: 9454
Expires: Thu, 27 Oct 2022 19:59:24 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 71ms
23ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 27 Oct 2022 15:55:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 574417
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 8179
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dpgy4JIBR1WXaiR_aWgDzA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dpgy4JIBR1WXaiR_aWgDzA

43 B
479 B

110ms
110ms

Image
image/gif

52.46.143.56

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dpgy4JIBR1WXaiR_aWgDzA

Protocol

HTTP/1.1

Server

52.46.143.56 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 15:55:59 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JTRFY33SGWFJVPS81GBR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dpgy4JIBR1WXaiR_aWgDzA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 8179
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9R8Z973-22-A648

0
651 B

120ms
119ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9R8Z973-22-A648
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:58 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8497FD6D8A2E408B9024CB5E61F6BC3D Ref B: FRAEDGE1214 Ref C: 2022-10-27T15:55:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXsBi1kFwhhcFsbrAAifQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9R8Z973-22-A648
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8179
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDJGWeLkV2iId7iaTfuv4Jg&google_cver=1

0
239 B

105ms
17ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDJGWeLkV2iId7iaTfuv4Jg&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDJGWeLkV2iId7iaTfuv4Jg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 8179 70 B
265 B 125ms
40ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Oct 2022 15:55:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8179
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/l6ohZwlPI4u8B8rdrFQMDMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8129461901590456320

0
239 B

18ms
18ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8129461901590456320
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 27 Oct 2022 15:55:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8129461901590456320
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8179
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=l7RXhpG-Tn-_EvMkTrzU8g&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=l7RXhpG-Tn-_EvMkTrzU8g

43 B
479 B

44ms
44ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=l7RXhpG-Tn-_EvMkTrzU8g

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 15:55:59 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KY01G9H9Z72HSEXR0FJ8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=l7RXhpG-Tn-_EvMkTrzU8g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8179
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjIwMDViZTViZWQ4M2U4ZjM0NzcwYmQ3OWExOGFiOTBkNGIwOWU3YQ

170 B
188 B

25ms
24ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjIwMDViZTViZWQ4M2U4ZjM0NzcwYmQ3OWExOGFiOTBkNGIwOWU3YQ

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjIwMDViZTViZWQ4M2U4ZjM0NzcwYmQ3OWExOGFiOTBkNGIwOWU3YQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8179
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSOFo5NzMtMjItQTY0OA==

170 B
188 B

26ms
26ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSOFo5NzMtMjItQTY0OA==

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSOFo5NzMtMjItQTY0OA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5A6B 0
743 B 17ms
16ms Script
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 15:55:59 GMT
AN-X-Request-Uuid: 8391aa83-5769-4fcf-9a9f-acc2016d141c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame 9E58 7 KB
7 KB 15ms
15ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/s5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c427347c1169056d1f996b1a93c41e7711f2d48a0b636c5c4c89afb5079cb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11952265205864672055/index.html?e=69&leftOffset=0&topOffset=0&c=6WhksLAajy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:48:48 GMT
x-content-type-options: nosniff
age: 25631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 08:48:48 GMT

GET
H2 200 dc_oe=ChMI3vXe6eKA-wIVZN0RCB0IsAiYEAAYACC63uxKQhMItuvI6eKA-wIVREcdCR3waQiw;stragg=1;&timestamp=1666886159738;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame F0D8 42 B
494 B 151ms
53ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3vXe6eKA-wIVZN0RCB0IsAiYEAAYACC63uxKQhMItuvI6eKA-wIVREcdCR3waQiw;stragg=1;&timestamp=1666886159738;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:55:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5A6B 0
743 B 16ms
15ms Script
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 15:56:00 GMT
AN-X-Request-Uuid: 0ab0e463-e933-4a44-8ce9-9e24f5b1db47
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.r7.com/	1970-01-20 15:47:02	Name: _ga Value: amp-u8_BU0DUL8Yq-B8ZF_xrqQ
.r7.com/	1970-01-20 15:47:02	Name: comScore Value: amp-rNSpxOBryd208WpEf2Hs4g
.doubleclick.net/	1970-01-20 16:23:02	Name: IDE Value: AHWqTUlaqXtfnsUXUMeXk0YHXs-ySmxyD8gG3AMM9en81b36-SvO5iCL55rNlEzX784
.rubiconproject.com/	1970-01-20 15:47:02	Name: khaos Value: L9R8Z973-22-A648
.rubiconproject.com/	1970-01-20 15:47:02	Name: audit Value: 1\|hLZGFuTafB2q1F6i4ZDK02WQ0NNjmqbPd94gXYLevqJVEPWV8b2hcWqlHy2FZh2JKjx8YwfcUNJpWhiizsz30cxuhZpbWKLtpfIg8qJwCGw=
.doubleclick.net/	1970-01-20 07:01:27	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 09:11:02	Name: uuid2 Value: 2897030863545707094
.adnxs.com/	1970-01-20 09:11:02	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$IeVZU!]tbPl1M>e)ZlrFUfJ+tGXxoyYU<nOMwN#N:Y[eQV<`iID^j^yaRsO.A3uS+bpRzqF1`b_4N*.tVj
.quantserve.com/	1970-01-20 09:11:02	Name: d Value: EAgBCQG3J4EA
.quantserve.com/	1970-01-20 16:31:40	Name: mc Value: 635aaa0c-524b2-c60ef-ff9c4
.adform.net/	1970-01-20 07:46:04	Name: C Value: 1
.ctnsnet.com/	1970-01-20 15:47:02	Name: cid_5a3ec225276f403a99e4078d50c7116f Value: 1
.ctnsnet.com/	1970-01-20 15:47:02	Name: gid_CAESELDRLl9AqI0p_Z9cTBLBXr0 Value: 1
.adform.net/	1970-01-20 08:27:50	Name: uid Value: 3782979434079452647
.casalemedia.com/	1970-01-20 15:47:02	Name: CMID Value: Y1qqDDaq-7Ldp2rRA5qWIAAA
.casalemedia.com/	1970-01-20 09:11:02	Name: CMPS Value: 2156
.casalemedia.com/	1970-01-20 09:11:02	Name: CMPRO Value: 2156
.criteo.com/	1970-01-20 16:23:02	Name: uid Value: b369c0d6-2f77-4df9-a086-bfd963537cd7
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:47:02	Name: bcookie Value: "v=2&8c0bc4f0-f308-4874-86ca-a73c76201cc9"
.linkedin.com/	1970-01-20 11:20:38	Name: li_gc Value: MTswOzE2NjY4ODYxNTk7MjswMjHSOwY7JAsvvgzg8L0VfR+nuHP+9j4o0y4eZe7lEMIjKg==
.linkedin.com/	1970-01-20 07:02:52	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2417:u=1:x=1:i=1666886159:t=1666972559:v=2:sig=AQGRE6G_1fPBQ-x-TAWK-nwug-P-QKYD"
.yahoo.com/	1970-01-20 15:47:23	Name: A3 Value: d=AQABBA-qWmMCEDWJ5RJU-5sn531RN8OoUKgFEgEBAQH7W2NkYwAAAAAA_eMAAA&S=AQAAAs5wYFeUAjcbUgAa8hf0aUk
.amazon-adsystem.com/	1970-01-20 12:57:06	Name: ad-id Value: A3XUuCaCPU0fi7t8FUPluS8
.amazon-adsystem.com/	1970-01-20 16:37:26	Name: ad-privacy Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pkioshima-recordtv.github.io/dfp_adunitDiv_multisize/300x600.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1c08853c21dee366485d74cc44d6bc4a.safeframe.googlesyndication.com
3p.ampproject.net
6650b2f250d16f26bfa1c30c92e85771.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.r7.com
audima.co
audio8.audima.co
bidder.criteo.com
c1.adform.net
c3.taboola.com
c63f9271d165e2f1430fc1e288fcc915.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.taboola.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
d-1225005938571827334.ampproject.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
img.r7.com
lnkd.in
match.adsrvr.org
mug.criteo.com
noticias.r7.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pkioshima-recordtv.github.io
pr-bh.ybp.yahoo.com
publyads.jstag.space
px.ads.linkedin.com
r7-dp6.rj.r.appspot.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
13.107.42.14
13.32.99.90
142.250.185.66
151.101.1.108
151.101.1.44
172.217.18.2
178.250.2.146
185.80.39.216
23.205.235.133
23.35.229.56
2600:9000:224a:6a00:1b:5138:8a40:93a1
2602:803:c004:200::143
2606:4700:3035::6815:193e
2606:4700::6811:180e
2606:4700:e6::ac40:c620
2606:50c0:8000::153
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:827::2014
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9c
2a02:2638:1::1a
2a02:2638:1::3
2a02:2638::1c
2a05:d018:d29:3605:ca6f:e9b9:9a27:46cf
35.186.193.173
35.71.131.137
37.157.2.237
37.252.173.62
51.89.9.252
52.46.143.56
52.95.122.74
66.155.71.25
69.173.144.139
69.173.144.165
88.221.168.50
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
066103c0c05ccda0cbd344d96ccdfd3dc24b9ae570ed257618eae925f663504f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca8f3308359cce49ec0669121162fa66b54a51e518b88996324314e1e656735
0d15e9f643566a563cb466e4e01f2ac349c5c1619d7cd26ed70f45e6b5cfdab0
0d36546c3e8be26641a6c78b2486c21c8dbb4aded41b7a71a3d80d5cacc86970
1015b52f3adc6a317d7cb0d123b45eb32ef3cc33289e122d7b31fd04dcaa1398
11f4e1c70ee07415781060cf1340d79ca49e73218eb6809d3f6f86693f761378
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147f479b249a8d8d91689574ed000b6fcd493095613691206b0a3dbb7515361a
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1a3c0d62ac94f0650f4eddbc408188b6e4f2db2bc99cda229006d3e5bae737ef
1bb625bbfc513e41e26b4b827bcdefb362107eba4c22afd8e4766e30b058373f
1c4cfb70c60a7a209643da25dfeb58918ba537b3c830d4b942e29ce78c9199bd
1cf28313a7fab90b33c3369b191c18a0eea60415d9546d76f080a69996ddc8fc
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
2001a471069a1835710b3e8881cd76cd26c74fc1ba09474f2e5d70e41517a539
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
27cae7a3657166369cc18e7fefb5a54129c12a0113a9730229cb306dc968e6d9
282d748e297291ae1c2d1d3109a02ce829f917e34f29dedbd9d74ecc3333445c
2b88d4fad579a92c21fdf067edfd9f8a1eba2002907856b729ced5b5e3af9789
2fe9cd4c1685f258633fe49e92538c0fa5866235aed94b7903ad2ebb8670815c
307921aa22495c2ed44adca72527d6d8b8259b0eee51bf7171eb184f75a234e6
38207a30631e8764ab5a22abb356ba4a4e4a2cc5883356eefd31202815c1872d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400a40463fe43a3a619a314e6fe85d9033af590c7011adf41887530e9680f519
41164ecc4643a94f1881912ddca649032a58a93bce844370c8e6369dbf246d7d
41bda8144b864ca926422619eec9fd80bf8cca61576be61b32581a37a75d0693
4316c67b4baf0e745e30d86193d9243a0738c1ca9926986c1788a8b161d5cb5d
484666ea0d20a9381585aa3af97c437c152557b4b17538674f1c27fdbef0e7e6
4989bc93c351231cf57c606028d58c3c35ec23a469cfe4475195db035df17fd0
4ad12268da77c77a50ec33f5771a9ef64d33d53335c03a23b3d459be4544b5c2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce4c133af7a3640330955596956b91da16c0395c22ab5a2afb79d8cb2d31557
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52d9bec8fed03a373938b5e47a32f902bfacd858bc03ceaf9baaa0d01438795d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569688eb0d705cbc594af04a34f8394fe9960ea5f15cd6010bf856474adc14e0
574e606dd328ee0151b17115729313e90da8ef190d298d1ec736c6c4b731b99c
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5c427347c1169056d1f996b1a93c41e7711f2d48a0b636c5c4c89afb5079cb6d
5ce9636f798371116661652f7ac87c8a3edc7125a82bd6011392ddac04f6db1f
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b913d6f06cebe5484a2bf0de91fa809e331c5b4c7885a8bb67e971f1be57c48
6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9
70e66891c0d02108d0f7f93e6943381865a8d322dfb1a04e49621190c5465518
731fad91d73e265bb0bbe8ff4109b926aa033b934c7587a995cc0edc57481038
74cbbf9e1c109d5ddc444aa022b423392b67e5470f6994a0f7b5fe34805eb28e
793277af21228039ab8e8ac08a32842fc3f94db4873695ad173b707bb1597a54
79bbd067eff59b0e77f2c105b6a23129e341e4e0ed12a27e2618216fc1e850e0
7bc64bd757699fdaa5f3bfe214ee5a29575f3f39a13653c1876e2d295a2cc215
7e5cb8f6d99d577dcd70dc2f1fee6fa847a16b5f36c5d20cb9dd55e2de2e75b8
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
856a0857f715b920260cbb1b2e3dfe5554d187824a8a449dcde41238c4ac60ed
875991033cbd96f527ba7700d19c544bac85cc2ddd90489fb6d35a10906b8bf2
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fe50ea73fd12cde68729c670d9dc544f0182fba8bdc188c8b900c2c5bfeed6a
91bbb60ad70d111f3c6a7c95189b395e8245ea4e3a8dd0e52839c82e0d2931eb
928a02d4975285b6175eeb4aaa3dc4a141bb0dea4886de5a5ae5d6b286f0cc43
954581c979b209cb6812bd2b086fbc8f3bebc7f64d143c2cac8a1bc22ffb887d
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9a40ebffc77ee93ae3aa2f89a75f13bb7111087ed7567a0818ab365d0ff06499
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e99d38d859962273792f13f1506761d92eb652775ca256af34ff6a64eacd3bf
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17729c9105d967bed5d5d756cd73d2fe7ce84c9444e560e76e4190d0e8b6ca8
a355a5ffc6d879bb3d56bbc77d2dcbd79151b9a411d4090f3119ecd0cf4cae85
a4309265903052524638da5af6d5447080aa47a72e9591a63f02c407f2b6c0be
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9b53e109c7232f3045fe2df204525df9a166743f8fc0b9285bca0c227168413
aad0388fdd4a9df0720cff86946f7d3327799cc5af993b49ccd1666183674a70
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
ad2d94bc9242f8bc340a18b57e4515ba7726222cccff509b140254060744915e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cd247b5b6412f4a83d6be7f1addf05635b26635e6a6ffb3db69b95fe940c4917
ce655611013225d94b44591cdf45d921dc4685ac4fca441950fe4e215748a957
d225d3094c0bfae075ef08b2d41137c1aba0002573d53a0b7c03d32b9dee8b66
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
d9c651ae285c3b2a975d260325d7f3502e19117de76cb676d21e36d8cee551e9
de0217c34c0122c41df6069c40727a6b3c518a6c713bf33c0a560c1c6bdc21db
df4c6b8a6de4d4a17ed064758e19cc3cf8ec1dc8b38f4a44475af7690662fffc
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70d28028676f2056c2f5932997ab44e60b1dd9c63e09f043ad56230f380cca0
eca37871db74e9bfe2f151b95a17fe2d97f240c7db8300c9e2ad200772d383cf
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2164a3211cc8cb0f494c8925129fdc89f1acdc7fd35419de169c3415801c499

noticias.r7.com Open in urlscan Pro 88.221.168.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

164 Requests

88 %HTTPS

59 %IPv6

36 Domains

61 Subdomains

45 IPs

8 Countries

2049 kBTransfer

5531 kBSize

25 Cookies

125 Outgoing links

Page URL History

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

noticias.r7.com Open in urlscan Pro
88.221.168.50 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

88 %
HTTPS

59 %
IPv6

36
Domains

61
Subdomains

45
IPs

8
Countries

2049 kB
Transfer

5531 kB
Size

25
Cookies

164 HTTP transactions
5 data transactions