www.cadaminuto.com.br Open in urlscan Pro
2606:4700:20::681a:15f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/UZbg9fqRz6
Effective URL:
https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacke...
Submission: On December 13 via api (December 13th 2021, 4:27:51 pm UTC) from US — Scanned from DE

Summary HTTP 278 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 66 IPs in 9 countries across 50 domains to perform 278 HTTP transactions. The main IP is 2606:4700:20::681a:15f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cadaminuto.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.

This is the only time www.cadaminuto.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
25	2606:4700:20:... 2606:4700:20::681a:15f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::ac43:4a15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	104.85.1.154 104.85.1.154	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
33	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3031::6815:5b8f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
4 13	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19c::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	52.48.46.48 52.48.46.48	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	104.107.161.75 104.107.161.75	16625 (AKAMAI-AS) (AKAMAI-AS)
20	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:60:... 2a02:26f0:60:88b::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
9 27	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4 8	104.85.0.246 104.85.0.246	16625 (AKAMAI-AS) (AKAMAI-AS)
6	204.154.111.110 204.154.111.110	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::ac43:de16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 9	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 10	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2620:119:50e8... 2620:119:50e8:101::9002:f05	14413 (LINKEDIN) (LINKEDIN)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:ccb:acde:da2f:31fc	16509 (AMAZON-02) (AMAZON-02)
3 3	18.193.179.35 18.193.179.35	16509 (AMAZON-02) (AMAZON-02)
1 1	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.46.154.242 52.46.154.242	16509 (AMAZON-02) (AMAZON-02)
1 1	50.31.142.95 50.31.142.95	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	199.187.193.182 199.187.193.182	47043 (SMARTADSE...) (SMARTADSERVER)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	72.251.244.140 72.251.244.140	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.138.131 185.86.138.131	201081 (SMARTADSE...) (SMARTADSERVER)
6	2606:4700::68... 2606:4700::6810:ef3	() ()
4	2600:9000:215... 2600:9000:2156:bc00:1c:38a0:8a40:93a1	() ()
1	2600:9000:215... 2600:9000:2156:3800:8:9ed9:9c40:93a1	() ()
4	2600:9000:215... 2600:9000:2156:2800:3:748e:7940:93a1	() ()
1	52.42.142.109 52.42.142.109	() ()
2	2a02:26f0:60:... 2a02:26f0:60:8a4::2c79	() ()
1 1	2.18.233.201 2.18.233.201	() ()
1	212.82.100.182 212.82.100.182	() ()
278	66

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:20::681a:15f (United States)

ASN13335 (CLOUDFLARENET, US)

www.cadaminuto.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.cadaminuto.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.cadaminuto.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4a15 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.premiumads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.1.154 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-1-154.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3031::6815:5b8f (United States)

ASN13335 (CLOUDFLARENET, US)

audio.audima.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.161.190 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.33.221.90 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19c::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.46.48 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-46-48.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.107.161.75 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-161-75.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:60:88b::4469 (Schiphol, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.184.226 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.85.0.246 (Amsterdam, Netherlands) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-0-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 204.154.111.110 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-hlb07.doubleverify.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps628.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps618.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:de16 (United States)

ASN13335 (CLOUDFLARENET, US)

audima.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e8:101::9002:f05 (United States)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:ccb:acde:da2f:31fc (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.179.35 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-179-35.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.87 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.154.242 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.95 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.140 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-01.ams2.m6r.eu

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.131 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:ef3 (None, )

ASN- ()

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:bc00:1c:38a0:8a40:93a1 (None, )

ASN- ()

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3800:8:9ed9:9c40:93a1 (None, )

ASN- ()

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:2800:3:748e:7940:93a1 (None, )

ASN- ()

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.42.142.109 (None, )

ASN- ()

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:60:8a4::2c79 (None, )

ASN- ()

play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (None, ) 1 redirects

ASN- ()

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (None, )

ASN- ()

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com tpc.googlesyndication.com b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com	481 KB
41	doubleclick.net 9 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	388 KB
25	cadaminuto.com.br www.cadaminuto.com.br img.cadaminuto.com.br analytics.cadaminuto.com.br	404 KB
20	doubleverify.com cdn.doubleverify.com rtb0.doubleverify.com tps628.doubleverify.com tps.doubleverify.com tps618.doubleverify.com tpsc-eu3.doubleverify.com	238 KB
17	adnxs.com 4 redirects prebid.adnxs.com ib.adnxs.com acdn.adnxs.com	33 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	636 KB
14	google.com www.google.com adservice.google.com	90 KB
12	rubiconproject.com 4 redirects fastlane.rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	15 KB
10	avantisvideo.com cdn.avantisvideo.com static.avantisvideo.com cdn1.avantisvideo.com avm.avantisvideo.com events1.avantisvideo.com	95 KB
10	3lift.com 3 redirects eb2.3lift.com	4 KB
10	googletagservices.com www.googletagservices.com	252 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com	7 KB
8	criteo.com 2 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	8 KB
6	navdmp.com tag.navdmp.com usr.navdmp.com cdn.navdmp.com sync2.navdmp.com sync.navdmp.com	6 KB
6	audima.co audio.audima.co audima.co	102 KB
5	teads.tv a.teads.tv s8t.teads.tv t.teads.tv	133 KB
5	googleapis.com fonts.googleapis.com firestore.googleapis.com	2 KB
4	adsrvr.org 2 redirects match.adsrvr.org	1 KB
4	addthis.com s7.addthis.com m.addthis.com	217 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com cms.analytics.yahoo.com	2 KB
3	google.de www.google.de adservice.google.de	1 KB
3	onetag-sys.com onetag-sys.com	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	premiumads.com.br tags.premiumads.com.br	135 KB
2	aniview.com play.aniview.com player.aniview.com	11 KB
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	smartadserver.com ssbsync-global.smartadserver.com ssbsync.smartadserver.com	150 B
2	mathtag.com 2 redirects sync.mathtag.com pixel.mathtag.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	630 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	857 B
2	criteo.net static.criteo.net	54 KB
2	cloudflare.com cdnjs.cloudflare.com	86 KB
2	2mdn.net s0.2mdn.net	88 KB
2	360yield.com 2 redirects ad.360yield.com	697 B
2	4dex.io script.4dex.io	23 KB
1	sitescout.com pixel-sync.sitescout.com	191 B
1	rlcdn.com id.rlcdn.com
1	turn.com 1 redirects ad.turn.com	412 B
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	bing.com c.bing.com	593 B
1	smadex.com 1 redirects cm.smadex.com	529 B
1	linkedin.com px.ads.linkedin.com	596 B
1	adtelligent.com 1 redirects sync.adtelligent.com	363 B
1	googleoptimize.com www.googleoptimize.com	36 KB
1	addthisedge.com v1.addthisedge.com	712 B
1	googletagmanager.com www.googletagmanager.com	42 KB
1	moatads.com z.moatads.com	1 KB
1	bit.ly 1 redirects bit.ly	387 B
1	t.co t.co	611 B
278	50

	Domain	Requested by
23	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com ad.doubleclick.net www.googletagservices.com b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
22	www.cadaminuto.com.br	t.co www.cadaminuto.com.br
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com googleads.g.doubleclick.net b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
18	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net eb2.3lift.com b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
13	ib.adnxs.com	4 redirects tags.premiumads.com.br googleads.g.doubleclick.net onetag-sys.com eb2.3lift.com acdn.adnxs.com
12	www.google.com	www.cadaminuto.com.br www.google.com www.gstatic.com tpc.googlesyndication.com ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com securepubads.g.doubleclick.net b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
11	securepubads.g.doubleclick.net	tags.premiumads.com.br securepubads.g.doubleclick.net t.co www.googletagservices.com
10	eb2.3lift.com	3 redirects tags.premiumads.com.br eb2.3lift.com
10	www.googletagservices.com	ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com securepubads.g.doubleclick.net cdn.doubleverify.com www.googletagservices.com audio.audima.co b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
10	www.gstatic.com	www.google.com www.gstatic.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cdn.doubleverify.com	ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com cdn.doubleverify.com ad.doubleclick.net t.co b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	pixel.rubiconproject.com	1 redirects
5	audio.audima.co	www.cadaminuto.com.br audio.audima.co
4	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
4	tpsc-eu3.doubleverify.com	cdn.doubleverify.com
4	match.adsrvr.org	2 redirects b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
4	gum.criteo.com	2 redirects static.criteo.net
4	googleads4.g.doubleclick.net	ad.doubleclick.net
4	googleads.g.doubleclick.net	ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com t.co b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
3	cdn.avantisvideo.com	tags.premiumads.com.br cdn.avantisvideo.com
3	token.rubiconproject.com	3 redirects
3	x.bidswitch.net	3 redirects
3	mug.criteo.com
3	onetag-sys.com	tags.premiumads.com.br
3	prebid.adnxs.com	tags.premiumads.com.br
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	firestore.googleapis.com	www.cadaminuto.com.br
3	s7.addthis.com	www.cadaminuto.com.br s7.addthis.com
3	tags.premiumads.com.br	www.cadaminuto.com.br tags.premiumads.com.br
2	tag.navdmp.com	tags.premiumads.com.br tag.navdmp.com
2	tracking.m6r.eu	2 redirects
2	sync-tm.everesttech.net	2 redirects b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
2	tps618.doubleverify.com	cdn.doubleverify.com
2	eus.rubiconproject.com	tags.premiumads.com.br eus.rubiconproject.com
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	static.criteo.net	tags.premiumads.com.br static.criteo.net
2	tps.doubleverify.com	cdn.doubleverify.com
2	cdnjs.cloudflare.com	audio.audima.co cdnjs.cloudflare.com
2	s0.2mdn.net	ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
2	ad.doubleclick.net	www.googletagservices.com
2	tps628.doubleverify.com	cdn.doubleverify.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	t.teads.tv
2	ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	ad.360yield.com	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	script.4dex.io	tags.premiumads.com.br script.4dex.io
2	analytics.cadaminuto.com.br	www.cadaminuto.com.br
2	a.teads.tv	tags.premiumads.com.br s8t.teads.tv
2	fonts.googleapis.com	www.cadaminuto.com.br audio.audima.co
1	cms.analytics.yahoo.com
1	sync.navdmp.com
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com
1	cdn.navdmp.com	tag.navdmp.com
1	player.aniview.com	cdn.avantisvideo.com
1	play.aniview.com	cdn.avantisvideo.com
1	events1.avantisvideo.com
1	usr.navdmp.com	tag.navdmp.com
1	cdn1.avantisvideo.com	cdn.avantisvideo.com
1	static.avantisvideo.com	cdn.avantisvideo.com
1	ssbsync.smartadserver.com	b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
1	pixel-sync.sitescout.com	b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
1	ssbsync-global.smartadserver.com
1	sync.mathtag.com	1 redirects
1	id.rlcdn.com
1	acdn.adnxs.com	tags.premiumads.com.br
1	ad.turn.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	cm.smadex.com	1 redirects
1	px.ads.linkedin.com	eb2.3lift.com
1	audima.co	audio.audima.co
1	sync.adtelligent.com	1 redirects
1	www.google.de
1	s8t.teads.tv	a.teads.tv
1	fastlane.rubiconproject.com	tags.premiumads.com.br
1	bidder.criteo.com	tags.premiumads.com.br
1	www.googleoptimize.com	www.googletagmanager.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	www.googletagmanager.com	t.co
1	z.moatads.com	s7.addthis.com
1	img.cadaminuto.com.br	www.cadaminuto.com.br
1	bit.ly	1 redirects
1	t.co
278	92

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
minutoesportes.cadaminuto.com.br
twitter.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
premiumads.com.br Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
edgecert.googleapis.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-12-03` - `2022-06-03`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.avantisvideo.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh

This page contains 34 frames:

Primary Page: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Frame ID: F0EC8346D13A23C24DD48715BA4FEFF2
Requests: 97 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2FD9EB3A86BE1321CDBB3013925E0039
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D377E1347EDC3EAEEDB3413C2027BB69
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff7nYdAAAAAAsH7PjhIx1YPZToneRMIWw0pjVR&co=aHR0cHM6Ly93d3cuY2FkYW1pbnV0by5jb20uYnI6NDQz&hl=de&type=image&v=rPvs0Nyx3sANE-ZHUN-0nM85&theme=light&size=invisible&badge=bottomright&cb=y0mtkiembzhl
Frame ID: DFDF3D9DBAC2E3F5BBCADA9D76FB7F65
Requests: 7 HTTP requests in this frame

Frame: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3B5B7BA5A17EC0C5DDAB77B48F072089
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85&k=6Lff7nYdAAAAAAsH7PjhIx1YPZToneRMIWw0pjVR
Frame ID: 25F7245E62C72E909726F5F07B014A66
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C88CF3C86A853B331ABF9ABC719324C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B7CB3B9C544F87A8ACEB9A6E941FCD3
Requests: 2 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=adtelligent&gdpr=&gdpr_consent=&uid=f6298c1073558374
Frame ID: F019D3544FC94E93B3CA1F1695AD00B7
Requests: 1 HTTP requests in this frame

Frame: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C632D69E2B4090A2FE2D02653303B9E9
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLKyrsCEM2AjLwCGIC-vLcBMAE&v=APEucNXs4V9yAzSkdGA_eaMMGImup_NXQQrIXSIHa-RRM33DEmcLSitbtPjShQCDXYOEStDrbxRk7b4NfgU4gPAeWuOVvvrNHqxwjOqtg-3S5X7qrg7KvqbrS-lCUJJPjm8vWDeqJJlEmwtE60xduC34z8nrpD8nEg6b006QYoeO3YlkvZN9IkE
Frame ID: 3A37A152B38BB412665A30B46F64D5CD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E96E244A10CF43024799C822216AA3ED
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZsdsLli190235LhhKvd0zi7xllwz2YdhqXD8JEnzkiumOPioIdCU7NGmBka5Ibdj9bdcjfCV6ybKRhr5Qj7C4BXlYiBztaI8QE9SEAIlq6kbAZ3OUj-PlcdA4SSIYBidZaYnp_2O1gp1Ja-B1bvQaaOXaNhsNZIaFxmCMCvVzfayuUlC3gs4tRf5Gu3JTTBoBjjKGilFca92OWUJBzpv1C_nL090tusxlFMtMuloCbZFJuT2qrMzYOZIdZKn73DLhhgknWgf9OifIzrtPUhaz5IGKAV-0k-TajrZmKwL0S5GvN1dcgQ3poUjFrwHqZkcE&sai=AMfl-YT4RzTfhqeWauqMc7iP0vj_nYdST7tZhse7tlfNoRjUF805g8GyGee8aeWkyFRqzqbhdX746TTtQO-zI8iTfAYBkn51bc5rwrycyRmUSK2KOafbm4PbGi_uVv2_UGBm&sig=Cg0ArKJSzDi2h4paWzqJEAE&uach_m=[UACH]&adurl=
Frame ID: C2A9048AF23242B0E261AE5C69ED87C9
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYI-H-6C1dTH4RsLPEDU2nrqn8wo9yUUvl2bU8IBVwffsuewxdJYEhJ3Qmd5Z-VUF1GlsOlFfvpVESu4HI1sJc7cgpVfjw2iY_EDmIrunGV9qmuegQqUhmM5eoRRMeYrYpQeWu-dx6uyDcwIxq_C-uhiRdgDFdEerY8n9CR0hAlRZ6Tyua2N_XyzPPVmJLr-dl7GBrfGAvgdy12aeD_EyUIa2fgi0a4_E2GhNdTE792NNZypqG5z4RVcHdns7gFYtq4uSoI1apefSi2rWUFrAwAXWWS7ZruMdfHtS2KxouQKdxHKhZtQYnB4jHaxy43w&sai=AMfl-YS2CbkdlNCnJ5qIk6HlC7pz8tsIpMncGk_CryDSTCU-wOj4Oi8P7by9XyX6S6w5k8M3WGa32P3y81vY-sXuCKYvjJcNeGGI2gadGSgtfu7Yvg5ZwtPcZpQPiR7OTKNJ&sig=Cg0ArKJSzP0NFdm7bp3XEAE&uach_m=[UACH]&adurl=
Frame ID: EC6C341012280FCDC98E5A339E104CE8
Requests: 8 HTTP requests in this frame

Frame: https://audio.audima.co/iframe-thin-local.html?skin=thin&statistic=false
Frame ID: F0B9A6EC758F6FFB7491FE10835E9845
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BD17ACC113572E640B21D4EAEF3E47A7
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1940.js
Frame ID: E64EEB1D14E0BBD429F645C999BCA666
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 40B853E8773F5162B34DE5D66BCA6FC8
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.cadaminuto.com.br
Frame ID: 272BF88AE04DD9DBE2029D9FAC13CC40
Requests: 2 HTTP requests in this frame

Frame: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6CBBAC865AD9AECAE9DDCB79C8933C03
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BUSER_TOKEN%7D
Frame ID: DD68DEE0C2B7E4E7F34EE9DF86CF3AC6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ECE130BF458ACA44EA7A1A913E36D787
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81801C289E2A727EA91678F91F21C121
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: BAE4F3083199A837506902FF818EAF04
Requests: 12 HTTP requests in this frame

Frame: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F2B980088388099FE8E1EA940BE3BC98
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLKyrsCEM2AjLwCGPW4vLcBMAE&v=APEucNWpOsWFwr1LYhniCckLQQaSnV27aJJ_BCfkSMI8sn6goQRVrGCLrskXRB0e2DxRYTJeWZ-xDBO0g_kHU6RelIRCRD32gINm37mkqAPVgml6TL8qKtgcp4bkeq4t54HKQA6YYACWGNld_eLPQn0NwgAZcSi0bkHktNKNey_wqdhRyuRe4Gw
Frame ID: 0B4E9043EF2332798A04CD0919CD31F0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0B2979761CA047F356752930FC65988B
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1639412862650
Frame ID: C43A27CD985AB2772B9AC930EC3703F8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 00CC66BED989D3244114EAC2B7B89D05
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5DC98F286B18136840C77D33A54A995A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2E6E2C7B9C9BEA418266EB9E35C64FCD
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EDDF96635D1DB858047A950ED261DB9E
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1940.js
Frame ID: FDCED4B59962186A05B987DE671AFDAC
Requests: 4 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 2553B7E68B2143C36344BEAA4D1E05EE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Arapiraca suspende temporariamente vacinação contra a Covid após ataque hacker ao sistema do Ministério da SaúdeCada MinutoMenu

Page URL History Show full URLs

https://t.co/UZbg9fqRz6 Page URL
https://bit.ly/3EShd6Y HTTP 301
https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-cov... Page URL

Page Statistics

278
Requests

88 %
HTTPS

49 %
IPv6

50
Domains

92
Subdomains

66
IPs

9
Countries

3599 kB
Transfer

9968 kB
Size

56
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/c/CADAMINUTOTV/featured
Title: CM TV

Search URL Search Domain Scan URL

URL: https://minutoesportes.cadaminuto.com.br/
Title: ESPORTES

Search URL Search Domain Scan URL

URL: https://twitter.com/Cadamin/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CadaMin/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/portalcadamin/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/UZbg9fqRz6 Page URL
https://bit.ly/3EShd6Y HTTP 301
https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&uid=2d68b756-8127-4539-8eea-3761646da0f5

Request Chain 86

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.adnxs.com%252Fpbs%252Fv1%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=7545439605706458514

Request Chain 97

https://sync.adtelligent.com/csync?t=p&ep=0&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dadtelligent%26gdpr%3D%26gdpr_consent%3D%26uid%3D%7Buid%7D HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=adtelligent&gdpr=&gdpr_consent=&uid=f6298c1073558374

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4a7m7gk-R8FCXjCZjT9mU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4a7m7gk-R8FCXjCZjT9mU&google_cver=1&C=1

Request Chain 109

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ybd0f-5Yk-gC4uLltysiJQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7p6x7GD_cSBfzNhnIe6cY&google_cver=1

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ysTlsd-XrMf39y1ldJSg&google_cver=1

Request Chain 111

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NTQzOTYwNTcwNjQ1ODUxNA%3D%3D

Request Chain 167

https://gum.criteo.com/sid/json?origin=publishertag&domain=cadaminuto.com.br&sn=ChromeSyncframe&so=0&topUrl=www.cadaminuto.com.br&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=lLW4unxIZW9uUmxpdStNb0pmS1FRb3ZUcmhhSDdndUpudEUvVWdPUlFtMlovSHd0Y0UrQmNvT05jZUtmRnFhWmVMMEhSUkljMlpwRVFjSU82VlZiV1BPVVRYVE15czBxVlZkYlA5V25iMDJFUjQzbmYrU0V3K0VpVjRBYTVMWnRBWG9pcDArZGh6d3RZMlJkS2FSaURGVGwzN2VsZTJjNitOR2YrYXplZ1pnamxHMlVFVGJKanBTbCtJMGRwcmhES2tzcytEYVVmUm5lZU1IWXNhNWJ4cWxyckNhbGFoMUQ1T3lCQ0dBbmZmbnA2bUQ5RGpHa3pWaUkvL0VYODRVNGdYRFA5bmNJZlRpTW9VcDVUVUliR3FEOXRrZz09fA&cppv=2

Request Chain 181

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1

Request Chain 183

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=c264eebb-1f8c-4bc9-ad8b-42f915dd20ab&dongle=0cfd

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPQkVS1GvBvbAGu2EPYzh7U&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 185

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODEwOTg0Mjk4ODQyMjM2MzA2MA%3D%3D

Request Chain 187

https://pr-bh.ybp.yahoo.com/sync/triplelift/8109842988422363060?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-h9RKFzFE2oQ3Bt4VOUc0xXiTBnQ8DOOXLWUqibdjhw--~A&dongle=0883

Request Chain 188

https://x.bidswitch.net/sync?ssp=triplelift&user_id=8109842988422363060&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=8109842988422363060&gdpr=0&gdpr_consent= HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=2975ef73-d23c-40d9-9ad9-a6906329ec93 HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=e6c310aa-3d9d-49c7-999f-874ac8daef51&expires=10&ssp=triplelift&bsw_param=2975ef73-d23c-40d9-9ad9-a6906329ec93 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=2975ef73-d23c-40d9-9ad9-a6906329ec93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 190

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=8109842988422363060 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=8109842988422363060&dcc=t

Request Chain 191

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0

Request Chain 192

https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=7119648974622752365&dongle=d407

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7p6x7GD_cSBfzNhnIe6cY&google_cver=1

Request Chain 204

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ybd0f-5Yk-gC4uLltysiJgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7p6x7GD_cSBfzNhnIe6cY&google_cver=1

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH7HpflcBEIXrBIaOtkKT8A&google_cver=1

Request Chain 206

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NTQzOTYwNTcwNjQ1ODUxNA%3D%3D

Request Chain 213

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cadaminuto.com.br%2F&domain=www.cadaminuto.com.br&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=S0lGKnxBV3VueHdrV3VKUGVrdjlrbFI0K3BvSVVjRDd4ZmdjZVBjNTduc1NsbEVLZXRXVkliSm9FRUhkRm14NTV2cVlXaWpyaUFXZE9tSnBaZVdRYVozUnJ2OUJHT21YUEpFQ25xNUcvTEI5a0FLYVRQdGhnVGZCbmN1TnJOL0M2ZXVKUHhUc1RVYWxaRk1MdVZpdE1MVjYyVWU5YXpwNFhUM2JFZDQrRCtMUHAyblExdWtsTzVnRnFQa3NRc09aZG8wVXRxVWg2ckhqaW0weUp3U0VpUy9GdHl5dnVUbEkyYURtbUx3ckszRlRvbnAwM0ErQitHMHVpWGs2UmZvaEcwUWdFRWp1blBUZzV1dHFIRVZvS2pFVmhVMkRUdEpKcjRBV2N1dTJXUEFVTmRJRT18&cppv=2

Request Chain 234

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Vnh_4d6nZ0rEkXuBCRLIcMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7989154304957820749

Request Chain 235

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g0VzM4TzgtMVItMzdaMQ==

Request Chain 236

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWM2NmQyNzEzNmZmOWIzZTQyMTJlMzIxYWY2MWZjZjBlZTMwZTg2Mw

Request Chain 238

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=Ybd0ggALojlrTQAz HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ybd0ggALojlrTQAz&_test=Ybd0ggALojlrTQAz

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBv2fHx_FuW7-ep2VkDseTo&google_cver=1

Request Chain 241

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8ae361b7-7481-4a00-9fd8-b96af512b7c9

Request Chain 247

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEHPLxuHrsMrrPxe681KI6a4&google_cver=1&google_push=AYg5qPK3Z6QatrjZt3wTK3AKsU-Dq6c0lJamfwZaWJqx0mGSKox6iIrEmDbAu_Mm9mdNtiBsgxbG3WNdNZpflKTCsBxdx-3VQ-vdpA HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEHPLxuHrsMrrPxe681KI6a4&google_cver=1&google_push=AYg5qPK3Z6QatrjZt3wTK3AKsU-Dq6c0lJamfwZaWJqx0mGSKox6iIrEmDbAu_Mm9mdNtiBsgxbG3WNdNZpflKTCsBxdx-3VQ-vdpA&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=D7DSv9w5_tnCWzg-RAUXxg&google_push=AYg5qPK3Z6QatrjZt3wTK3AKsU-Dq6c0lJamfwZaWJqx0mGSKox6iIrEmDbAu_Mm9mdNtiBsgxbG3WNdNZpflKTCsBxdx-3VQ-vdpA

Request Chain 248

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDb6Asvx_KJwx-d3mypRvKQ&google_cver=1&google_push=AYg5qPKpS8bfO37PMSoNILWRguFEpAqRd24EUxCDrdlIkEeFhobRnwU6QbtmjKPBKhbRkqBBPVlLmq9Yt5x33ALMZCSeZ7pDt5rFsA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g0VzM4TzgtMVItMzdaMQ==&google_push=AYg5qPKpS8bfO37PMSoNILWRguFEpAqRd24EUxCDrdlIkEeFhobRnwU6QbtmjKPBKhbRkqBBPVlLmq9Yt5x33ALMZCSeZ7pDt5rFsA

Request Chain 249

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECfGMezmlcbkh6xV2WkGg7k&google_cver=1&google_push=AYg5qPJgRUR41FUWXLYw2I8ySh4jjW4kSqkpgIx3er_GgxOMoD68cYK-sZffm_D3spfEY490RWgJ40rUoZF6BEzjS26KIE7-rueH8g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODEwOTg0Mjk4ODQyMjM2MzA2MA%3D%3D&google_push=AYg5qPJgRUR41FUWXLYw2I8ySh4jjW4kSqkpgIx3er_GgxOMoD68cYK-sZffm_D3spfEY490RWgJ40rUoZF6BEzjS26KIE7-rueH8g

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=68130517155 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=68130517155&google_gid=CAESEEnEV1Gzt9g-T5YyAH7xOC8&google_cver=1

Request Chain 279

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=8ae361b7-7481-4a00-9fd8-b96af512b7c9

278 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 UZbg9fqRz6
t.co/ 221 B
611 B 140ms
125ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/UZbg9fqRz6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Dec 2021 16:27:41 GMT
vary: Origin
server: tsa_o
expires: Mon, 13 Dec 2021 16:32:41 GMT
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 176
content-encoding: gzip
x-xss-protection: 0
strict-transport-security: max-age=0
x-response-time: 118
x-connection-hash: 2c57b7c9e96eaabd8d633a8cb598c207214821fc1183d73251c2cc358a689555

GET
H2

200

Primary Request arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude Show response
www.cadaminuto.com.br/noticia/2021/12/10/
Redirect Chain

https://bit.ly/3EShd6Y
https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitt...

68 KB
17 KB

406ms
364ms

Document
text/html

2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Requested by: Host: t.co
URL: https://t.co/UZbg9fqRz6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb8c210d0a617ffc3acfab996ec9b910223dd739beb4808777f336414a036290

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://t.co/UZbg9fqRz6

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-type: text/html; charset=utf-8
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qy8a5bcW%2FfSY%2FbfbRlVo3GhI6MdoCF5qi7KB4jUdP4kkb%2FaKQdIYlYTCLSjyrRbR5pHmr6RhRkR0gKmXbw%2B0sE1EgpLo4V3HsLn%2Fq8xNJ2JbGiQopu2ra4%2BXWVIOxnf%2FBcmJe1r7K5c8cPb1FMh8N1Ra2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bd08fb14e315c9e-FRA
content-encoding: br

Redirect headers

server: nginx
date: Mon, 13 Dec 2021 16:27:41 GMT
content-type: text/html; charset=utf-8
content-length: 315
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
referrer-policy: unsafe-url
via: 1.1 google
alt-svc: clear

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@300;400;500;600&display=swap

Requested by

Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7345197b597e660c738cafa70ebdec6821036fe485ad67c9f3c29c0c0385c5e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 16:27:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 16:27:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 16:27:42 GMT

GET
H2 200 a29f2a0e65733931f55c.css
www.cadaminuto.com.br/_next/static/css/ 37 KB
9 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/css/a29f2a0e65733931f55c.css
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66d2d3a3d3aa76a0660fb7c0de89bb58cebddaecdf066484a26ff8dd83053d34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Dec 2021 18:45:45 GMT
server: cloudflare
age: 337067
etag: W/"61b24ed9-93da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTjqCjYYCMWdKWFXqSfxETSpZBz8w6azhuiNYWnD%2F%2F0QELmLydx9hHvAQ04LMZW9ACMi98DZRp7tXLvC2MdO2CUxSE1N20N6XSqNZfwBCJkYs6s3RF7okMQ04GguYAjamSU9eTIN%2BLLpCWUHrv7qxf5Jyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3ad405c9e-FRA
expires: Sat, 08 Jan 2022 18:49:11 GMT

GET
H2 200 _app.js Show response
www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/pages/ 486 B
654 B 21ms
19ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/pages/_app.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e10d0419b61c7081ab86071e9d94b62d0e3eaf4250dfcbe91eee6158378f78ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262942
etag: W/"61b36d86-1e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FRHS4lT9E7kKxz4qi83fNpUPc818%2B43J8v8gmViRwyZwZyoLEX18kAomZTuH5zNGG8mBXDbKqOCp%2BNZktuSA%2Bj7MPmlrO6Z7Vix23z6WtjR5TaUylu0FlOReGRfngrjb%2FpEXGCbi7B4QZj9JwalhLcpMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd485c9e-FRA
expires: Sun, 09 Jan 2022 15:09:47 GMT

GET
H2 200 %5Bpermalink%5D.js Show response
www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/pages/noticia/%5Byear%5D/%5Bmonth%5D/%5Bday%5D/ 633 KB
162 KB 46ms
44ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/pages/noticia/%5Byear%5D/%5Bmonth%5D/%5Bday%5D/%5Bpermalink%5D.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 848f9542f98ad26853abd0026a3c8c28d524e31e2112773ef6b8657a86ab4f25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262686
etag: W/"61b36d86-9e3f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05%2FHwX8iNg6QztZ%2FRQeKsMwyAYfhm4PA%2F5qBEffV0EVvu3x4sUw15aPlogAZnZihbsz1%2Bsmcb%2FaTy9gO2xVo%2FqG4eqHCtUyYB%2FPMCQTd7gxbr3p%2FtcZYOnCuLNlTkajtxGAbf%2F%2Fwhk7OSvaaENUILTYr6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd515c9e-FRA
expires: Sun, 09 Jan 2022 15:09:52 GMT

GET
H2 200 webpack-c212667a5f965e81e004.js Show response
www.cadaminuto.com.br/_next/static/runtime/ 1 KB
1 KB 20ms
17ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/runtime/webpack-c212667a5f965e81e004.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f9cfdc969fcfa0ba6f76de8cc24f3872b1c039b3bb284612242954d7d50f26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Nov 2021 12:36:27 GMT
server: cloudflare
age: 1560480
etag: W/"61979a4b-5fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZaZInssWHtXmn6N7fb1A0qFAP6Xl7Kgi%2F3ujdiGTEO0aCpbipCNzx02%2F1fF5FZfuf7uq5zPAkA0eWoWY2PyUM%2Bs%2B2%2FfyAQukxvkkksZXN7in3utgsiU02rI8%2FagEhYF7PARLSiym%2Fask4lyn5ua3wsvNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd535c9e-FRA
expires: Tue, 21 Dec 2021 12:10:05 GMT

GET
H2 200 framework.4dd1003cc9c949c7fcd3.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 126 KB
41 KB 43ms
40ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/framework.4dd1003cc9c949c7fcd3.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 987003625f0a7205f92a3ab9461a5be4b06ffb8bd045fabbc4c926c6fda28a11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Oct 2021 02:37:05 GMT
server: cloudflare
age: 1344180
etag: W/"616797d1-1f968"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flB2%2FHxo2i8uwaFX6tGzr2zAwhXwa9SMBeMiioExNWwpZ0RU1L9Q4HtjLO%2B0KKqxtSLmN5reUNlkqk%2B6cKCeDRggSou92E4aTlO%2FVJ3Xkui5VOflh%2B8BD%2FlUboRV7xnn6nwkFTmX3JKPJ3VZ39f%2FJe4RJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd575c9e-FRA
expires: Sun, 19 Dec 2021 05:08:19 GMT

GET
H2 200 a4fd7fb878012139e7de7dfb57bd4454899fe40a.cd9c3dd2c65f9126b9ee.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 27 KB
10 KB 30ms
27ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/a4fd7fb878012139e7de7dfb57bd4454899fe40a.cd9c3dd2c65f9126b9ee.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 435ab5fee7aff8f86225ab5e8f9c0c4cf82016432ab93295721df5e464c5f51e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262942
etag: W/"61b36d86-6def"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2S74bz6%2BNN6LMR%2F3XjSq4P%2FE16swnjEvA4goJIXhYohqvmyTcVF9b0vlcTNTMHysUV7ZXJktVlLPbmZqlf%2BjwffpBsIf3fJSQhJxVVFiKUZEGZtNCK4F8r%2FMnSkCWgW4KJgKhMBTHtUVVUc1z5nAQtHZWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd595c9e-FRA
expires: Sun, 09 Jan 2022 15:09:47 GMT

GET
H2 200 5719c624eb4270c91602caaeef844cf006e5f874.c9943aa81e5f124de329.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 6 KB
3 KB 24ms
22ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/5719c624eb4270c91602caaeef844cf006e5f874.c9943aa81e5f124de329.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a022c341461e50e5e93157549e8c3c2485cef872ba39ded734a121470ee0e6c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262942
etag: W/"61b36d86-18de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXF5%2BAZoDOX079oymWmETueIDqh4MWtgtXe0pTZ9AgHHpzQ9Ry3O17VodHD8vjXjyeFgKpnAYhEfrAAyGD3jaE%2FrmkvVENlB6%2FAmuXg2Cip%2F2tE853TntOkXnnz8pFvLOrXhW2%2FsIj%2FFATeg5bAdkJfnug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd5b5c9e-FRA
expires: Sun, 09 Jan 2022 15:09:47 GMT

GET
H2 200 23ef4109f86597cbbe8ec34efdc58f2596aa0729.84556dc80e3378efc6bc.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 22 KB
9 KB 23ms
21ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/23ef4109f86597cbbe8ec34efdc58f2596aa0729.84556dc80e3378efc6bc.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cd97f7cc199f7aa1c3b23ff9e21c46846003a0f7bf986e8e86cf20b6f55727c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262942
etag: W/"61b36d86-5944"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqekfJHU%2BBCPYziwm8ZcBBmfxKFLwIPYh6higp9TBBvpdaKYkGdI0XLEbxISbu6JNkcTASuWRewZ3UMndjEJz7djKgZMK5288e99RES8KQrAHp7CoHK%2Fw9OYhloH8DM3bP%2BMuopw8iSRv1wVyMkPZybbZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd605c9e-FRA
expires: Sun, 09 Jan 2022 15:09:47 GMT

GET
H2 200 main-e601789136d929d3011b.js Show response
www.cadaminuto.com.br/_next/static/runtime/ 19 KB
7 KB 21ms
19ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/runtime/main-e601789136d929d3011b.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f89b76cc0da8365582eebe7368f357244c37599576358f646bb506cba5458147

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262942
etag: W/"61b36d86-4d62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLDtwJ9V4B%2FmrsH1b7ST7eH6x9Yt7xGeYXxklCY2tu%2BBKtn0JHA8e69c5WLKa8tNxfI2L4DwEJB3Sy4L9439xii6dF5g5iey3ZH9TpK5kJe1j9K2yNhA2ICvMgv3Gi6qfojZtfB5vGfzbNqQxOfNp2u2PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd615c9e-FRA
expires: Sun, 09 Jan 2022 15:10:02 GMT

GET
H2 200 cb1608f2.f11a051580564f22884a.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 3 KB
1 KB 30ms
28ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/cb1608f2.f11a051580564f22884a.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce31a78565b5acde46f61d569714364485b34eab94e65a5cdfb36a8725346c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 03:56:27 GMT
server: cloudflare
age: 292373
etag: W/"61b2cfeb-a61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GJg8HGzVGx8KB%2BEnJ9uW14yUVNRhbkdDbafXaGWzAUxHelysnUxLAtrcCmycSHmq04NCvphDtAMZTD13uGnTXeLzkTkobEXsupqksyD2YcNkGhiKDOsXKwzno8%2Byn6H4u2cbK8ep8jXWfpezGF8wDPZnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd635c9e-FRA
expires: Sun, 09 Jan 2022 03:56:46 GMT

GET
H2 200 a9a7754c.a3a95e456cb532f0244d.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 3 KB
2 KB 31ms
29ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/a9a7754c.a3a95e456cb532f0244d.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee86af243da0d9b241f2f5c2adf6ec4f728bed1be1aad36337f9a208ecd3b8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Dec 2021 16:34:15 GMT
server: cloudflare
age: 599672
etag: W/"61ae3b87-b25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wd36v0QRrtBWKs1dCB1cFje%2BVWfinZEg0a0DyXV2XqsVGUAYMsLfZvmhBlfdVHHGNixUX%2FboVBIJ6uuudGtIpoS7xhCW1VCxzyOK%2FJ9NMF9irnb%2B2%2BSg0Or%2Fb%2BMyU%2BbOEJxMYuqJiF%2FhO97aOAd96LBYUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd665c9e-FRA
expires: Wed, 05 Jan 2022 16:34:38 GMT

GET
H2 200 7112840a.0d87f584faf5ffc3c32c.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 219 KB
63 KB 43ms
41ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/7112840a.0d87f584faf5ffc3c32c.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fa7d0808391f4006d66b3bb9b01ffae822abedd0ce403834460d81626e33b17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Dec 2021 19:05:39 GMT
server: cloudflare
age: 854134
etag: W/"61aa6a83-36dc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d53ustJeVyUaiTDEAllsK2ZN5IAiNoSOJvlWk1AfRKiN0ZfTuViaN%2FB1AmIYVQcn%2BNwIFGo9K4aBKUrDhwbCoo06uZ58OhLymsvpxEQxP3TFeOSr7F2FtYFEtmFDktmrdNzdh9fwbOpp6z61VF2HIcWbAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd6a5c9e-FRA
expires: Sun, 02 Jan 2022 19:05:52 GMT

GET
H2 200 75fc9c18.090c03733b865a37e886.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 58 KB
19 KB 26ms
24ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/75fc9c18.090c03733b865a37e886.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5f4df4b4a891fe54c7f385e7402c4249e11a7a3fa8496c7e7df028628ef0645

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Dec 2021 19:05:39 GMT
server: cloudflare
age: 851906
etag: W/"61aa6a83-e713"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6%2BIdflm2J%2F9fxWP4yTt9tsUo2aRhxy6lig9LjZCYOwuSmFb7Rs1i8fuTmtmcc3hINCdyWHrlM74ALI1Va3i91Kzb8EEX8qx8iQN%2FulUKam3jB8qm%2Fq8V62yIPkdX2Jy850f%2BMSZoKGmkGZW9UscB7D8bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd6c5c9e-FRA
expires: Sun, 02 Jan 2022 19:05:52 GMT

GET
H2 200 0ccfed1c27fd5b6ee8d97849a0875bc3538d70c4.b95610401bf7d4261903.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 12 KB
5 KB 23ms
21ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/0ccfed1c27fd5b6ee8d97849a0875bc3538d70c4.b95610401bf7d4261903.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c6ac8507aa8c7a22d748fa39ff72874a3c862d7461d91b7055c51141e47f966

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262686
etag: W/"61b36d86-308e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3GeNON7qLGgbQkMKRJO2aGbv%2BOfwtvdPcaxOcu6tcrJsQesi5GRpBd6T6UKBSYdi1s495D9qu04jashyn6kSjyZgnYFO9kIQD%2FtY2riDhoihwS4nXhWpDJDzlimarsvCHWERaRiD08C1OigLsKfvKElPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd6d5c9e-FRA
expires: Sun, 09 Jan 2022 15:09:47 GMT

GET
H2 200 1ad943b7ab3dae2f1330a00b831d53c22ee5f6c4.d3e9dcffd4ef00d62e91.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 13 KB
4 KB 51ms
49ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/1ad943b7ab3dae2f1330a00b831d53c22ee5f6c4.d3e9dcffd4ef00d62e91.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 715018c214053075d70b38f7a2bc2756d40d3897d3774d0aadb816b6fdb86d35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262686
etag: W/"61b36d86-3227"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DE4RfNrZT4xldkLL9D%2BNxMzGmOXbdzNZ13Wrp%2B91ZQcU%2Fjr7VvyVodnwNITQJJ%2B9WkDB1KEz4Tv2KMsiNx0%2BgIkiLlZOwi436DI5XSVnzo%2Fg6%2FsHWzLkgtEaa0%2BxRlGjY703ZckIYvGX71WHxIkmwpmFfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd715c9e-FRA
expires: Sun, 09 Jan 2022 15:09:47 GMT

GET
H2 200 6c94fcb0d516ff71bc16612f6d470ae63a6e9b62.e4774c7c1fdf6599bbde.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 31 KB
11 KB 29ms
28ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/6c94fcb0d516ff71bc16612f6d470ae63a6e9b62.e4774c7c1fdf6599bbde.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7611d990fa2936442cf20b365ffa4ab41607a9ed5af0668c01f8225ac10e47b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262686
etag: W/"61b36d86-7b4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkrVLfmeJRdYiOgoQt018pjNlkyHBTiXVt5cMyr5X8jemucCunR%2FJwI7HbgKoM6mec7pNUPdT2x7iY5Tz%2BZeIT69HS%2BSRzPc%2FvoH%2BOhhuM%2Bvkaula9wMqR0%2BACUZXL4hw%2F8ARdVUB04FBw%2FntvUOlHgI8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd735c9e-FRA
expires: Sun, 09 Jan 2022 15:09:47 GMT

GET
H2 200 b6b02372e82dff4a9ceea5117d0496889a7d11a2.4b77e5bc0dd07c5abda2.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 35 KB
14 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/b6b02372e82dff4a9ceea5117d0496889a7d11a2.4b77e5bc0dd07c5abda2.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30561c4116adf3801524426f63bcbfe56c855440fa5390fbc09e1e5abb91746d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262686
etag: W/"61b36d86-8c35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TRq%2B4Ba%2FAYsXGzX%2BNiJphHamG5JqOY%2FWut0bgXdqlEHk8PNPRU2GxH0TnwRiJ032QppgsgIzDarcZjBR%2F2MqB4%2FUC70sC90NeVHNfF9Mdzhp%2BcmSqaT5P33napHWzd%2F8au8qJAjQLBzVN%2B58RqFbEuMjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd755c9e-FRA
expires: Sun, 09 Jan 2022 15:09:47 GMT

GET
H2 200 f759daa1abdc754e6d00314716c4945b1f67cdc7.0e08299d7057b140b7e8.js Show response
www.cadaminuto.com.br/_next/static/chunks/ 16 KB
7 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/chunks/f759daa1abdc754e6d00314716c4945b1f67cdc7.0e08299d7057b140b7e8.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea4f7780392f4165a1fdb5528ca84f4ae6df2007864849900478040be222a45f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262686
etag: W/"61b36d86-4020"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZKEZe3Q59nUTbHY%2FaOwBuIEau5hH%2Fxxot9tSvRtuE3nvLsCYjGjZH3DpVxu3hHxcfTynAL%2F0WCE3%2F7lau6d378ZNjbX0l9sz10awlOeNj%2F0126zrNBz7t0AHIPVzmgFvOeibNkzD5BGED9ZuXEacm11SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd775c9e-FRA
expires: Sun, 09 Jan 2022 15:09:47 GMT

GET
H2 200 rs=w:800,h:500,i:true,cg:true,ft:cover
img.cadaminuto.com.br/cadaminuto/imagens/1a4d5327-50ae-4c9e-9494-273ca8af8198.jpeg/:/ 13 KB
13 KB 217ms
206ms Image
image/webp 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cadaminuto.com.br/cadaminuto/imagens/1a4d5327-50ae-4c9e-9494-273ca8af8198.jpeg/:/rs=w:800,h:500,i:true,cg:true,ft:cover?cache=true
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429f69b29c558dc7c31e98bf3e06d0940b207638f8b1ffe65a6f8374d0063777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
access-control-request-method: GET
vary: Accept
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-height: 500
content-length: 13028
x-width: 800
server: cloudflare
etag: 1415284346
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 864000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHuarfJiqHa9KVe21znwXI24aNKMIppqQ%2FlTtQJ4%2Bumt5salv7OvOL7OrXLyPJ5Nwijx3WiUQgC38v9qKJLRzy7cFbQ0eywaSmfA4L6sJNOmtuDLTsTulXE7IS1lIEc23EtuIghZaqAB7zQWcKHQB3CclA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=31536000
cf-ray: 6bd08fb3cd925c9e-FRA

GET
H2 200 rocket-loader.min.js Show response
www.cadaminuto.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cadaminuto.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Dec 2021 16:45:16 GMT
server: cloudflare
etag: W/"61b0e11c-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amLsJ6LU%2Fent2nll1z142ODhpA3AE48xETB%2BTRFJzok2X%2FGyQMWFJEUj5mLLp1%2FJqydSI%2FzqmO%2FM5Xq4RyDA099ABOUMQZHJeCwpB58IFKUaRdSzneHsBHtkTQTnyEFq0%2FnZtNTs5%2BREjH7MVu5ssG4u9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3bd795c9e-FRA
vary: Accept-Encoding
expires: Wed, 15 Dec 2021 16:27:42 GMT

GET
H2 200 f32397ae-3bd7-4b1c-a6b4-fd4668549872 Show response
tags.premiumads.com.br/dfp/ 68 KB
22 KB 69ms
21ms Script
text/javascript 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/dfp/f32397ae-3bd7-4b1c-a6b4-fd4668549872

Requested by

Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f693f7378370275383c83d6edf23e6ac68ccad9fba805c217040f618c700b85f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1818168
x-powered-by: ASP.NET
last-modified: Mon, 22 Nov 2021 15:24:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJPQcHxhv%2BdsywF%2BQ%2B5FG52Rd5pluYijCiC594puyl2DJbPlg2VJblypEGRvGiISvCn8N2XSxqn0SfJx6FD%2BJZkD%2BjQDLM%2BZG%2FYJ18OdvvBVt%2B431q6ubXg8Kul4bhTFkWkXBn8nNWMQx6erhaBD6eZ3tHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=3600
cf-ray: 6bd08fb42eaa4e79-FRA
cf-bgj: minify

GET
H2 200 _ssgManifest.js Show response
www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/ 76 B
531 B 27ms
26ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/_ssgManifest.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262942
etag: W/"61b36d86-4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1t%2FtWH2AV4HyvUlsjORJMos94mCqU0eNrLqV7dxnNVpDZ35ard4jnZWuudd%2BUZkXeDVcW9NNrZZSSg49QMtVc0cXSa2y7ZR%2BUmVZENtN7%2BkGPuBIaI3pQLg3%2FTqKrNr0oyySI8Dlu03qjHzlvHn8w54Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3dde25c9e-FRA
expires: Sun, 09 Jan 2022 15:09:48 GMT

GET
H2 200 _buildManifest.js Show response
www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/ 1 KB
905 B 24ms
24ms Script
application/javascript 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/_buildManifest.js
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66fa02830a2f40de12b131be3ee8ae1321c2f88bc7264bbdf071643a47e7542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/noticia/2021/12/10/arapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude?utm_source=dlvr.it&utm_medium=twitter&utm_campaign=cadamin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:08:54 GMT
server: cloudflare
age: 262942
etag: W/"61b36d86-4d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05rpDroC4Ijq%2Bpe%2FHGf1zjFrHZom%2FsmijK7VaEcpg%2B2Ms9BJ1%2F3L3FCrTR2ygIp2Gw2Sjiux8EXxtUIJ6m%2FrNT1JE2FA3MghiHw6jnd0mQxW7M25vo58sFRfXw0dvbiXiOh0Fg9KR8BGAIE%2B%2Bw88t7F1kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd08fb3dde95c9e-FRA
expires: Sun, 09 Jan 2022 15:09:48 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 75ms
18ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 13 Dec 2021 16:27:42 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
47 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cadaminuto.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 17:19:18 GMT
x-content-type-options: nosniff
age: 515304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 17:19:18 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 46ms
14ms Script
application/x-javascript 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 5B6F533E25D5DA1D
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=26453
accept-ranges: bytes
content-length: 948
x-amz-id-2: qlKEscbvW8ejoHwV9dE7MPKLPT8LovOyNvqvK0ravkgYWjW8ZzxiZfGpvg7zdNRRnsOZC/PQV64=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
42 KB 42ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K665N48

Requested by

Host: t.co
URL: https://t.co/UZbg9fqRz6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb9e0b144974816b9927528758390cc58047707dea7411497a8dff1f50fad73b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42321
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 16:27:42 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4f4f8d215532fa3e/ 1 KB
712 B 202ms
201ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4f4f8d215532fa3e/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eda26430dbd58fedf7e2c772bd6e2b344ffe2019e1628c81a39779369bd58a91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
etag: 1665565083--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=55, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 536

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 197ms
175ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61b7747efb2ae1a0&bkl=0&bl=1&pdt=645&sid=61b7747efb2ae1a0&pub=ra-4f4f8d215532fa3e&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.cadaminuto.com.br&dr=t.co&fp=noticia%2F2021%2F12%2F10%2Farapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&mk=Arapiraca%2Csuspende%2Ctemporariamente%2Cvacina%C3%A7%C3%A3o%2Ccontra%2Ca%2CCovid%2Cap%C3%B3s%2Cataque%2Chacker%2Cao%2Csistema%2Cdo%2CMinist%C3%A9rio%2Cda%2CSa%C3%BAde&colc=1639412862297&jsl=0&uvs=61b7747e38df0e10000&skipb=1&callback=addthis.cbs.jsonp__109132406782320950
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bb82fae4ecdbe615b65a3fa94287df262ceb4aeacc3e36def75b7ee8fea38d19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:42 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2FD9 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame D377 71 KB
26 KB 14ms
14ms Document
text/html 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 13 Dec 2021 16:27:42 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 43ms
21ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f32397ae-3bd7-4b1c-a6b4-fd4668549872

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1069 / 728 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 16:27:42 GMT

GET
H2 200 pbjs-min.js Show response
tags.premiumads.com.br/scripts/ 345 KB
100 KB 34ms
34ms Script
application/javascript 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f32397ae-3bd7-4b1c-a6b4-fd4668549872

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c26099049a8384d1e39b1ff46ea05561556a6caa6c03bad3c2995c1e1d248ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1818928
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
last-modified: Mon, 22 Nov 2021 13:53:24 GMT
server: cloudflare
etag: W/"1d7dfa8512e46ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpALykKsXe4WeCvsqizYNKjxSb%2BcvBC63boCNuVHVJ%2B4fmXxr3ayRDgNO1XOqpisw6LeNOU%2F3%2BkxWCUj%2B%2BUfDhzVTgE5hOGZM6ElVokmQAzJf%2FphDi9cLdU%2B%2FDQO5KmtkX%2BSM4FDJHp9Y9QoviURWJz4fmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 6bd08fb5aa494e79-FRA

GET
H2 200 tag Show response
a.teads.tv/page/139011/ 770 B
684 B 148ms
64ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/139011/tag
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f32397ae-3bd7-4b1c-a6b4-fd4668549872
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d4bfe51b12bb290dcff62be14e7029e4bd736d66638847cd69f8257a83be7b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 484
expires: Mon, 13 Dec 2021 17:27:42 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
990 B 41ms
19ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/pages/noticia/%5Byear%5D/%5Bmonth%5D/%5Bday%5D/%5Bpermalink%5D.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27fb32285e8a2600b427c147efa1d561f02e949dfa638a00480340a0b16a5ffc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 577
x-xss-protection: 1; mode=block
expires: Mon, 13 Dec 2021 16:27:42 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 audima-widget.js Show response
audio.audima.co/ 222 KB
80 KB 131ms
31ms Script
application/javascript 2606:4700:3031::6815:5b8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audio.audima.co/audima-widget.js

Requested by

Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/_next/static/chunks/1ad943b7ab3dae2f1330a00b831d53c22ee5f6c4.d3e9dcffd4ef00d62e91.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:5b8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b93824cbdab791dcc1a2fe0c5b34f3b2759d354f9075eacceb4c67418812aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8073
cf-polished: origSize=226912
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
last-modified: Tue, 16 Nov 2021 11:58:28 GMT
server: cloudflare
etag: W/"61939ce4-37660"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TL%2F5n51YGLvKVjPvssiY%2BO0rELuIIR6rvuEuvfAcr%2FXj0s291U5eQ6X3cKA%2BzWwyN16k5ZQpAO7lCpvJbhGwPA0ITXU8a%2BA9Rsz2ABNj%2BdKjfyVVq%2FMXG8IUHZkv%2FS7KH%2FG5JK5ntVQWrK8T9ns%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6bd08fb68a5e59fb-MXP
expires: Mon, 13 Dec 2021 18:13:09 GMT

POST
H2 200 clicks Show response
analytics.cadaminuto.com.br/ 174 B
474 B 209ms
208ms XHR
application/json 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.cadaminuto.com.br/clicks
Requested by: Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/pages/noticia/%5Byear%5D/%5Bmonth%5D/%5Bday%5D/%5Bpermalink%5D.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 192a341d270da81327cdfb94c0c201011c0bcc86c0a9b598053169e5c7d61b91

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
etag: W/"ae-1A3iHC4/OQBjQSOMa5Y2Vdf3nXM"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKJK%2BtOMlWh5v2h462r8ODQyKcergYmtozcjSTHj3MAsxZdd11Yj2X9Cj6gbHciZoGpssPArdzyhuWHjeaEXaSfL8DMkNcQjYcy6fdMmrZ%2B7Z%2BuQm0SuqA9toaISHvpJN2o4aS3GHeJACxj2cl9%2FDlJE6lN9XEe2Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cadaminuto.com.br
cf-ray: 6bd08fb7cc2859a1-MXP

OPTIONS
H2 204 clicks
analytics.cadaminuto.com.br/ Frame 0
0 289ms
224ms Preflight 2606:4700:20::681a:15f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.cadaminuto.com.br/clicks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:15f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.cadaminuto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: https://www.cadaminuto.com.br
vary: Origin, Access-Control-Request-Headers
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBpoMbpMAt6CeEM209X8FkBs0rA99rtRWuM4vB6QQgSo%2FKd8mVLUxzZhDzpXRokpyAoXb8dn48k0rL0OE%2FB85XrA8tYU%2BL5vEpIaV%2FeTrkECiYwssUAYYmwzXjBbeHuJCqce0uEsFrNQ5yxOxgnL5op6xsV2s%2FdXLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bd08fb65f6b59a1-MXP

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 54 B
540 B 1285ms
1237ms Fetch
text/plain 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcadaminuto-comments%2Fdatabases%2F(default)&VER=8&RID=29433&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F9.6.0%0D%0AContent-Type%3Atext%2Fplain%0D%0AX-Firebase-GMPID%3A1%3A559450761472%3Aweb%3Abf4d473a37c5523635abe5%0D%0A&zx=3irkaqdyz4yy&t=1

Requested by

Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/pages/noticia/%5Byear%5D/%5Bmonth%5D/%5Bday%5D/%5Bpermalink%5D.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36c0c8ec2d94cd96be84befb7afb71088c91a5550c9820dd061792f09a807b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.cadaminuto.com.br
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: N71xYBM86xoQu5MU2VglbWe3vXsauPMM

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K665N48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3168
date: Mon, 13 Dec 2021 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 17:34:54 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 89 KB
36 KB 54ms
32ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5F49ND4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K665N48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

355dbd55d6b0c58a833bf2dccd44665f768190e11c436de0afcdf996be53cf7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35915
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 16:27:42 GMT

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 26ms
26ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 16:27:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 169 B
142 B 32ms
17ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cadaminuto.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

5bed973be807590dc417b3198008056cd2d5c7f0c1029535ad4a3c11a337d145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Mon, 13 Dec 2021 16:27:42 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ 347 KB
136 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e9b984417245777c6c4082fe1e448e483c183a1ba916b60cc9a8fc78d766e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cadaminuto.com.br/
Origin: https://www.cadaminuto.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139000
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 05:02:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 13 Dec 2022 14:30:12 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1673119859&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cadaminuto.com.br%2Fnoticia%2F2021%2F12%2F10%2Farapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter%26utm_campaign%3Dcadamin&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Arapiraca%20suspende%20temporariamente%20vacina%C3%A7%C3%A3o%20contra%20a%20Covid%20ap%C3%B3s%20ataque%20hacker%20ao%20sistema%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=744592139&gjid=146440079&cid=283175133.1639412862&tid=UA-10952075-1&_gid=1258168280.1639412862&_r=1&gtm=2wgc10K665N48&z=10855182

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cadaminuto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
972 B 74ms
29ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1853
content-type: application/javascript
x-amz-request-id: tx002dec70dafe483ba85bc-0061adedd1
x-amz-id-2: tx002dec70dafe483ba85bc-0061adedd1
last-modified: Mon, 06 Dec 2021 11:00:36 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onq61x2EFmyXqtdH18cdiWxe3SpDoOj%2FCVuLoTeAGLUjK%2FTC%2BuX0cG%2FPXQ6jQ0QWd%2BloDcLg1KD%2FzFr0Mjgy%2BR2XwqjyTaUl6FiPv6j3Z6LPiw8%2FWkTT6Skj5aRwfzfMphakl37b0TtJJKSa"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1638788436623244
cache-control: public, max-age=1800
cf-ray: 6bd08fb709cb83bb-MXP
expires: Mon, 13 Dec 2021 16:57:42 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 2 KB
973 B 64ms
21ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 0b9922446c735e6bdfced02a4522c6092c5ffe5ceac954c9a09e6e8df0b5b030

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:42 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.cadaminuto.com.br
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 274 B
648 B 102ms
61ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 575afcb369fe859a676133a1a0624c3746ffa286fddfc7d2c228b8fad1a80a09

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:42 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.cadaminuto.com.br
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 64ms
20ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=59868785143
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.cadaminuto.com.br
date: Mon, 13 Dec 2021 16:27:41 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
368 B 96ms
80ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.cadaminuto.com.br
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 349 B
2 KB 161ms
102ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=102532&zone_id=620354&size_id=2%3B8&alt_size_ids=55%3B&rp_schain=1.0,1!premiumads.com.br,9775b4c6-b3f9-4fc7-8ee6-2a0c0863cad7,1,,,&rf=https%3A%2F%2Fwww.cadaminuto.com.br%2Fnoticia%2F2021%2F12%2F10%2Farapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter%26utm_campaign%3Dcadamin&tk_flint=pbjs_lite_v5.20.0&x_source.tid=3d98ea2f-8943-48d1-95f2-97199081017c%3B40f82a09-9ccf-48e1-8504-b53d2b6d4634&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.1186961313017254
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5becd33a92036d90d10274c26d5d8af2821bbf8297d30d6343133eba6c8b4924

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:42 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.cadaminuto.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 349
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 250 B
933 B 114ms
85ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b7ca5ab62de4c4eef9906aae2ced444ff6df4d3391d9f09d2fa1fbde55503113

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:42 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4350d901-1f58-4baf-a602-08a1010713c0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cadaminuto.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 250
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10952075-1&cid=283175133.1639412862&jid=744592139&gjid=146440079&_gid=1258168280.1639412862&_u=YEBAAEAAAAAAAC~&z=66595918

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Dec 2021 16:27:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.cadaminuto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame DFDF 40 KB
20 KB 46ms
27ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff7nYdAAAAAAsH7PjhIx1YPZToneRMIWw0pjVR&co=aHR0cHM6Ly93d3cuY2FkYW1pbnV0by5jb20uYnI6NDQz&hl=de&type=image&v=rPvs0Nyx3sANE-ZHUN-0nM85&theme=light&size=invisible&badge=bottomright&cb=y0mtkiembzhl

Requested by

Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/pages/noticia/%5Byear%5D/%5Bmonth%5D/%5Bday%5D/%5Bpermalink%5D.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d146304fec35d9e6041e5da14526fd0a2c478e8941906a1e45fc872d31190b85

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Uv15T1n4+ngC48gZE03i1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 13 Dec 2021 16:27:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-Uv15T1n4+ngC48gZE03i1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20779
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 12ms
11ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 13 Dec 2021 16:27:42 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 600 KB
132 KB 75ms
14ms Script
text/javascript 2a02:26f0:6c00:19c::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/139011/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19c::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f7473a96bc1be6e95e90ef09ea6b40ce3870fd2f161ae995a3a321bcc8d91c25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: 68D8KES87QEGB4K2
content-length: 134158
x-amz-id-2: uNxTA01NWdiZURBxYgluskB4X8fbScnvKJd0ce2ehcsi4iV22U749KBi3Nboszkk9IP5+cEt7dU=
last-modified: Tue, 07 Dec 2021 15:00:32 GMT
etag: "7b6112093da0a5aec2609ebb9befd6e4"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 8
accept-ranges: bytes
access-control-allow-headers: *
expires: Mon, 13 Dec 2021 16:57:42 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
23 KB 78ms
43ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20814
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txc977e97c505842c083827-0061adeed2
x-amz-id-2: txc977e97c505842c083827-0061adeed2
last-modified: Mon, 06 Dec 2021 11:00:35 GMT
server: cloudflare
etag: W/"d56fadf5a52703aee9982c415a17065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=air9R2tnI0F0zvteD4NIkzIF%2F9Bh2kxzIOCHn2gieMrx0w8fzpCo3Qh%2BqvDKuOiFQduG8ChjHMKBGisY3Ha%2BqNhiG22UAjv%2BbRj8Si%2BbmD26zlL7144yt8NbBnStZ3TgTgsWgN%2B1JjyWi1j4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1638788435319991
cf-ray: 6bd08fb788080f4e-MXP
access-control-allow-headers: Authorization

GET
H/1.1

200
OK

setuid
ib.adnxs.com/prebid/
Redirect Chain

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26uid%3D%7BPUB_USER_I...
https://ib.adnxs.com/prebid/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&uid=2d68b756-8127-4539-8eea-3761646da0f5

43 B
1 KB

92ms
92ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&uid=2d68b756-8127-4539-8eea-3761646da0f5

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:43 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dbb93bb8-37af-4be6-8f70-17685670bdb7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/prebid/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&uid=2d68b756-8127-4539-8eea-3761646da0f5
date: Mon, 13 Dec 2021 16:27:42 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10952075-1&cid=283175133.1639412862&jid=744592139&_u=YEBAAEAAAAAAAC~&z=253843977

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 66ms
43ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10952075-1&cid=283175133.1639412862&jid=744592139&_u=YEBAAEAAAAAAAC~&z=253843977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame DFDF 51 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff7nYdAAAAAAsH7PjhIx1YPZToneRMIWw0pjVR&co=aHR0cHM6Ly93d3cuY2FkYW1pbnV0by5jb20uYnI6NDQz&hl=de&type=image&v=rPvs0Nyx3sANE-ZHUN-0nM85&theme=light&size=invisible&badge=bottomright&cb=y0mtkiembzhl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 09:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 05:02:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 13 Dec 2022 09:16:14 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame DFDF 347 KB
136 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e9b984417245777c6c4082fe1e448e483c183a1ba916b60cc9a8fc78d766e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139000
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 05:02:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 13 Dec 2022 14:30:12 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DFDF 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 07:03:19 GMT
x-content-type-options: nosniff
age: 293063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 17 Dec 2021 07:03:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DFDF 15 KB
15 KB 24ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 516061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DFDF 15 KB
15 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:17:54 GMT
x-content-type-options: nosniff
age: 526188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 14:17:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 47ms
25ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cadaminuto.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 44ms
20ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cadaminuto.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 p_icons_3.png
tags.premiumads.com.br/Content/ 12 KB
12 KB 18ms
18ms Image
image/png 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.premiumads.com.br/Content/p_icons_3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1818878
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 12013
last-modified: Mon, 22 Nov 2021 13:53:24 GMT
server: cloudflare
etag: "1d7dfa8512b0ced"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXcGFwCp2iD0Oc2lmbp8yDfgUABE4QlxYC6%2BLpRHsMMQ6p1egSjjENGtwdKfs8Tv2pQH5SCNRQJn0xOL7yvKVsY5pNNmuOQDAzrVs%2FxNz5g1YtrOpjOHF6kvP8xzbiidkw8hURr12lm2uqKd2jamnQuunQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd08fb868aa4e79-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 411 KB
39 KB 692ms
692ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2955507671154709&correlator=3722546419048790&output=ldjh&impl=fifs&eid=31063915%2C31062930&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=8238562%2CCM_HOME_TOPO_970x250%2CCM_HOME_MENU_728x90%2CCM_HOME_MENU_250x100%2CCM_HOME_GERAL_300x600%2CCM_HOME_FLOAT_580x400%2CCM_INTERNA_336x280%2CCM_INTERNA_728x90%2CCM_INTERNA_970x250%2CCM_HOME_TOPO_320x100%2CCM_HOME_PODCAST_300x400&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=970x250%2C728x90%2C250x100%2C300x600%2C580x400%2C336x280%2C728x90%2C970x250%2C320x100%2C300x400&fsbs=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&cust_params=url%3Dcadaminuto.com.br%26categoria%3Dnoticia%26subcategoria%3D2021%26link%3Darapiraca-suspende-temporariamente-vacin%26utm_source%3Ddlvr.it%26utm_medium%3Dtwitter%26utm_campaign%3Dcadamin&cookie_enabled=1&bc=31&abxe=1&lmt=1639412862&dt=1639412862770&dlt=1639412862010&idt=493&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C1122%2C436%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C723%2C181%2C-9%2C-9%2C-9&adks=4133286331%2C2485382941%2C1770566255%2C3598014736%2C4130194835%2C2461792207%2C2400412436%2C3894384703%2C2645550310%2C3638863441&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cadaminuto.com.br%2Fnoticia%2F2021%2F12%2F10%2Farapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter%26utm_campaign%3Dcadamin&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x0%7C728x0%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C336x0%7C728x0%7C0x-1%7C0x-1%7C0x-1&ga_vid=283175133.1639412862&ga_sid=1639412863&ga_hid=1673119859&ga_fc=true&fws=2%2C2%2C2%2C2%2C2%2C512%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C0%7C0%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

12ad76fb4b3601dd03473fbf2b409d958e1c98874176219884ae67372adc5267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39994
x-xss-protection: 0
google-lineitem-id: 5702783413,4859067739,4839711802,4951009179,5430916931,4847359909,4909761775,5008485737,-1,4739394883
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369588978,138368288597,138347638871,138373904417,138374705557,138354415518,138369513110,138373904507,-1,138375107644
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cadaminuto.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 409ms
409ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f6f7962f61dd8785fe4cc055a6386f1fe3ccd6b8a4e83769091ee9ec91ca9f08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11285
x-xss-protection: 0
google-lineitem-id: -1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cadaminuto.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 52ms
21ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4647c0b382d507df5fb300be8550276dcd839305772a6bd85ea97f6c0ae533a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8594
x-xss-protection: 0

GET
H2 200 container.html Show response
ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3B5B 6 KB
4 KB 53ms
17ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 16:27:42 GMT
expires: Tue, 13 Dec 2022 16:27:42 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame DFDF 102 B
134 B 27ms
27ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

349ce09d0aceb7ea96173c1d73dec16b8405b89453da98274e098491d9bbc180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff7nYdAAAAAAsH7PjhIx1YPZToneRMIWw0pjVR&co=aHR0cHM6Ly93d3cuY2FkYW1pbnV0by5jb20uYnI6NDQz&hl=de&type=image&v=rPvs0Nyx3sANE-ZHUN-0nM85&theme=light&size=invisible&badge=bottomright&cb=y0mtkiembzhl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 13 Dec 2021 16:27:42 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 132ms
55ms Image
image/gif 104.107.161.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=a7d83b0b-ba31-4f0f-a2b8-f79ffa87de50&pageId=139011&pid=152535&debug_metadata=EWHRYZP1LJ&fv=927&ts=1639412862839&f=1&referer=https%3A%2F%2Fwww.cadaminuto.com.br%2Fnoticia%2F2021%2F12%2F10%2Farapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter%26utm_campaign%3Dcadamin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.75 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 131ms
55ms Image
image/gif 104.107.161.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=a7d83b0b-ba31-4f0f-a2b8-f79ffa87de50&pageId=139011&pid=152535&slot=polymorph&fv=927&ts=1639412862848&f=1&referer=https%3A%2F%2Fwww.cadaminuto.com.br%2Fnoticia%2F2021%2F12%2F10%2Farapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter%26utm_campaign%3Dcadamin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.75 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/139011/ 540 B
576 B 55ms
55ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/139011/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&pageReferrerUrl=https%3A%2F%2Ft.co&windowReferrerUrl=https%3A%2F%2Fwww.cadaminuto.com.br%2Fnoticia%2F2021%2F12%2F10%2Farapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter%26utm_campaign%3Dcadamin&page=%7B%22id%22%3A139011%2C%22placements%22%3A%5B%7B%22id%22%3A152535%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A734%2C%22height%22%3A413%7D%2C%22slotType%22%3A%22polymorph%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=a7d83b0b-ba31-4f0f-a2b8-f79ffa87de50&formatVersion=927&env=js-web&netBw=10&ttfb=364
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 04791da198db85f0d288f3fac9723eb0e2e5523183a359aefd1f1010935e0f02

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cadaminuto.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 365
expires: Mon, 13 Dec 2021 16:27:42 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 13 Dec 2021 16:27:42 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 25F7 7 KB
1 KB 23ms
22ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85&k=6Lff7nYdAAAAAAsH7PjhIx1YPZToneRMIWw0pjVR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0e4c29899d8162c424a4f130cfddb979bfce21b69885a6f4087cb97e0a6cf7e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bap9BjoXEd+seJIwT+dLNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 13 Dec 2021 16:27:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-bap9BjoXEd+seJIwT+dLNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1110
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame 25F7 51 KB
24 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85&k=6Lff7nYdAAAAAAsH7PjhIx1YPZToneRMIWw0pjVR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 09:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 05:02:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 13 Dec 2022 09:16:14 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame 25F7 347 KB
136 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85&k=6Lff7nYdAAAAAAsH7PjhIx1YPZToneRMIWw0pjVR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e9b984417245777c6c4082fe1e448e483c183a1ba916b60cc9a8fc78d766e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139000
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 05:02:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 13 Dec 2022 14:30:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C88 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 13 Dec 2021 16:26:00 GMT
expires: Tue, 13 Dec 2022 16:26:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8B7C 783 B
531 B 18ms
17ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc93131839d7d8bcccf6d001ac6a4e11ffe7a7986a60869dde3267efcac8baff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p/LuhipmlswL2JnTYDc/2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 13 Dec 2021 16:27:42 GMT
date: Mon, 13 Dec 2021 16:27:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-p/LuhipmlswL2JnTYDc/2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 509
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 25F7 36 KB
22 KB 59ms
58ms XHR
application/json 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lff7nYdAAAAAAsH7PjhIx1YPZToneRMIWw0pjVR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8fe8677633636b0791f3a04dfc9b99652a51d30bc00092450c34379deee00f2d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85&k=6Lff7nYdAAAAAAsH7PjhIx1YPZToneRMIWw0pjVR
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22275
x-xss-protection: 1; mode=block
expires: Mon, 13 Dec 2021 16:27:43 GMT

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.adnxs.com%252Fpbs%252Fv1%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Di%2526uid%253D%2524UID
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=7545439605706458514

86 B
692 B

20ms
20ms

Image
image/png

37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=7545439605706458514
Protocol: HTTP/1.1
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:43 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 86
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:43 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c1f99f0d-57f9-4afa-892f-86622cc91c9e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=7545439605706458514
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8B7C 0
0 58ms
58ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2955507671154709&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C88 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 16:26:00 GMT

GET
H3 200 canonical_car.png
www.gstatic.com/recaptcha/api2/ Frame 25F7 11 KB
11 KB 8ms
8ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/canonical_car.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 06:31:11 GMT
x-content-type-options: nosniff
age: 294992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11174
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 17 Dec 2021 06:31:11 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 25F7 600 B
624 B 10ms
9ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:52:10 GMT
x-content-type-options: nosniff
age: 506133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 14 Dec 2021 19:52:10 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 25F7 530 B
554 B 9ms
8ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 05:44:53 GMT
x-content-type-options: nosniff
age: 470570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 15 Dec 2021 05:44:53 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 25F7 665 B
689 B 10ms
10ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 11:26:47 GMT
x-content-type-options: nosniff
age: 450056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 15 Dec 2021 11:26:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 25F7 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 516062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 25F7 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 21:19:14 GMT
x-content-type-options: nosniff
age: 587309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 06 Dec 2022 21:19:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 25F7 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:17:54 GMT
x-content-type-options: nosniff
age: 526189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 14:17:54 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 25F7 43 KB
44 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AGdBq27ccvATOwMIuEpnCGM75Qqhor1SurINBZetrr-ZCjgc7d51dGycICYxKztBN1_k5-RJwqIow7TIDqCnRNAWMxtQkDH4gUvhbmcsEcRReRQVLy-bEepPdiEEK6lJAwQLJ__O5J1tkt-kFmctL4FQ5qKIObrWNKgTbJou4s3CUuvN73mmov-By6iQ7LplmivGWipBQO4T4NeZ1qrlTdkbQSDNz6jgQg&k=6Lff7nYdAAAAAAsH7PjhIx1YPZToneRMIWw0pjVR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c44e54b4d766bdf3de931ba731e0b6d19ca81e440f1562d91b44101381d99ee6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85&k=6Lff7nYdAAAAAAsH7PjhIx1YPZToneRMIWw0pjVR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44531
x-xss-protection: 1; mode=block
expires: Mon, 13 Dec 2021 16:27:43 GMT

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame F019
Redirect Chain

https://sync.adtelligent.com/csync?t=p&ep=0&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dadtelligent%26gdpr%3D%26gdpr_consent%3D%26uid%3D%7Buid%7D
https://ib.adnxs.com/prebid/setuid?bidder=adtelligent&gdpr=&gdpr_consent=&uid=f6298c1073558374

43 B
2 KB

100ms
100ms

Document
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=adtelligent&gdpr=&gdpr_consent=&uid=f6298c1073558374

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

Server: nginx/1.17.9
Date: Mon, 13 Dec 2021 16:27:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
AN-X-Request-Uuid: f6b9401e-c3f4-4800-9482-3da91e7f135d
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

Redirect headers

Server: VertaMedia 1.0
Date: Mon, 13 Dec 2021 16:27:45 GMT
Content-Length: 0
Etag: f6298c1073558374
Location: https://ib.adnxs.com/prebid/setuid?bidder=adtelligent&gdpr=&gdpr_consent=&uid=f6298c1073558374

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2955507671154709&bg=!T0ylTAjNAAZKWFskSlg7ACkAdvg8WozmjYYXwEm63rsCT_xrLVTCs6jZCnOJj8jGo4tBMJD4eUdd0gIAAAB3UgAAAApoAQcKAMZDixOKn6Yc0LQYLyk35SVNgV0DCJxM7H45juna71c4vNfVfnqjS83Qtu9C9uuhLKdAPxtdiS3u2tmbyk0o-3sZR1SaV41lOWxAHsaPHxTqeHmbA8sseIxNfVmlNbPwaIB029fEEDnVL-caK-mauBh_87TcmjfU4LHFVKH5z6vD97IunEcqpyD5aleB3xQ3abGbqSTztywhlBlMuHQCBORzQ_G3JqNzhDZPY1aibR5ztjIHTQ0zjXwbto2fCTrbgAw65Q0AJQ2ZAtRi5UZOF5D-Z2vD-c45U4q8HxyWPZOrGWni8FP4f_TdQZE7jDRpjWmTnnhvzAFw976LYqMKqPemNBOziyZIJRSO_sAwf-BOX9RiGxpvMgqW11OnV9bybFpPCGB462srdGHSPfOIJn76H1FXTk3FS6G-InWSpFmvhfUAy9VKExJm_4g2ssKrvIcnYALYwX8DxTqZvMeV49T6yI9AgFN1GFyqOINZBQ9gFIWAzHgFHn7tHdCqUXSTMeMSKx8FNsyTcYDtlv8xULZSfqQUnNAnSAm3PsQT6ZtQz-n7-dWCq87FNY-RNKuMvBtJo-rdMVTfXGs0ngRaaQAtWDTkNaijjYTIN01wDuRdGPOP5hTH_Plv63quF3YT95_kLdUI0T5B-gByA3vYBOdV-5O7kwZZVgKJwoW9BFrjyr6mVJnsuJwtIwKTW_l1JV6dCRbI3C8IR2nCR_6I8qFavUdaHlDCHPDhUU3Sg-iiI9C5-1RmwXfbxeUCCiYhy8WYWxvLXMZpQwS-bpfdz1kdvQVU4Elaq71LyBL56YKdzhU3ffAd7vGlfRzqDSPhb-g8uJdO10UKo07i6Lz_JRwck5QN-_TwKlf_G-mrKmBSNi0vL9mCuLd0UFHOpnzDtmyG5eJ-0-iDzWrR2IKKq0v5op1AeCleTi5QztT26J6sO9GOVNR9cgqvQLtO-AcJxMHUuTqgpx0I4L0ejKWlB_nISnO52msAVzGQ_6EXajvcCEHSuZyF0FSCkxzOWTk4gmoFI1cfNEW7bCqpTuklX3u4vYDn9D3WHho6P9Y9h2hM9uiVrIlDNfCdzi4a4lzl48PnTnvGgnvdI3ir3TZVKgc7QZgvaDsp6p7jMgj4hQ3iVKkQcRuFhKN7fxJFLhX6MGQWKwnBT6_DGZ7XigIsj4FJ4gNb-yTEYtNesfVW9VTl52Xpqbm9IwsiiM1rTlngLxfHqhC6SvZ8I5CKQ-ld

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C632 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 16:27:42 GMT
expires: Tue, 13 Dec 2022 16:27:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3A37 624 B
975 B 40ms
17ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COLKyrsCEM2AjLwCGIC-vLcBMAE&v=APEucNXs4V9yAzSkdGA_eaMMGImup_NXQQrIXSIHa-RRM33DEmcLSitbtPjShQCDXYOEStDrbxRk7b4NfgU4gPAeWuOVvvrNHqxwjOqtg-3S5X7qrg7KvqbrS-lCUJJPjm8vWDeqJJlEmwtE60xduC34z8nrpD8nEg6b006QYoeO3YlkvZN9IkE

Requested by

Host: ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
URL: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 16:27:43 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 16:27:43 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C632 11 KB
9 KB 55ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsnEuE7JZB7bIT3eX8xI29BsqDaphcAd68nVY85DGSdXZzEQcUDI38cWAMoSeFLFZK3zmDQg8GYukuWBAMjoiLGa4W7ANWqft3QT8ZSVOvSXmfcQDXKVjhSMip-WboPMK5tV0oJu4SZmgjxvyVzezrEwT0hQ&dbm_d=AKAmf-DahMtui-2DD0sKoS_KoNJlk2Sp2-xADDIqsfBWkzSK4PZQyYj89e0pH1zyCLQAYw-mm-0myJ4cN0VGl06xngAPSIEHclnGC3uDk5kqFfPWlfvcD8Dh9t03OnE9TRfgkPEq7Rmo-tEfe-Q65TfPcYQC42vqQMaIQgAqJwCov3PU_ookAdxt3IBydjZ_9GVD6gkfrd2l_2VRqEpfZ77FTFqdI6ivMI-u4Btp8kwsdUemjdo_xTR2J8IaBOBDYU-RQs9qb4O5v9Gc3iuaDdCXmkhro3aWi9-mZa9PPaa2AARwA_w50BaDzroM442pZgQ3DW9XL90Ud0AAmwV6ojjpD4qoApBMMbbzTxiQspy_F017PXeFGotqPBOrg7xw_LxrzGz8wbveankQvjtWlTV09Yj6asZ_ToT-tSP4mFyw9N0Nsnh4DfV6fhkKFxvwIWKB5yNQhjm3M4_U91EXZNuPfDOlTJR6ocMfnq_DgyDx6lHEbnRkLG9WgjJXj8TNgfyeLQSz3f_VeiNQX5NZFh6qB_sjlssJ2VKptjx85qk3Y_I_f-x9dn7ZCx6BIz70rL7V3zGazQVnnzWEAVqo5-kjmG2KJb7KnESmdaxJ36l7N_s5xfM9wcGglAyXLmRipmBvTvvcTa5UxvmhiZDwmVwxcppmGBTm-r574llVHlngkjTVvMVIT7cFfLMux2_jTmL4uOnOeIi7mftjFACflAdx58ch1VgEw0cwsn1m1DdAexKB0S2skJZfR-g6io0HlLLQwKVbGftIztydOvcdGjv3UKX_aJrCl2iiEFbWhQJMwA1keZyEgxIPeej0J1ZhjDwGJImKcVMakKnvKju769ziw6fkQPs4smowvjx6n1L3WdpYAamHcyijYaEqOGwAnxZD6quF1yKPaZAC0lx8SY2k-K4Xpnm2mLGkhbmNqJr92a78r1LcRe-Inw2Ib3pkJMYR9uohAd01kWqvfj1HbM-h8gifRSMb0VV8ctS9QWLzqGn7u8z_QKh1ZRJS_Ysh87oqom1UFLWVU5NidpyiqdP6VBhPxWSHT4awFFMVJgm__aLvpD-AX-u3-e3hXh6ukXZ5hHLBd-wesfv_i_NsOA4j9fHC4HN5NXSF4D1_onTguAFEmHs9_Rs_l09tZVvcKOeAkjZsPHu35vBnNgm8AR4yRbq0i1xbAsOxAwBxU0XlBJ4rs3zL-MYZ8S4KcGBTaWBnqKaYYNk2TEIlLjWA82zpLtF9lOYPrLITRu1vCNtuo652mxsjUSsc0MlzOfrTUViwRnD5UnR_qsfK927k06bZM6hQkJ-txQI4wsMul5mN8pdwraVYSacYDWJUpO5EecPhZtEY822QNk9eJyprmjolLpzlNqi2VD37-rlQzl53zCGFlJlQF65pJmdcb0oBZGM1qp6Oi646mqCoBA45TIwTUqW2vWiKiUIJE7rduqL_f3O8aTmmB6-LwIMNV4xOyc9Gk_FZ4FUWNR-og5j_3_ON2aJiDTvfgrsF1vSTMEixJP8DdQ-Vt6It5G87aSyrCSESCbI1MX1-FHkMC5fmzd_o6emPnKv6KS3P6K7t4oo3BirvoYP5cEQoR26Ynm25doPK5meAc8ZKybu6FtkSzUgB6-h_kvuYNlvOEcrLpkRLELmpYboKxD6gUhRWy_deILEuLjsd4lcqhA16Z52jKsALsNS7gh4qX6pls-GbtnoQFAw2uRcB830AweaSaZR_FGQM2kZv0ZiX6gnvlsglfIIMxmOY2TfQ46y9DYxPk3mrdBtJkAu_mgRKS-ZHyOLVcWsmM3msA1K09xhg3T5MtLGODJJMiFSgDwg3idM5rYOnU951KxJq1dnpR2qpIn1YrG1u8uPL2FjHEERjcXtDv0VXP2hU7ZYiz9aRknoIddygsRWjm32TiVkmKflL6dNldQnZzg_4fDXhqNqHWwQfbEaLiDUbAySDPpyspsu6RYbSEkxqxfhichNLFtFURTSZe9YC8Iz9CXuAewYfYmtF8GvluDoanzuyySkXgY49K0-7GSXRDeGls2M7iyNr9PAlTG08rGZ14MEpVmBBlVYfuoH8to7dg8yLCdk1aArGvwbHxgzTKkmGiMB7aqbcijzlVUuFlZKMvyAETDXA0JHS9pZlN7B0PQ26E-gsRSinx070e5lmF9livPwaYe8YAAzxiQXkYfumfHc7_y7j3xO0YWuiIOjb2R1MqXM2GDpMvfGj8_Z6sPFpiMdxG6Bnwd8qmISbxWhOlxLeDaO-Ll06Qb9BbREJdNHJwip42f8fLYuhYd0ix0b-wpneQEpMS5DxFhRTzrzCRTCDP1wJJGagTYr4m_JTIKny_oQr6uHh5qWDBkQTecX6pa49lA6vq7QRhHTLflxfnwmUyRq4wls7otBiSU-z0v1sYR8LLVPf128dTOoRky5MM5xPNLNSDvz_xOk2raL-cpVfDI5JthPOVBQL3nO6h74NutZpY6hmhKip-ag9iNYnV9rDmGxRtay50Qzi2HStu6nBf8yJ41bFSz9SVEo2hXzfqpbyTRk9NRXmU3Zxx-P1kzvbYvss4TYTVTGUfVtvCPTZoEJ0_oaus9OMo5Qu4j1SZqZ3RDIYLx4n04VGZc1fB9qG2EXSG5jDZ8bFcQS15mzCju2T78MXI-Mre093yKBqgTOF1whKWQS_h36K9tzPqe7VOJ4mu2xhz96G_X7siVBqmzSFyGgq7zapTv38_diHlkvyTiYM2XhPwHnn-QY8S2KoAU9aCY_hXYzsoSoJiopw7klJ2YMpwdq8UcB-PEzbO1nvZ-pJ35AiAqa4UoQrGbdiiZ5UFh61LIKG1d3pp3zrXcqanC0ZSIv2vHV7bufvFBmE4vzUjinIbQchyOokayI7Qkm_UxXrwnPI1D9X8Ciw_IlkXqiKAPwHxpy4tGbp3Be7RaRmengAQyt5edxOKip_Rav3Pdsc_ywaOXxtS8tyjUGLvcdnatS-LLh-YVvjXEM-Iw0TyXphD2brGfhLGfGwzX-NQJmaBMBwuSBPejv4t1VFKVocexjLB53xEjh9K1ejahbU8ROb85WOhVxwpknwgnftZBvWZC0YVhvmQLME9WoGuvFGmUzwBqk7NcKRGp1YhskJ_Qmh_BlyK0LUs-lmUiH5aVy1kk5aeC6Mm-BC&cid=CAASFeRoGnW_vnOYPgytz46hADgY0a1liA&rfl=1%2Chttps%253A%252F%252Fwww.cadaminuto.com.br%252F%240

Requested by

Host: t.co
URL: https://t.co/UZbg9fqRz6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da91800befddd4d71c2a8a949f8e4c3bfe0e5c0dcaeb62ca26b3a3d373d1bd3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8723
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C632 42 B
63 B 40ms
40ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BF_JwLB2CsLII-aTu95wI3irDshZgSBke0095c_PUDReHA0aFHikKV44uN1YWSo-gtIJtuu16RqZo8UckDPEgP_7vemOtwkXFkA4euB5mvgkdWpBk

Requested by

Host: ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
URL: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame C632 2 KB
1 KB 102ms
19ms Script
application/javascript 2a02:26f0:60:88b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=10849334&cmp=26506175&plc=316666526&sid=2787705&dvregion=0&unit=728x90
Requested by: Host: ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
URL: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:60:88b::4469 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 16:27:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:31 GMT
Server: Microsoft-IIS/10.0
ETag: "8f6388f116ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C632 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
URL: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 16:24:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C632 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
URL: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:20:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 16:20:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C632 0
0 15ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNoQoXh2nqWd0t5H8dQxFc42_lsZi-xz1t0UwopSa_VbTtM1Sw4Ue1ew7SWGTL-fOWeXdNdt2DJvVCIDCwt-e0XVsAEw
Requested by: Host: ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
URL: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C632 119 KB
37 KB 72ms
50ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
URL: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 16:27:43 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3A37
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4a7m7gk-R8FCXjCZjT9mU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4a7m7gk-R8FCXjCZjT9mU&google_cver=1&C=1

43 B
1014 B

43ms
43ms

Image
image/gif

104.85.0.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4a7m7gk-R8FCXjCZjT9mU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLKyrsCEM2AjLwCGIC-vLcBMAE&v=APEucNXs4V9yAzSkdGA_eaMMGImup_NXQQrIXSIHa-RRM33DEmcLSitbtPjShQCDXYOEStDrbxRk7b4NfgU4gPAeWuOVvvrNHqxwjOqtg-3S5X7qrg7KvqbrS-lCUJJPjm8vWDeqJJlEmwtE60xduC34z8nrpD8nEg6b006QYoeO3YlkvZN9IkE
Protocol: HTTP/1.1
Server: 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 16:27:43 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4a7m7gk-R8FCXjCZjT9mU&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 13 Dec 2021 16:27:43 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3A37
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ybd0f-5Yk-gC4uLltysiJQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7p6x7GD_cSBfzNhnIe6cY&google_cver=1

43 B
894 B

27ms
27ms

Image
image/gif

104.85.0.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7p6x7GD_cSBfzNhnIe6cY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLKyrsCEM2AjLwCGIC-vLcBMAE&v=APEucNXs4V9yAzSkdGA_eaMMGImup_NXQQrIXSIHa-RRM33DEmcLSitbtPjShQCDXYOEStDrbxRk7b4NfgU4gPAeWuOVvvrNHqxwjOqtg-3S5X7qrg7KvqbrS-lCUJJPjm8vWDeqJJlEmwtE60xduC34z8nrpD8nEg6b006QYoeO3YlkvZN9IkE
Protocol: HTTP/1.1
Server: 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 16:27:43 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7p6x7GD_cSBfzNhnIe6cY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3A37
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ysTlsd-XrMf39y1ldJSg&google_cver=1

43 B
1 KB

40ms
40ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ysTlsd-XrMf39y1ldJSg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLKyrsCEM2AjLwCGIC-vLcBMAE&v=APEucNXs4V9yAzSkdGA_eaMMGImup_NXQQrIXSIHa-RRM33DEmcLSitbtPjShQCDXYOEStDrbxRk7b4NfgU4gPAeWuOVvvrNHqxwjOqtg-3S5X7qrg7KvqbrS-lCUJJPjm8vWDeqJJlEmwtE60xduC34z8nrpD8nEg6b006QYoeO3YlkvZN9IkE

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:43 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0846b4b3-698c-4bed-8ff3-044c4f06dd69
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ysTlsd-XrMf39y1ldJSg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3A37
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NTQzOTYwNTcwNjQ1ODUxNA%3D%3D

170 B
243 B

23ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NTQzOTYwNTcwNjQ1ODUxNA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:43 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 085a1f06-ecd5-4439-bf7f-f6d24651769a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NTQzOTYwNTcwNjQ1ODUxNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C632 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsnEuE7JZB7bIT3eX8xI29BsqDaphcAd68nVY85DGSdXZzEQcUDI38cWAMoSeFLFZK3zmDQg8GYukuWBAMjoiLGa4W7ANWqft3QT8ZSVOvSXmfcQDXKVjhSMip-WboPMK5tV0oJu4SZmgjxvyVzezrEwT0hQ&dbm_d=AKAmf-DahMtui-2DD0sKoS_KoNJlk2Sp2-xADDIqsfBWkzSK4PZQyYj89e0pH1zyCLQAYw-mm-0myJ4cN0VGl06xngAPSIEHclnGC3uDk5kqFfPWlfvcD8Dh9t03OnE9TRfgkPEq7Rmo-tEfe-Q65TfPcYQC42vqQMaIQgAqJwCov3PU_ookAdxt3IBydjZ_9GVD6gkfrd2l_2VRqEpfZ77FTFqdI6ivMI-u4Btp8kwsdUemjdo_xTR2J8IaBOBDYU-RQs9qb4O5v9Gc3iuaDdCXmkhro3aWi9-mZa9PPaa2AARwA_w50BaDzroM442pZgQ3DW9XL90Ud0AAmwV6ojjpD4qoApBMMbbzTxiQspy_F017PXeFGotqPBOrg7xw_LxrzGz8wbveankQvjtWlTV09Yj6asZ_ToT-tSP4mFyw9N0Nsnh4DfV6fhkKFxvwIWKB5yNQhjm3M4_U91EXZNuPfDOlTJR6ocMfnq_DgyDx6lHEbnRkLG9WgjJXj8TNgfyeLQSz3f_VeiNQX5NZFh6qB_sjlssJ2VKptjx85qk3Y_I_f-x9dn7ZCx6BIz70rL7V3zGazQVnnzWEAVqo5-kjmG2KJb7KnESmdaxJ36l7N_s5xfM9wcGglAyXLmRipmBvTvvcTa5UxvmhiZDwmVwxcppmGBTm-r574llVHlngkjTVvMVIT7cFfLMux2_jTmL4uOnOeIi7mftjFACflAdx58ch1VgEw0cwsn1m1DdAexKB0S2skJZfR-g6io0HlLLQwKVbGftIztydOvcdGjv3UKX_aJrCl2iiEFbWhQJMwA1keZyEgxIPeej0J1ZhjDwGJImKcVMakKnvKju769ziw6fkQPs4smowvjx6n1L3WdpYAamHcyijYaEqOGwAnxZD6quF1yKPaZAC0lx8SY2k-K4Xpnm2mLGkhbmNqJr92a78r1LcRe-Inw2Ib3pkJMYR9uohAd01kWqvfj1HbM-h8gifRSMb0VV8ctS9QWLzqGn7u8z_QKh1ZRJS_Ysh87oqom1UFLWVU5NidpyiqdP6VBhPxWSHT4awFFMVJgm__aLvpD-AX-u3-e3hXh6ukXZ5hHLBd-wesfv_i_NsOA4j9fHC4HN5NXSF4D1_onTguAFEmHs9_Rs_l09tZVvcKOeAkjZsPHu35vBnNgm8AR4yRbq0i1xbAsOxAwBxU0XlBJ4rs3zL-MYZ8S4KcGBTaWBnqKaYYNk2TEIlLjWA82zpLtF9lOYPrLITRu1vCNtuo652mxsjUSsc0MlzOfrTUViwRnD5UnR_qsfK927k06bZM6hQkJ-txQI4wsMul5mN8pdwraVYSacYDWJUpO5EecPhZtEY822QNk9eJyprmjolLpzlNqi2VD37-rlQzl53zCGFlJlQF65pJmdcb0oBZGM1qp6Oi646mqCoBA45TIwTUqW2vWiKiUIJE7rduqL_f3O8aTmmB6-LwIMNV4xOyc9Gk_FZ4FUWNR-og5j_3_ON2aJiDTvfgrsF1vSTMEixJP8DdQ-Vt6It5G87aSyrCSESCbI1MX1-FHkMC5fmzd_o6emPnKv6KS3P6K7t4oo3BirvoYP5cEQoR26Ynm25doPK5meAc8ZKybu6FtkSzUgB6-h_kvuYNlvOEcrLpkRLELmpYboKxD6gUhRWy_deILEuLjsd4lcqhA16Z52jKsALsNS7gh4qX6pls-GbtnoQFAw2uRcB830AweaSaZR_FGQM2kZv0ZiX6gnvlsglfIIMxmOY2TfQ46y9DYxPk3mrdBtJkAu_mgRKS-ZHyOLVcWsmM3msA1K09xhg3T5MtLGODJJMiFSgDwg3idM5rYOnU951KxJq1dnpR2qpIn1YrG1u8uPL2FjHEERjcXtDv0VXP2hU7ZYiz9aRknoIddygsRWjm32TiVkmKflL6dNldQnZzg_4fDXhqNqHWwQfbEaLiDUbAySDPpyspsu6RYbSEkxqxfhichNLFtFURTSZe9YC8Iz9CXuAewYfYmtF8GvluDoanzuyySkXgY49K0-7GSXRDeGls2M7iyNr9PAlTG08rGZ14MEpVmBBlVYfuoH8to7dg8yLCdk1aArGvwbHxgzTKkmGiMB7aqbcijzlVUuFlZKMvyAETDXA0JHS9pZlN7B0PQ26E-gsRSinx070e5lmF9livPwaYe8YAAzxiQXkYfumfHc7_y7j3xO0YWuiIOjb2R1MqXM2GDpMvfGj8_Z6sPFpiMdxG6Bnwd8qmISbxWhOlxLeDaO-Ll06Qb9BbREJdNHJwip42f8fLYuhYd0ix0b-wpneQEpMS5DxFhRTzrzCRTCDP1wJJGagTYr4m_JTIKny_oQr6uHh5qWDBkQTecX6pa49lA6vq7QRhHTLflxfnwmUyRq4wls7otBiSU-z0v1sYR8LLVPf128dTOoRky5MM5xPNLNSDvz_xOk2raL-cpVfDI5JthPOVBQL3nO6h74NutZpY6hmhKip-ag9iNYnV9rDmGxRtay50Qzi2HStu6nBf8yJ41bFSz9SVEo2hXzfqpbyTRk9NRXmU3Zxx-P1kzvbYvss4TYTVTGUfVtvCPTZoEJ0_oaus9OMo5Qu4j1SZqZ3RDIYLx4n04VGZc1fB9qG2EXSG5jDZ8bFcQS15mzCju2T78MXI-Mre093yKBqgTOF1whKWQS_h36K9tzPqe7VOJ4mu2xhz96G_X7siVBqmzSFyGgq7zapTv38_diHlkvyTiYM2XhPwHnn-QY8S2KoAU9aCY_hXYzsoSoJiopw7klJ2YMpwdq8UcB-PEzbO1nvZ-pJ35AiAqa4UoQrGbdiiZ5UFh61LIKG1d3pp3zrXcqanC0ZSIv2vHV7bufvFBmE4vzUjinIbQchyOokayI7Qkm_UxXrwnPI1D9X8Ciw_IlkXqiKAPwHxpy4tGbp3Be7RaRmengAQyt5edxOKip_Rav3Pdsc_ywaOXxtS8tyjUGLvcdnatS-LLh-YVvjXEM-Iw0TyXphD2brGfhLGfGwzX-NQJmaBMBwuSBPejv4t1VFKVocexjLB53xEjh9K1ejahbU8ROb85WOhVxwpknwgnftZBvWZC0YVhvmQLME9WoGuvFGmUzwBqk7NcKRGp1YhskJ_Qmh_BlyK0LUs-lmUiH5aVy1kk5aeC6Mm-BC&cid=CAASFeRoGnW_vnOYPgytz46hADgY0a1liA&rfl=1%2Chttps%253A%252F%252Fwww.cadaminuto.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Dec 2022 23:38:18 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E96E 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 12 Dec 2021 23:38:39 GMT
expires: Mon, 12 Dec 2022 23:38:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 60544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame E96E 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 16:26:00 GMT

GET
H/1.1 200
OK dvbs_src_internal101.js Show response
cdn.doubleverify.com/ Frame C632 55 KB
18 KB 21ms
21ms Script
application/javascript 2a02:26f0:60:88b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=10849334&cmp=26506175&plc=316666526&sid=2787705&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:60:88b::4469 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 16:27:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:46 GMT
Server: Microsoft-IIS/10.0
ETag: "08517fa16ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18088

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame C632 2 KB
1 KB 321ms
94ms Script
text/javascript 204.154.111.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_606871654605&jsTagObjCallback=__tagObject_callback_606871654605&num=6&ctx=10849334&cmp=26506175&plc=316666526&sid=2787705&advid=&adsrv=&unit=728x90&isdvvid=&uid=606871654605&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=96&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4252%3E%3A%3FFE%40%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4252%3E%3A%3FFE%40%5D4%40%3E%5D3CTar9EEADTbpTauTau26%604g__7a_5gh7_d5fc%60b_643hg73f54%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=3.90&callbackName=__verify_callback_606871654605
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb07.doubleverify.com
Software: /
Resource Hash: efd08389bfaebe8d7310b30ce5a03b74bfcfdeaebb9ccdd2735745d2d6cf83da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Date: Mon, 13 Dec 2021 16:27:43 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 12/12/2021 4:27:43 PM

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E96E 0
20 B 44ms
44ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtVZjf3S3YeOZEcDb7_UP9MSdsAUAAAAAOAHgBAI&bg=!4eKl4qbNAAZKWFskSlg7ACkAdvg8Wm9coAXrJl9k2CLEd1o_aBDV1ef5LX9q1XnpAXG2QxEEMOJmmAIAAABMUgAAAAtoAQcKAFCZujG-Ze7CqnlEwegqNnMyXk3xN1i9P7KHx7w5ypzCSb4a4zcFok4v6lIMXMcdOQDa02wx_bo5owkBAUkZdXuJZRwzu6XNcAblZQMvqiT7L5kDC6LkA-TgwMOGJ6S7hkgRH0Vz-sr9tfU4Ur7Bre1YVyf2o5mR4LQKA9tPnWJ_yKyo4RBcwoCU2QwkfIotnntyqG35phRshE-GNoywZN20wePY1LL9HkRTgnpAWSuFHNPIYDcwaVBO68gdd68pIm0ia4pV3unfZou7J2CROvxeKcDsr008kT1-jTigHl61tL36idwwPbvxRnX9xZQFFTDWl0MV69MTb7j8mgL-rlgFj2GWM-vem-nnX5pzUSdWNKnX4wkcFnwSmrYQ1FmknkAuWb6Me4nk4gjQLXaXeJzDkPuQz7KxHhKMdCrs3MOXzek1nxmBYteJ77K5VTyWklB4DK646pHNZPX825aCc1yAousT0KcKVyblvo4-SnrJdEhlNfbpTPrFW-R26dY5ZGVC6F_-qYyQ1Gs_wkTvblq7FXUo9WT0ZwjdDzRG9ThckkCJvzByBsnN9uPNj1pNUMtsIpeGb8EgHnJBHKnnW5C5GCTw3iGAWeDQL5T6lnr6z-TfHljMkko54FVWi1FVIAmAhnYSLGw_ZGOEBt4m5fMuoioONmSaTxuICd3GEgFYeInFevpOiPddd-6hKWhSKCXNUr5bLIU_clyVZanieZ-QIZ8ECCSo87K432I-VNXV_mpFD34PWFb4Je6PIeNAo_eksMOli6wSdzR3hc691IBtwaGxkIm2TGmn0o2ETl6GBsnGTuIQomQzIdFbEni8UQiz3k8q0avHtZFzcdp3hEe6Jbc141_EaQIlPDI1zIeYCmybY_PLh4hD6l6bsR5rgBCGT6XqIBYVSC5f8lijxME7URzdGBrIvUCFmyoLqXnC70A2rTrmfw3Mj-7Q_KcWnVFPevC9_fmcdYh3cnV_Ky5UgwLZvsMEfOTWoAz_YOGAlQRFdbVRz1YhnLzjnwlYPy-wxq9UhSFYsRrxiEcfk7ooFSlWG2sndoq--FL9VxZpyEa0Cob0R3xMeCyn2hcpSdipZvlMjETiUV1DYWHFle072r1z5cjyO625WAcGwUi14tl5_4TgqDA_F7bFSDar

Requested by

Host: ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
URL: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C2A9 0
0 44ms
44ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZsdsLli190235LhhKvd0zi7xllwz2YdhqXD8JEnzkiumOPioIdCU7NGmBka5Ibdj9bdcjfCV6ybKRhr5Qj7C4BXlYiBztaI8QE9SEAIlq6kbAZ3OUj-PlcdA4SSIYBidZaYnp_2O1gp1Ja-B1bvQaaOXaNhsNZIaFxmCMCvVzfayuUlC3gs4tRf5Gu3JTTBoBjjKGilFca92OWUJBzpv1C_nL090tusxlFMtMuloCbZFJuT2qrMzYOZIdZKn73DLhhgknWgf9OifIzrtPUhaz5IGKAV-0k-TajrZmKwL0S5GvN1dcgQ3poUjFrwHqZkcE&sai=AMfl-YT4RzTfhqeWauqMc7iP0vj_nYdST7tZhse7tlfNoRjUF805g8GyGee8aeWkyFRqzqbhdX746TTtQO-zI8iTfAYBkn51bc5rwrycyRmUSK2KOafbm4PbGi_uVv2_UGBm&sig=Cg0ArKJSzDi2h4paWzqJEAE&uach_m=[UACH]&adurl=

Requested by

Host: t.co
URL: https://t.co/UZbg9fqRz6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame C2A9 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 16:24:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C2A9 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 16:24:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2A9 119 KB
36 KB 75ms
75ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 16:27:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C2A9 0
0 16ms
16ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEDzuCPp2FjhQ1V1msvwWrHod_JuA8fonUT922hQIN2bAOTcpQ4SrjEV8o94DHsuznnGyg9qG7tN69xvqyOiYgtrO_Vg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 15863593642330723117
tpc.googlesyndication.com/simgad/ Frame C2A9 129 KB
129 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15863593642330723117

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e873ac7aff4b933ec608556a1e2a39d7ac230628a8ba194fb12523d419801e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 12:43:42 GMT
x-content-type-options: nosniff
age: 13441
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131754
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 19:31:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Dec 2022 12:43:42 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EC6C 0
0 42ms
42ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYI-H-6C1dTH4RsLPEDU2nrqn8wo9yUUvl2bU8IBVwffsuewxdJYEhJ3Qmd5Z-VUF1GlsOlFfvpVESu4HI1sJc7cgpVfjw2iY_EDmIrunGV9qmuegQqUhmM5eoRRMeYrYpQeWu-dx6uyDcwIxq_C-uhiRdgDFdEerY8n9CR0hAlRZ6Tyua2N_XyzPPVmJLr-dl7GBrfGAvgdy12aeD_EyUIa2fgi0a4_E2GhNdTE792NNZypqG5z4RVcHdns7gFYtq4uSoI1apefSi2rWUFrAwAXWWS7ZruMdfHtS2KxouQKdxHKhZtQYnB4jHaxy43w&sai=AMfl-YS2CbkdlNCnJ5qIk6HlC7pz8tsIpMncGk_CryDSTCU-wOj4Oi8P7by9XyX6S6w5k8M3WGa32P3y81vY-sXuCKYvjJcNeGGI2gadGSgtfu7Yvg5ZwtPcZpQPiR7OTKNJ&sig=Cg0ArKJSzP0NFdm7bp3XEAE&uach_m=[UACH]&adurl=

Requested by

Host: t.co
URL: https://t.co/UZbg9fqRz6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame EC6C 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 16:24:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame EC6C 2 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 16:24:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC6C 119 KB
36 KB 84ms
82ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 16:27:43 GMT

GET
H3 200 3769413877712074457
tpc.googlesyndication.com/simgad/ Frame EC6C 116 KB
116 KB 31ms
29ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3769413877712074457

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

113e30ed7d62f56a8334877ae0bba2f6bcff38c46eac9ebb0bc482d1a5b222e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118637
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 23:24:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Dec 2022 16:27:43 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C2A9 0
0 42ms
41ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE1NfA9E5sjANhhpOb_fPS7Y70-YPt0N64dd7RfeXGqjb0wRNOUjYRuF9DYcveos7kEc-NQOxY8VYUO_XhYP2mEVsZVxaywXhdzfCtfMUtfGhERfXcM29einMjJ76lGzhRvEUqGDaF1L04Co4qwUTHHtK5GCfYHe0VlRBxg00ePDpXdeW3lGzmkkI5JT43iZCTse_RqV5OsZGJdGAQj-zjTWEuWoYyp4KGmOrH2VS-OFTrrPPwq6R5CMy7blovGfCeiexbMbOeiWlkquWuKXlPvFwCg-xoj8Zq6-LyXQ4RWafzHsVIUz_ezGUYLZtkN43C-_A&sai=AMfl-YSNeFlZ8wYXI0UFu1apOVq7ejDID6vBTxcWu-X1NzID1xxNQe_-UmkBauvN3MgiWz2F1EB8aI7fBnuxv19TJWgm2uMLPkPLOuDMdW0SX79shjMAYGTdVifCSiZYHZdN&sig=Cg0ArKJSzGVL8I1OREEiEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 13 Dec 2021 16:27:43 GMT

GET
DATA 200
OK truncated
/ Frame C2A9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 474118e144accf0ada7019e2a2abe64085b8f8c84589c978a375ea453297fa0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 iframe-thin-local.html Show response
audio.audima.co/ Frame F0B9 2 KB
1 KB 170ms
146ms Document
text/html 2606:4700:3031::6815:5b8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audio.audima.co/iframe-thin-local.html?skin=thin&statistic=false

Requested by

Host: audio.audima.co
URL: https://audio.audima.co/audima-widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:5b8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bec953577ff611fc61ffa29cbcdbd12d0f025c4ec418bda8e36918e7f5930a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 11:57:40 GMT
expires: Mon, 13 Dec 2021 20:27:43 GMT
cache-control: max-age=14400 public
pragma: public
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6%2Fm9z8b6kcC%2BpFi83uDpph8r43s8%2BargLjus887kx0eR2eTUqwCBd2%2B3QZJAlDtxfo%2FSnTpG5zzfHXS6REzJ7dAhzF3u1vcEeduHkxA29s1rUK8aS5%2BUiJxkBiidvgTXqoAzC4GhecuVqeEwQ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bd08fbe2ab7375f-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EC6C 0
0 41ms
41ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsw6hfjPlWzeZTgtPzkLgytgn3CUY4CXtZMCBorANRdxn5m0RAejWF2mez_0kDvPGPDSOAVSFYKVfRtwLICGHFntIngwOLK3kf6u5PhMqPONZHRU0YD4t9Ej9dnB8y3--N1rCpJQ15XCxDGo-nlBSzWNyB9oqGUqmalqWmdEz2WR76bKyf3KF2DEp4hM6Pcu0HnQMmr3wyxIsPYjYd3WxDaMa57BGltN_dFL3hDQsgQgSsZuQpzb7FzTRxUXVcJ8_zE2LvWC0_Gpnb6_le4UI7PbM4dX4SufeNkvPILAMUNTwBIcQ6D0i0bc-B6r7G2OI2&sai=AMfl-YRlpWmVnc5wX8tINLNpw_z7RKuQV2E4A6rkygVMeW47OVv0ULluMBv4GTIaSZAOCxE-1gOwUQVn3tHBPuH0x9fnxZoAsOj75jJs9miCrB3RhMtL5rrz9gK0Gy_SWuVP&sig=Cg0ArKJSzAJa783QJcjaEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 13 Dec 2021 16:27:43 GMT

GET
DATA 200
OK truncated
/ Frame EC6C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef6755f4325220e4fe3e9b785e24e416ab4b98adc1757ac5648d838a9a9ca90b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 520 B
0 1227ms
1212ms Fetch
text/plain 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcadaminuto-comments%2Fdatabases%2F(default)&gsessionid=N71xYBM86xoQu5MU2VglbWe3vXsauPMM&VER=8&RID=rpc&SID=w5XpeYlRl6hvuQPQpx6qbw&CI=0&AID=0&TYPE=xmlhttp&zx=9v7ebqepz0q5&t=1

Requested by

Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/pages/noticia/%5Byear%5D/%5Bmonth%5D/%5Bday%5D/%5Bpermalink%5D.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.cadaminuto.com.br
vary: origin
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0

POST
H/1.1 200
OK bsevent.gif
tps628.doubleverify.com/ Frame C632 807 B
1 KB 306ms
89ms Ping
image/gif 204.154.111.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps628.doubleverify.com/bsevent.gif?impid=8cf0fdc87dfe46599105e10732ddffda&vfdur=322&cbust=1639412863714343
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb07.doubleverify.com
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 12/12/2021 4:27:43 PM

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame C632 9 KB
4 KB 7ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 13 Dec 2021 17:17:15 GMT

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame C632 41 KB
17 KB 7ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 15:45:48 GMT

GET
H2 200 B9689862.280630144;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=2857193491;ord=pmjnvb;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.cadam... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame C632 44 KB
22 KB 76ms
52ms Script
text/javascript 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=2857193491;ord=pmjnvb;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.cadaminuto.com.br%2F$0;xdt=1;crlt=1*U0FdXf8r;sttr=19;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

a4bf55ed543cabc1258e643b862f5c35ffbe2186910eb67f4030f482a0680cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21636
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame C632 8 KB
3 KB 7ms
6ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=2857193491;ord=pmjnvb;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.cadaminuto.com.br%2F$0;xdt=1;crlt=1*U0FdXf8r;sttr=19;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 16:19:04 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C632 0
524 B 82ms
44ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmSneB9gsZRIhYWLCbvUKtO6Xdlx7N2J5G7B9ugKNB7BZmA0hT8WIe0ssS-owrtbbHahj1NVP-YmxlOA-oZSNr3NzL_Yot1lV2wSRJjbjw0_ixHtJAIp18SeUPbBe7I8_GglbghWgsPlu2SzLZpDkbbxLHnyNe&sig=Cg0ArKJSzP1n6yrVIZXsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211207.68695&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame C632 8 KB
4 KB 20ms
20ms Script
application/javascript 2a02:26f0:60:88b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&num=&adid=&advid=2276943&adsrv=1&btreg=505362318&btadsrv=doubleclick&crt=156804616&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=2857193491;ord=pmjnvb;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.cadaminuto.com.br%2F$0;xdt=1;crlt=1*U0FdXf8r;sttr=19;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:60:88b::4469 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1e3126f4b1713295ca3a4510ea8a6be422cfe78cc9603dc8351818edcc6a1254

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 16:27:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Dec 2021 14:09:11 GMT
Server: Microsoft-IIS/10.0
ETag: "801dd2174ebd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 17721130591974731406
s0.2mdn.net/simgad/ Frame C632 69 KB
70 KB 31ms
8ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17721130591974731406

Requested by

Host: ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
URL: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 16:56:46 GMT
x-content-type-options: nosniff
age: 516657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71148
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:07:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Dec 2022 16:56:46 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BD17 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 12 Dec 2021 23:38:39 GMT
expires: Mon, 12 Dec 2022 23:38:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 60544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C632 119 KB
36 KB 28ms
28ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
URL: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 16:27:43 GMT

GET
DATA 200
OK truncated
/ Frame C632 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e70d22dabd1a3c5ce0437439b3fd81b78c60d941dad64005d41d5b186e9a464d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 iframe-thin.css
audio.audima.co/ Frame F0B9 10 KB
3 KB 45ms
44ms Stylesheet
text/css 2606:4700:3031::6815:5b8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audio.audima.co/iframe-thin.css

Requested by

Host: audio.audima.co
URL: https://audio.audima.co/iframe-thin-local.html?skin=thin&statistic=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:5b8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee358310b5136f91e8a325a9edd8b997a1f932324158f0f0372423bc5018040

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://audio.audima.co/iframe-thin-local.html?skin=thin&statistic=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8072
cf-polished: origSize=9923
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
last-modified: Tue, 16 Nov 2021 11:58:28 GMT
server: cloudflare
etag: W/"61939ce4-26c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dee2RP5E6TI7jabWMYtWcJHoyjVPhG0a9Gw18LK%2Fi%2FMLQYmliqKO8RdGikTSd%2BzfNnuF51q02yn4riTva1xm%2Bue2VpbfBUa61ypinCDv%2FRAhimJrfTeyeIqMFKN2ZuUK%2BvJTRRvSnQe%2BmA2X78w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 6bd08fbf5da8375f-MXP
expires: Mon, 13 Dec 2021 18:13:11 GMT

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ Frame F0B9 69 KB
11 KB 71ms
33ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css

Requested by

Host: audio.audima.co
URL: https://audio.audima.co/iframe-thin-local.html?skin=thin&statistic=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://audio.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 335703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10277
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-1137b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciCsiZUl2h2yTSmP5aMTat%2BpbX1d%2F2q%2BAFqbBc8GzW2OzvuBRzUbVC8P5%2BolCCIsaAEHaQkUvilC6%2BVAQ6COWIGL0%2FgUMYyDoKxgKjhigyv9QlYwi5A80%2F1Iay3CzA9Mze4zAZ979UPp5ipA7TVxdGFu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6bd08fbf98d7375d-MXP
expires: Sat, 03 Dec 2022 16:27:43 GMT

GET
H3 200 tts-player.js Show response
audio.audima.co/ Frame F0B9 35 KB
14 KB 27ms
27ms Script
application/javascript 2606:4700:3031::6815:5b8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audio.audima.co/tts-player.js

Requested by

Host: audio.audima.co
URL: https://audio.audima.co/iframe-thin-local.html?skin=thin&statistic=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:5b8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d0a4bdc96c431bc57e293029d1ccc94aff164021fbc3942e38b3d4df43d282

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://audio.audima.co/iframe-thin-local.html?skin=thin&statistic=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7654
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
last-modified: Tue, 16 Nov 2021 11:58:28 GMT
server: cloudflare
etag: W/"61939ce4-8c6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8ewOUjoP%2FyHv7Cjyp6Xkm9bZHdg2mIBhTEa%2BosD8v0ZfwhyIv4JqGh98GDKAoTFNV%2FBIJl74O5Q%2F9tkzXiRcjQ45kuI2bJIyDPEXKI20wqQ5OFJbrUmWaF8ld5hRNoj5Oel6r8VdjoiWQTB8YM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6bd08fbf5dac375f-MXP
expires: Mon, 13 Dec 2021 18:20:09 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C632 0
60 B 43ms
43ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dv-measurements1940.js Show response
cdn.doubleverify.com/ Frame E64E 490 KB
89 KB 26ms
26ms Script
application/javascript 2a02:26f0:60:88b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1940.js
Requested by: Host: t.co
URL: https://t.co/UZbg9fqRz6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:60:88b::4469 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a017571443bb27ca29ee2d9221639df656b0b5f3b0f370fc68aac31fa98ef30c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 16:27:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Dec 2021 09:41:32 GMT
Server: Microsoft-IIS/10.0
ETag: "02ee99d4eebd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91098

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame BD17 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 21:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 21:37:34 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame F0B9 5 KB
676 B 31ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap

Requested by

Host: audio.audima.co
URL: https://audio.audima.co/iframe-thin.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

646258c0e3b709edb3aa4489aa142ef62cdf4cfa7a7ddbc7c7c752b10ace2831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://audio.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 15:42:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 16:27:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 16:27:43 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E64E 3 KB
3 KB 63ms
13ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=85&ttfrms=19&brid=3&brver=96.0.4664.93&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4252%3E%3A%3FFE%40%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4252%3E%3A%3FFE%40%5D4%40%3E%5D3CTar9EEADTbpTauTau26%604g__7a_5gh7_d5fc%60b_643hg73f54%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=621&ddur=21&uid=1639412863993327&jsCallback=dvCallback_1639412863993415&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1940&tgjsver=1940&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=11&brh=2&sdf=2&dvp_epl=247&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&crt=156804616&btreg=505362318&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=7561475275.198905&dvp_tukv=38878431.479491666&dvp_uuid=2216853080.1627107&dvp_strhd=0.3000011444091797&dvpx_strhd=0.3000011444091797&dvp_tuid=988846406889
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: dc3e6fd5d8163e461f9d70fa542f4e3d05b0dc9134e70b144fc5a724ef67c0f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:44 GMT
Cache-Control: max-age=0
Connection: keep-alive
Content-Type: text/javascript
Transfer-Encoding: chunked
Expires: 12/12/2021 16:27:44

GET
H3 200 535308d8f2af97fc03b61ad2de3c26b7.png
audio.audima.co/img/ Frame F0B9 2 KB
3 KB 25ms
25ms Image
image/png 2606:4700:3031::6815:5b8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://audio.audima.co/img/535308d8f2af97fc03b61ad2de3c26b7.png

Requested by

Host: audio.audima.co
URL: https://audio.audima.co/iframe-thin.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:5b8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ad12268da77c77a50ec33f5771a9ef64d33d53335c03a23b3d459be4544b5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://audio.audima.co/iframe-thin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:44 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8072
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2386
pragma: public
last-modified: Tue, 16 Nov 2021 11:58:28 GMT
server: cloudflare
etag: "61939ce4-952"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BdSbjRVrHI%2Bv08rY1xSFt16luosMjVGF5vNKJqOeF2pXbv5gqF%2BPEjztxgwfbC1rOYKnlzG%2Fa4w5BJ8BUvXseHtRGUW6Oe4Ksjtgl3MNJ2B2rrpGZUam8UskfsEGsuwqEjIJ5dbIfbpUk9B5dg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6bd08fc02f6a375f-MXP
expires: Mon, 13 Dec 2021 18:13:12 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ Frame F0B9 74 KB
75 KB 52ms
29ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css
Origin: https://audio.audima.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75728
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-127d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fPz2%2B1bHKnw1m0iGP%2FvoA4cQ55O7ngx51hFN%2BKzc92uJVhMexyKF3cvwvTmU4Ru0%2B4Sh6CiyuFqOyB%2FMohDeTW8w%2Bi0fjE6kxRKRamSXVADxopt0LVBYMEW9psy11yRLjx96rOFaTQj5JESfBMZvCkc"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6bd08fc04cf659b3-MXP
expires: Sat, 03 Dec 2022 16:27:44 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame F0B9 44 KB
44 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://audio.audima.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 268542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:52:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD17 0
20 B 44ms
44ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfBuLf3S3YfPyL8yDjuwP-vaZqAsAAAAAOAHgBAI&bg=!KCulK2_NAAZKWFskSlg7ACkAdvg8WpBykFHdAl5seJdb83fqPUYzxbcTJfVpjGd_B8gBjeUJNejH2QIAAACMUgAAAAdoAQeZAw7veFoLcStoN6SKlSnRdp-T32vbbXktE-1HxXoaOVfHcQ4rXyygvfhSSdu0qvu201G7WrGbcMGOSBJJVjBqlcmzZH13Ma3ZiSTdajcV-SCdsBTO9Tq-8BNpny43aHmtoj5KWgMPK47SUMqBooM-2vQjqeUwyL60dNUgN8VZGEFGedk8L7Q_1H59HGdtjXhqZDcWscj3S4B8twHBqj-L2kfzkmpFR7WOvQBddZjEyPBtunlEsj-pFv22Ko8uPqUZa83KWDuKnHsXPbM792VCSZ8kfgnujZ27e2i5OEDObw_i2nj-IHUW77wfeqiqjUL0m7Dvz095iUE2w13EAqfRiK8psO_fEB6sxmWBjlVV98IQ6KP2Wr1hr7e8c4idsyWhL4rqswoUNOcoiVVPgSA8oS_xskwlvDFBaHuSk2Ra5qYoZf4BeMXOFhhMYI2PDbimqXMf9fwhovcoaJvIwoANcQkEsoM3vUaArw9mT5CFTNo3KfI7xCCKJRANO_Ex3o_ud4Otd6SKS0By3IadDOPKRf5I6LOZiva1qcwk_3I1v94F6wVTARtvpg9KqIidQwqk-VqxnqZWS7XRoWXY_0CKBI98Gfpoye2HWAiKu1THXA8J65_h6ebMEzxXaWevHwEE3WreaGFNxfUheLB2ckCaK27g8b6JZvhNI2cRAJWbQgY-gEc2wttD67YslaM_MLw8PMG1N5owbyBnT65cj-sj9PwRVCBKvqY7TxNj9jJoFs5xvkGCnsd2EY01oMqx--b7hQdUsTGehphFz9Dwq30xXaNk3Vg3HD_1W0SmQnkZOgEhLbykQvWLtvI8NoXnj5QCdKHEbg8ARgusldyBP4cSlobU625BI1ZTOheDeFBLB6LAlpWSBIyzrEDtG2__mt7UvsvbZCDly3eS0naU0zZ6M41bohXz6agtbbujBOM1Q5eS8RYfU_Eg59lEcZRCGz-EL6gkF5Ihx3AF4SPDyFaNIoCjP7PfQuSj3eR6tIOpAe0j1YiKuzLSo9CSPWm2zMo3ir6Rn-BZ1XLlS-OvHfTuqw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dfp_frame_new_google.txt Show response
audima.co/ 1017 B
1 KB 490ms
423ms XHR
text/plain 2606:4700:3034::ac43:de16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audima.co/dfp_frame_new_google.txt

Requested by

Host: audio.audima.co
URL: https://audio.audima.co/audima-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:de16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

789cee8b1b73c116de5e34fd53cde9eab8a768411bc9231731fcc6cab753f9d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:44 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: PUT, GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Nov 2021 19:18:32 GMT
server: cloudflare
etag: W/"618d6c88-3f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGmn7uFJ%2BjP%2BZkhX0LWIAxg%2Fe53e79GIsjM4SU47OSVq5Fqo%2Bp7rsSj1TH3l5sHrtHNBZ3kwB2wA8xezINjHnT0RY2NUQhnpBSPSmbJ5zn7Ak3BZXNGDZR6xR2l1fQNwYY2ClWg6faY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: *
cf-ray: 6bd08fc18ff63754-MXP
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C2A9 42 B
64 B 40ms
40ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLBri3O5GYES_lnSfX9UBZFc3Ct8fqdDv4glPnVnLo2PKdqqpVdjdDM7zSFVp4-qlG2FTbD-SNLTdSy0aF-7T-4PPjH9omDyMdXlrsVdcKufM8Lm57&sig=Cg0ArKJSzFlJRP7pptY2EAE&id=lidar2&mcvt=1001&p=723,1122,1003,1458&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2461792207&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639412863499&rpt=120&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 40B8 78 KB
26 KB 15ms
14ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: audio.audima.co
URL: https://audio.audima.co/audima-widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1069 / 58 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 16:27:44 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EC6C 42 B
64 B 40ms
40ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9WaWLcTG-hQTNUj0xmBzz6T4-WsqKfj6zArC4ZpxekkgBDKSnhFzbklCCL9vehFynHDbdYcNa1A-Elc28X-fhVA9wp1fCa5nn66Xx7nINV8eIbvCL&sig=Cg0ArKJSzJYzBpcLUVlqEAE&id=lidar2&mcvt=1000&p=136,436,226,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2400412436&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639412863507&rpt=171&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 40B8 348 KB
117 KB 18ms
18ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 16:27:44 GMT

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 10 B
50 B 214ms
214ms Fetch
text/plain 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcadaminuto-comments%2Fdatabases%2F(default)&VER=8&gsessionid=N71xYBM86xoQu5MU2VglbWe3vXsauPMM&SID=w5XpeYlRl6hvuQPQpx6qbw&RID=29434&AID=3&zx=2a1c69tx8lfb&t=1

Requested by

Host: www.cadaminuto.com.br
URL: https://www.cadaminuto.com.br/_next/static/IGcFWnQaHAGsMya7CpUD-/pages/noticia/%5Byear%5D/%5Bmonth%5D/%5Bday%5D/%5Bpermalink%5D.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a705940924a834908c31f9447b78380ffd2ee23021049c43d18088de246ab054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.cadaminuto.com.br
vary: origin
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30
x-xss-protection: 0

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 51ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Dec 2021 16:27:45 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 272B 11 KB
5 KB 71ms
30ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.cadaminuto.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2313
date: Mon, 13 Dec 2021 16:27:44 GMT
content-length: 4683
strict-transport-security: max-age=86400; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 60ms
26ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Dec 2021 16:27:45 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 272B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=cadaminuto.com.br&sn=ChromeSyncframe&so=0&topUrl=www.cadaminuto.com.br&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=lLW4unxIZW9uUmxpdStNb0pmS1FRb3ZUcmhhSDdndUpudEUvVWdPUlFtMlovSHd0Y0UrQmNvT05jZUtmRnFhWmVMMEhSUkljMlpwRVFjSU82VlZiV1BPVVRYVE15czBxVlZkYlA5V25iMDJFUjQzbmYrU0V3K0VpVjRBYT...

438 B
631 B

49ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lLW4unxIZW9uUmxpdStNb0pmS1FRb3ZUcmhhSDdndUpudEUvVWdPUlFtMlovSHd0Y0UrQmNvT05jZUtmRnFhWmVMMEhSUkljMlpwRVFjSU82VlZiV1BPVVRYVE15czBxVlZkYlA5V25iMDJFUjQzbmYrU0V3K0VpVjRBYTVMWnRBWG9pcDArZGh6d3RZMlJkS2FSaURGVGwzN2VsZTJjNitOR2YrYXplZ1pnamxHMlVFVGJKanBTbCtJMGRwcmhES2tzcytEYVVmUm5lZU1IWXNhNWJ4cWxyckNhbGFoMUQ1T3lCQ0dBbmZmbnA2bUQ5RGpHa3pWaUkvL0VYODRVNGdYRFA5bmNJZlRpTW9VcDVUVUliR3FEOXRrZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

61e68754d7f0d50875df26b44faa8f8a82d86be719de23fb19319dbfe5dbf296

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4283
strict-transport-security: max-age=86400; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
strict-transport-security: max-age=86400; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=lLW4unxIZW9uUmxpdStNb0pmS1FRb3ZUcmhhSDdndUpudEUvVWdPUlFtMlovSHd0Y0UrQmNvT05jZUtmRnFhWmVMMEhSUkljMlpwRVFjSU82VlZiV1BPVVRYVE15czBxVlZkYlA5V25iMDJFUjQzbmYrU0V3K0VpVjRBYTVMWnRBWG9pcDArZGh6d3RZMlJkS2FSaURGVGwzN2VsZTJjNitOR2YrYXplZ1pnamxHMlVFVGJKanBTbCtJMGRwcmhES2tzcytEYVVmUm5lZU1IWXNhNWJ4cWxyckNhbGFoMUQ1T3lCQ0dBbmZmbnA2bUQ5RGpHa3pWaUkvL0VYODRVNGdYRFA5bmNJZlRpTW9VcDVUVUliR3FEOXRrZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1778
content-length: 541
expires: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 40B8 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cadaminuto.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 40B8 107 B
122 B 33ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cadaminuto.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 40B8 28 KB
12 KB 306ms
305ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3685321002812777&correlator=1663250867233606&output=ldjh&impl=fif&eid=31063915%2C44752540%2C31062931&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=21831561254%2Caudima_player&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&prev_scp=grupo%3Dcontrole&cookie=ID%3Df348703a979d62aa-22678acb06cd0050%3AT%3D1639412862%3AS%3DALNI_MblKgibY52t7FrDoIBfNBe2FkDYsw&cdm=www.cadaminuto.com.br&bc=31&abxe=1&lmt=1639412865&dt=1639412865251&dlt=1639412864167&idt=570&ea=0&frm=23&biw=1600&bih=1200&isw=320&ish=50&oid=2&adxs=476&adys=2507&adks=1676076149&ucis=d117wi8kktkw&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cadaminuto.com.br%2Fnoticia%2F2021%2F12%2F10%2Farapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter%26utm_campaign%3Dcadamin&top=https%3A%2F%2Fwww.cadaminuto.com.br%2Fnoticia%2F2021%2F12%2F10%2Farapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter%26utm_campaign%3Dcadamin&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x50&msz=320x50&ga_vid=283175133.1639412862&ga_sid=1639412865&ga_hid=729381303&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

cb19ebdeca811fb2873e05827caa88cf76251e2d8fd1149008c2512a8e141800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12432
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cadaminuto.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 40B8 11 KB
8 KB 22ms
21ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8e9af80a7117292b028470d0240b91522e74ee054a48151e6554f8aa1b2d02b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8594
x-xss-protection: 0

GET
H2 200 container.html Show response
b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6CBB 6 KB
3 KB 41ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 16:27:45 GMT
expires: Tue, 13 Dec 2022 16:27:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 40B8 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 13 Dec 2021 16:27:45 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame DD68 2 KB
861 B 9ms
8ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BUSER_TOKEN%7D

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

acf5a8ec1316a73cfe9de3fce899c49d2e770bd8170a5e2017b445dd424fdd2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 778
strict-transport-security: max-age=15552000

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ECE1 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 13 Dec 2021 16:26:00 GMT
expires: Tue, 13 Dec 2022 16:26:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8180 783 B
534 B 18ms
18ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

71155c62fa97e8e38e2ba4eaa47d56563d65129d2d05420cdcdd0bc3efdcf9bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-usYSLCls9miD3e6qLs8QOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 13 Dec 2021 16:27:45 GMT
date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-usYSLCls9miD3e6qLs8QOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK setuid
ib.adnxs.com/prebid/ Frame DD68 43 B
758 B 18ms
18ms Image
image/gif 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=onetag&gdpr=&gdpr_consent=&uid=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BUSER_TOKEN%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:45 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a143ea84-0d98-4b49-a05f-fed131e60f33
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame ECE1 35 KB
13 KB 8ms
8ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 21:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 21:37:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8180 0
0 53ms
53ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=3685321002812777&rc=05ABBMTcMwyuv1fC6Ck-PGkihYRJjzORVKVd2qDTG6OsI3uL0NNy_WVk6QdvC15e7xP-N8YFf76FUbPx2uRkw9VJL2i_04g8FT2afc_hcbavgTul2tvtNSI6MaKhoJYjC4qeSErquC44mXipn1DiCEYFbE-ZbvJ7-GzhARLIDqhd-1jeqj_LgpdqQdTwTkCUjVJm-4Co_cxgUifXnFmsstP7aaBJwmA21c7jz8flShU5MmafbyFKqfP2s0CHnBhx62arZFbx_HSBLOAxSsb8tFvw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 33ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H2

200

sync Show response
eb2.3lift.com/ Frame BAE4
Redirect Chain

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1

1 KB
1 KB

8ms
7ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: c3887e88aa38108fa504c32cdb5a8a6d774bfc5b7090490297903e873acb0300

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
content-type: text/html; charset=utf-8
content-length: 495
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Mon, 13 Dec 2021 16:27:45 GMT
content-length: 0
location: /sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 40B8 0
20 B 43ms
43ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=3685321002812777&bg=!ZWalZiLNAAZKWFskSlg7ACkAdvg8WgIgEcnWkpask2f1PH6p-KWyveWKSSskEZHOJNih78SihOseHQIAAABAUgAAAApoAQeZAtJP0yW3vH7VPQC4du7tmVCniet_fdjA3zH8218buflY00wjI2aOmDsV1LAjjKgu7Xp_zE06IAmjSlvzakGY3h3Wa8TkWPeh7xcQpmdsztSL9zIoMN8W8wwwUTig6oAe4TbVHyTmDM3KnajvNrODx85FpbNgmKffXKhqteQpsUT2crbMCAxKBBoaYUy5W8G8KkEcweE_oEmtfnJMUdX9mOFNEBVLyFvE2xOCIwrY2blGdgRiDfot3BmIv3_oINFIFdVel7tRoF-5c0xnyt2xH8KMspZfVnZSmYY4qbOY7AVcpEyT4e_dkkfa5DD2gdrt8Qmit8_T1cJ6kMU7lqvnvLJ4cjSJ3J3T5lQSWaJm3zFmLie-guEcfgNwn6DVl2izb12eMbX-uGVgIV35eSB67UBtenRQlth5WqiPb4Yw54WeG7lFLAdRz-ktoK6Mh2MQrANc4HDnt3G6zBDid8Yf797E_XxvMr19fY68hhvBIBSnVZU8q6Q6VtMIivhxt4ccTiT3S9QyNtliXvr__Iq1oIzAyY--WvUz0kRsTcNNuE6eHknw4U99XKJClSgkL5yMdZrpLrQ2anQqJN23Cn17WhRiQBY1wqxtOqB63DRL-gAr6VNSnMZjIfoqu6a1DaoL01VBUfjTrmUxWlstA4067VXruuX88xU7xPGLnZ6Y6BmPz0CNzllnIj2Z5VOBXnXj3n3OGdczz8X7x0ljdAiPkVSaMYoIoYuWvzUW4DZt8uSU3AxyWOnZATSHTfu04mmWYBTIKQA3zlu4vRryHCVkaQha0somJ1otpcoUWVTgndayy438w24w3LcDL0vdZn042_YuEVNFH5DwZ5Djgr_XqV4romrgsFGSRSipAx6odbfz_Eu7-gHLrcS2kauCOA57Kq4HodVJSQueXkipL42cuAtVeVNtUa2vNOI7vYCAQnCXbWisFKrGPtODCMM77914YBgzhA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame BAE4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=c264eebb-1f8c-4bc9-ad8b-42f915dd20ab&dongle=0cfd

37 B
352 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=c264eebb-1f8c-4bc9-ad8b-42f915dd20ab&dongle=0cfd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=c264eebb-1f8c-4bc9-ad8b-42f915dd20ab&dongle=0cfd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 209

GET
H2

200

xuid
eb2.3lift.com/ Frame BAE4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPQkVS1GvBvbAGu2EPYzh7U&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPQkVS1GvBvbAGu2EPYzh7U&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPQkVS1GvBvbAGu2EPYzh7U&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BAE4
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODEwOTg0Mjk4ODQyMjM2MzA2MA%3D%3D

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODEwOTg0Mjk4ODQyMjM2MzA2MA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODEwOTg0Mjk4ODQyMjM2MzA2MA%3D%3D
date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame BAE4 0
596 B 396ms
139ms Image
text/plain 2620:119:50e8:101::9002:f05
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=8109842988422363060&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e8:101::9002:f05 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-ltx1
content-length: 0
x-li-uuid: 3bJiwlBdwBbQeNj4MysAAA==

GET
H2

200

xuid
eb2.3lift.com/ Frame BAE4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/8109842988422363060?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-h9RKFzFE2oQ3Bt4VOUc0xXiTBnQ8DOOXLWUqibdjhw--~A&dongle=0883

37 B
352 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-h9RKFzFE2oQ3Bt4VOUc0xXiTBnQ8DOOXLWUqibdjhw--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 13 Dec 2021 16:27:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-h9RKFzFE2oQ3Bt4VOUc0xXiTBnQ8DOOXLWUqibdjhw--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

xuid
eb2.3lift.com/ Frame BAE4
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=8109842988422363060&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=8109842988422363060&gdpr=0&gdpr_consent=
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=2975ef73-d23c-40d9-9ad9-a6906329ec93
https://x.bidswitch.net/sync?dsp_id=340&user_id=e6c310aa-3d9d-49c7-999f-874ac8daef51&expires=10&ssp=triplelift&bsw_param=2975ef73-d23c-40d9-9ad9-a6906329ec93
https://eb2.3lift.com/xuid?mid=2409&xuid=2975ef73-d23c-40d9-9ad9-a6906329ec93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=2975ef73-d23c-40d9-9ad9-a6906329ec93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=2975ef73-d23c-40d9-9ad9-a6906329ec93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Mon, 13 Dec 2021 16:27:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 c.gif
c.bing.com/ Frame BAE4 42 B
593 B 60ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=8109842988422363060&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 733DFA72F40B40C895F38BC6F1AB1F98 Ref B: FRAEDGE1306 Ref C: 2021-12-13T16:27:45Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame BAE4
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=8109842988422363060
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=8109842988422363060&dcc=t

0
0

118ms
118ms

Image
text/html

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=8109842988422363060&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: HTTP/1.1
Server: 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0JQ1N38K8VVYDM2M3H8N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=8109842988422363060&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame BAE4
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0

37 B
139 B

7ms
7ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame BAE4
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=7119648974622752365&dongle=d407

37 B
352 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=7119648974622752365&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=7119648974622752365&dongle=d407
pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK setuid
ib.adnxs.com/prebid/ Frame BAE4 43 B
2 KB 66ms
65ms Image
image/gif 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=&gdpr_consent=&f=b&uid=8109842988422363060

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:45 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7b22f66f-f0b9-4918-ad5e-4cb16f37cbf3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F2B9 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 16:27:45 GMT
expires: Tue, 13 Dec 2022 16:27:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0B4E 624 B
299 B 42ms
26ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COLKyrsCEM2AjLwCGPW4vLcBMAE&v=APEucNWpOsWFwr1LYhniCckLQQaSnV27aJJ_BCfkSMI8sn6goQRVrGCLrskXRB0e2DxRYTJeWZ-xDBO0g_kHU6RelIRCRD32gINm37mkqAPVgml6TL8qKtgcp4bkeq4t54HKQA6YYACWGNld_eLPQn0NwgAZcSi0bkHktNKNey_wqdhRyuRe4Gw

Requested by

Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 16:27:45 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 16:27:45 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F2B9 12 KB
9 KB 49ms
35ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ar7HF61-SvIaLdPBAy6bOdHY4uU7yhYE65q5OWt7EeiRjzQxEK0Ul_piUgmdnARx91ZUOpVmOCS5ydlK5VivFKR74u2GeGC9fDU3PKHDLuZZqcJPOAvRAwkdcIOq3VE6dSMD2RAtJJmqH4dZ8jkLBc4Fmotw&dbm_d=AKAmf-Ajcf68ArHR2xpm21KdJP01Cfck2JjTF4W3AX_ODdltrqwtsxMSRqdtccpM_aMiqXCyHuGPtA0HZcb45E2E1U2JOjwp2G1EVb4PhxHeG_BuyS28i8AMgFn2_2BNAVURKAur_adrS6nhfyFkU_m67feREHEtEfs0rSnWebfiyHRkhczpqmjlqMCueopgML9Hlfu55oM-hcInG8kPKf0lvajlw6d5XVBRuy9OV548UpWaKB0D7oUL7CAqmX7Uo4iT_-4SnWkOYnJpKeIb7ZTKZW7GvYzPtLiWMzi6cmh1asfCerNosW6cjGet-n5SUINIjaAub2BlqlYBpGC5M7Q0DiNPKgB1j_zBdQ3Dr8WWaD2JU9iqPAZ0cDinha4MTaLk-FfO_Z4BYZidQM9RYR0Iq1qKAZGx8FqEZnvRlpYgYB3qATLxnh21Qg_tAg-3LWBP2s1dvl8I_UCjg7KADVwVnqc1-jVPUd8Z65pbxxlrxZkdQJ90bHAEPuu5n1JmcHVN33iMVQJRYgnQTB1VaIJPnCibC_ghNx4c_yToxH1XYuT7rg1MHKjAwT2ctIDHJ8vhEyY21GoQva9qm9PGaAL4rXfMU9YbjAyC7ipzJ6W8Goyst6AdcKkAuAddkSwUKgAyd5LRiiohNNlqmL01lw-KEL5yE-ldnJkQ4Ui6mcCngCHTzrqO5yMrnOa3cTU-6OzBw-fcBlwzFm6Hfuy1Gx4aJE5BGWu7Xwoyd_X-MtHusMlhvDCeFi4Jcdg8EW4JUd04zMCk8BKIZ9hlgs6Uc5jp3e0reyrcRLbfQIyC7IdsmYPusuDDc0SxxBaAViXffU23SYCWuUr_vd_oZvUS3ve6eaIinmVp-LlPWa8xWex25o9O9pKuXWl8ipnq_wYBWmTocE0q9PTLXuyCpJkQUmJR5yQ7VdHFahbBCSzaUMSTjI96cnHp0YZCV24XxUPmYD1X7UgmkOKf66yVabb3BAfys8PYWHJdgdwaBZ_3eZMVxA2p2Byp5Z7q21eSvSlKyUKXVJDbK49la1c53iYL7Nj9QuMEH4lk43tprqXK5XohZM2Rv93v_RnlY0iS2hNl1xQ7qR4P1FOXbRdrdrCIpPNClFU-m22oWkLDI5-HknP3YQNAQ55RX1lbRJc8G6nRIdJdxNeI4fKLY_KDS0r3w0Y52Uc9w8duKvvky1WImAg0_UfpqlT_TVPgknh6BioYrCLTlKJomg7KpBmESCWToebQcN4vuKpvxRe9M84xJaZ8tcqtDyW70RK2G2R9X9RyN3bP8ngfVwrNgyl3_r3CssujGMi_Ss5SJvzfkxDVF21bKDEDnAhut87-yUjictVE5gJIznNxZLiUsRP8P7yrMiNh40n6sfv9XirfF5XNPeyFoC0hbjZszs9emIxnXKzE36nqhCNxZR1MccPLUMOH5EPhjoaOPVnc8rksF308caa587EUhIhIhwbIXAqOcis3aF-SEfwdK3sIytoh8oCyA7Us6vffoRMLYPLKSZtdyPyTOzB7iBKm1ix8HtbXMU1AGTnennPage7R1jeZ86dm4odcqNQFMopqudFBkA0HcWzsvJxH6lGw4GYuKEJZTOqkL8jgvfn4H68Nsj9GVSnDbY6CdWw3ypKmGs3jO0HLquwUt9jiaXbj7Sc30u5bwzwcsPqKSnbgrASr-Fp6C_jPOgvz3MHTRLVuLwaGQAFa3UyUCUGKiRLowgbwCF_E4x--mpWpqu1rw0s8DZLE5fyrPD3SjEv7XYKLi8VcIfcK__LaflKYhAPOxlkfxskI5-Er1sZQ_jJxc5NHoX6k55TwukKeCFHZc8yDTwDl7V_p0eMEAF0kFv0kpRmgPB0xkNRclccQa4UfLkKp16iW67fN2Eo9Qe9wxFhsXFoGv69NEuYxHuOJUe1h-QNMdBlPJXs4D2LUiz6VzvJDKz99JRNsSBo8MuEpZOFncylpjXq7R4Jae8a25AYqEHZrlKo2Xau3GC9WPU40fbxbh7XnEpwZ5FTpF0gDBelADD2pjj_srs8KtcmPU7Tn8d5ZCMiFJQZIFkLg5e3z2tf49Ll5thhdjxZd75A-D0JPHL2QpYTReyddU5J7C45t6V1T5fqcvDBGkPjZ8dUjyZxOTe_V1HpeNJzpIDDoh5qul69tfQ7-FvZ5J8jQldniDhAWreMKyL5DE5-WtUI3m9DSt1ckiFL98wdyKJepq_8DRJOUCjJkmn8xVK4vLtx0eUXIOVzFoMuvm8AsogwwHOP8U1XL-UF3mbh5IiMITj9e7zlpGfGvM9ABuRA_MYjhhZB2P2zJpdfnWkRp4Z6saJGCp5eszsWwf5MuXqddihq-j7eXIAOIDfOHFnVaYjyXtaOz3dx5_NVX7_hV8KtbZHOm3FbUmD-Yw_SNLJwArhzbKy572RecnE7CG-lV-3JgupRXiEYp7Py1T32iPwhg_21NHvC8sJIc8vkZk9nYLXi-KeiUcIxAoQvzo4W4DBuk010t20-NdaKMZ8abOH40vQ4eUxboDjJRGE404Mekc2w03aGW4Fa7KEaaBM6qSOHTcDaVm-IWpCMdPK5sj6kIeL-MmrC4rzly0AitfyBVu7W0T-yGwqfJyk8ZKzA7GQ7iCiHScGlJJbcyfUOm__EgVA_VbLomiHrtdlSvoe7IoaS310l6UqFPRLoIH6kUbHr8tF69IMKA_CnJwPdXPaaO13iw9AZBfkBxD7dLTrkRFQsQ7twyvw5eL0tuWFj4EDkau3PA026RZvocOF4E7YTPdu_IcHcSbrq2BDwNv8AWUkv2w0fc0MTW38M84jLjIjV8jK4oOs3dx-vRFr37BzfaewFpey5kpgDGJcDOWY8C6EcClecDvgsUpMAHDCwvM6WOfI_0piuWgv9FFPpuNZsk9hmjIEY2zJsPibblCFVBHuO4MmMUjRSlL8Vp1uRpk9vOqmB3XS_YlSMdFvd1lGUiYgO7DrIk5VVXtjZZ_ZGX3oWMFuk8RqNJvcRwC1uhzichdWdevI_e-2J_bslEpEpMSNNFmQnG5lM6TOQ6SFsd2ous5g&cid=CAASEuRojc1GhJEH_fxxcfCM8ni8LQ&rfl=2%2Chttps%253A%252F%252Fwww.cadaminuto.com.br%242%2Chttps%253A%252F%252Fwww.cadaminuto.com.br%252F%240

Requested by

Host: t.co
URL: https://t.co/UZbg9fqRz6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22efd5c5c7c805793cfdd261f9bb688a84a3dc996a343c8ff3b7a2c86a2f2a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8863
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F2B9 42 B
63 B 40ms
40ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AUVDRv5Yfy7LvBIuZBli3x2wSq2UcvalEmo7YYGFODxl57yhvm-76BnnLbDGUfqtMMhuGPRKkEIDFqC5MGL1mYHueNiuRw5M6PSKM9UPVorlcAIUg

Requested by

Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame F2B9 2 KB
1 KB 22ms
21ms Script
application/javascript 2a02:26f0:60:88b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=10849334&cmp=26506175&plc=316667327&sid=2787705&dvregion=0&unit=320x50
Requested by: Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:60:88b::4469 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 16:27:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:31 GMT
Server: Microsoft-IIS/10.0
ETag: "8f6388f116ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F2B9 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 16:24:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2B9 119 KB
36 KB 33ms
31ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 16:27:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F2B9 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:20:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 16:20:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F2B9 0
0 15ms
14ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnHbG3khnhvVi4_1TfI5kWI_YOf8wYZJYq8wu7RJ_OT-AVZ_7eL1MgAdOoGEzQLAZybOtezkmjo-XW1K__XgEqtybmRg
Requested by: Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0B4E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7p6x7GD_cSBfzNhnIe6cY&google_cver=1

43 B
1014 B

41ms
40ms

Image
image/gif

104.85.0.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7p6x7GD_cSBfzNhnIe6cY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLKyrsCEM2AjLwCGPW4vLcBMAE&v=APEucNWpOsWFwr1LYhniCckLQQaSnV27aJJ_BCfkSMI8sn6goQRVrGCLrskXRB0e2DxRYTJeWZ-xDBO0g_kHU6RelIRCRD32gINm37mkqAPVgml6TL8qKtgcp4bkeq4t54HKQA6YYACWGNld_eLPQn0NwgAZcSi0bkHktNKNey_wqdhRyuRe4Gw
Protocol: HTTP/1.1
Server: 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 16:27:45 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7p6x7GD_cSBfzNhnIe6cY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0B4E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ybd0f-5Yk-gC4uLltysiJgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7p6x7GD_cSBfzNhnIe6cY&google_cver=1

43 B
894 B

26ms
26ms

Image
image/gif

104.85.0.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7p6x7GD_cSBfzNhnIe6cY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLKyrsCEM2AjLwCGPW4vLcBMAE&v=APEucNWpOsWFwr1LYhniCckLQQaSnV27aJJ_BCfkSMI8sn6goQRVrGCLrskXRB0e2DxRYTJeWZ-xDBO0g_kHU6RelIRCRD32gINm37mkqAPVgml6TL8qKtgcp4bkeq4t54HKQA6YYACWGNld_eLPQn0NwgAZcSi0bkHktNKNey_wqdhRyuRe4Gw
Protocol: HTTP/1.1
Server: 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 16:27:45 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7p6x7GD_cSBfzNhnIe6cY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0B4E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH7HpflcBEIXrBIaOtkKT8A&google_cver=1

43 B
1 KB

13ms
13ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH7HpflcBEIXrBIaOtkKT8A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLKyrsCEM2AjLwCGPW4vLcBMAE&v=APEucNWpOsWFwr1LYhniCckLQQaSnV27aJJ_BCfkSMI8sn6goQRVrGCLrskXRB0e2DxRYTJeWZ-xDBO0g_kHU6RelIRCRD32gINm37mkqAPVgml6TL8qKtgcp4bkeq4t54HKQA6YYACWGNld_eLPQn0NwgAZcSi0bkHktNKNey_wqdhRyuRe4Gw

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:45 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 811ec69d-3430-42b7-a87b-8d62c52be8bd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH7HpflcBEIXrBIaOtkKT8A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B4E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NTQzOTYwNTcwNjQ1ODUxNA%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NTQzOTYwNTcwNjQ1ODUxNA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:45 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5eaf70d5-5fac-434c-87f3-0cba01029772
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NTQzOTYwNTcwNjQ1ODUxNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F2B9 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ar7HF61-SvIaLdPBAy6bOdHY4uU7yhYE65q5OWt7EeiRjzQxEK0Ul_piUgmdnARx91ZUOpVmOCS5ydlK5VivFKR74u2GeGC9fDU3PKHDLuZZqcJPOAvRAwkdcIOq3VE6dSMD2RAtJJmqH4dZ8jkLBc4Fmotw&dbm_d=AKAmf-Ajcf68ArHR2xpm21KdJP01Cfck2JjTF4W3AX_ODdltrqwtsxMSRqdtccpM_aMiqXCyHuGPtA0HZcb45E2E1U2JOjwp2G1EVb4PhxHeG_BuyS28i8AMgFn2_2BNAVURKAur_adrS6nhfyFkU_m67feREHEtEfs0rSnWebfiyHRkhczpqmjlqMCueopgML9Hlfu55oM-hcInG8kPKf0lvajlw6d5XVBRuy9OV548UpWaKB0D7oUL7CAqmX7Uo4iT_-4SnWkOYnJpKeIb7ZTKZW7GvYzPtLiWMzi6cmh1asfCerNosW6cjGet-n5SUINIjaAub2BlqlYBpGC5M7Q0DiNPKgB1j_zBdQ3Dr8WWaD2JU9iqPAZ0cDinha4MTaLk-FfO_Z4BYZidQM9RYR0Iq1qKAZGx8FqEZnvRlpYgYB3qATLxnh21Qg_tAg-3LWBP2s1dvl8I_UCjg7KADVwVnqc1-jVPUd8Z65pbxxlrxZkdQJ90bHAEPuu5n1JmcHVN33iMVQJRYgnQTB1VaIJPnCibC_ghNx4c_yToxH1XYuT7rg1MHKjAwT2ctIDHJ8vhEyY21GoQva9qm9PGaAL4rXfMU9YbjAyC7ipzJ6W8Goyst6AdcKkAuAddkSwUKgAyd5LRiiohNNlqmL01lw-KEL5yE-ldnJkQ4Ui6mcCngCHTzrqO5yMrnOa3cTU-6OzBw-fcBlwzFm6Hfuy1Gx4aJE5BGWu7Xwoyd_X-MtHusMlhvDCeFi4Jcdg8EW4JUd04zMCk8BKIZ9hlgs6Uc5jp3e0reyrcRLbfQIyC7IdsmYPusuDDc0SxxBaAViXffU23SYCWuUr_vd_oZvUS3ve6eaIinmVp-LlPWa8xWex25o9O9pKuXWl8ipnq_wYBWmTocE0q9PTLXuyCpJkQUmJR5yQ7VdHFahbBCSzaUMSTjI96cnHp0YZCV24XxUPmYD1X7UgmkOKf66yVabb3BAfys8PYWHJdgdwaBZ_3eZMVxA2p2Byp5Z7q21eSvSlKyUKXVJDbK49la1c53iYL7Nj9QuMEH4lk43tprqXK5XohZM2Rv93v_RnlY0iS2hNl1xQ7qR4P1FOXbRdrdrCIpPNClFU-m22oWkLDI5-HknP3YQNAQ55RX1lbRJc8G6nRIdJdxNeI4fKLY_KDS0r3w0Y52Uc9w8duKvvky1WImAg0_UfpqlT_TVPgknh6BioYrCLTlKJomg7KpBmESCWToebQcN4vuKpvxRe9M84xJaZ8tcqtDyW70RK2G2R9X9RyN3bP8ngfVwrNgyl3_r3CssujGMi_Ss5SJvzfkxDVF21bKDEDnAhut87-yUjictVE5gJIznNxZLiUsRP8P7yrMiNh40n6sfv9XirfF5XNPeyFoC0hbjZszs9emIxnXKzE36nqhCNxZR1MccPLUMOH5EPhjoaOPVnc8rksF308caa587EUhIhIhwbIXAqOcis3aF-SEfwdK3sIytoh8oCyA7Us6vffoRMLYPLKSZtdyPyTOzB7iBKm1ix8HtbXMU1AGTnennPage7R1jeZ86dm4odcqNQFMopqudFBkA0HcWzsvJxH6lGw4GYuKEJZTOqkL8jgvfn4H68Nsj9GVSnDbY6CdWw3ypKmGs3jO0HLquwUt9jiaXbj7Sc30u5bwzwcsPqKSnbgrASr-Fp6C_jPOgvz3MHTRLVuLwaGQAFa3UyUCUGKiRLowgbwCF_E4x--mpWpqu1rw0s8DZLE5fyrPD3SjEv7XYKLi8VcIfcK__LaflKYhAPOxlkfxskI5-Er1sZQ_jJxc5NHoX6k55TwukKeCFHZc8yDTwDl7V_p0eMEAF0kFv0kpRmgPB0xkNRclccQa4UfLkKp16iW67fN2Eo9Qe9wxFhsXFoGv69NEuYxHuOJUe1h-QNMdBlPJXs4D2LUiz6VzvJDKz99JRNsSBo8MuEpZOFncylpjXq7R4Jae8a25AYqEHZrlKo2Xau3GC9WPU40fbxbh7XnEpwZ5FTpF0gDBelADD2pjj_srs8KtcmPU7Tn8d5ZCMiFJQZIFkLg5e3z2tf49Ll5thhdjxZd75A-D0JPHL2QpYTReyddU5J7C45t6V1T5fqcvDBGkPjZ8dUjyZxOTe_V1HpeNJzpIDDoh5qul69tfQ7-FvZ5J8jQldniDhAWreMKyL5DE5-WtUI3m9DSt1ckiFL98wdyKJepq_8DRJOUCjJkmn8xVK4vLtx0eUXIOVzFoMuvm8AsogwwHOP8U1XL-UF3mbh5IiMITj9e7zlpGfGvM9ABuRA_MYjhhZB2P2zJpdfnWkRp4Z6saJGCp5eszsWwf5MuXqddihq-j7eXIAOIDfOHFnVaYjyXtaOz3dx5_NVX7_hV8KtbZHOm3FbUmD-Yw_SNLJwArhzbKy572RecnE7CG-lV-3JgupRXiEYp7Py1T32iPwhg_21NHvC8sJIc8vkZk9nYLXi-KeiUcIxAoQvzo4W4DBuk010t20-NdaKMZ8abOH40vQ4eUxboDjJRGE404Mekc2w03aGW4Fa7KEaaBM6qSOHTcDaVm-IWpCMdPK5sj6kIeL-MmrC4rzly0AitfyBVu7W0T-yGwqfJyk8ZKzA7GQ7iCiHScGlJJbcyfUOm__EgVA_VbLomiHrtdlSvoe7IoaS310l6UqFPRLoIH6kUbHr8tF69IMKA_CnJwPdXPaaO13iw9AZBfkBxD7dLTrkRFQsQ7twyvw5eL0tuWFj4EDkau3PA026RZvocOF4E7YTPdu_IcHcSbrq2BDwNv8AWUkv2w0fc0MTW38M84jLjIjV8jK4oOs3dx-vRFr37BzfaewFpey5kpgDGJcDOWY8C6EcClecDvgsUpMAHDCwvM6WOfI_0piuWgv9FFPpuNZsk9hmjIEY2zJsPibblCFVBHuO4MmMUjRSlL8Vp1uRpk9vOqmB3XS_YlSMdFvd1lGUiYgO7DrIk5VVXtjZZ_ZGX3oWMFuk8RqNJvcRwC1uhzichdWdevI_e-2J_bslEpEpMSNNFmQnG5lM6TOQ6SFsd2ous5g&cid=CAASEuRojc1GhJEH_fxxcfCM8ni8LQ&rfl=2%2Chttps%253A%252F%252Fwww.cadaminuto.com.br%242%2Chttps%253A%252F%252Fwww.cadaminuto.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Dec 2022 23:38:18 GMT

GET
H/1.1 200
OK dvbs_src_internal101.js Show response
cdn.doubleverify.com/ Frame F2B9 55 KB
18 KB 21ms
20ms Script
application/javascript 2a02:26f0:60:88b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=10849334&cmp=26506175&plc=316667327&sid=2787705&dvregion=0&unit=320x50
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:60:88b::4469 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 16:27:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:46 GMT
Server: Microsoft-IIS/10.0
ETag: "08517fa16ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18088

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0B29 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 12 Dec 2021 23:38:39 GMT
expires: Mon, 12 Dec 2022 23:38:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 60546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B29 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 16:26:00 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame F2B9 2 KB
1 KB 90ms
90ms Script
text/javascript 204.154.111.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_193183880339&jsTagObjCallback=__tagObject_callback_193183880339&num=6&ctx=10849334&cmp=26506175&plc=316667327&sid=2787705&advid=&adsrv=&unit=320x50&isdvvid=&uid=193183880339&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=96&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&htmlmsging=1&aUrlD=1&m1=13&noc=4&fcifrms=15&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4252%3E%3A%3FFE%40%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4252%3E%3A%3FFE%40%5D4%40%3E%5D3CTar9EEADTbpTauTauHHH%5D4252%3E%3A%3FFE%40%5D4%40%3E%5D3CTar9EEADTbpTauTau3ff3e7d6b2d3d2%60fafh72f%60aa5fd_d_b%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D4252%3E%3A%3FFE%40%5D4%40%3E%5D3CTau&dvp_exetime=2.80&callbackName=__verify_callback_193183880339
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb07.doubleverify.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cc1407cd98f7348965efd8ab9190e1dd01af73faaa0574dcb9936df5400d2d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Date: Mon, 13 Dec 2021 16:27:45 GMT
Expires: 12/12/2021 4:27:45 PM

POST
H/1.1 200
OK bsevent.gif
tps628.doubleverify.com/ Frame C632 807 B
1 KB 88ms
88ms Ping
image/gif 204.154.111.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps628.doubleverify.com/bsevent.gif?impid=8cf0fdc87dfe46599105e10732ddffda&pltfrm=Linux%20x86_64&cbust=1639412865716243
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb07.doubleverify.com
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 12/12/2021 4:27:45 PM

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cadaminuto.com.br%2F&domain=www.cadaminuto.com.br&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=S0lGKnxBV3VueHdrV3VKUGVrdjlrbFI0K3BvSVVjRDd4ZmdjZVBjNTduc1NsbEVLZXRXVkliSm9FRUhkRm14NTV2cVlXaWpyaUFXZE9tSnBaZVdRYVozUnJ2OUJHT21YUEpFQ25xNUcvTEI5a0FLYVRQdGhnVGZCbmN1Tn...

438 B
680 B

18ms
18ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=S0lGKnxBV3VueHdrV3VKUGVrdjlrbFI0K3BvSVVjRDd4ZmdjZVBjNTduc1NsbEVLZXRXVkliSm9FRUhkRm14NTV2cVlXaWpyaUFXZE9tSnBaZVdRYVozUnJ2OUJHT21YUEpFQ25xNUcvTEI5a0FLYVRQdGhnVGZCbmN1TnJOL0M2ZXVKUHhUc1RVYWxaRk1MdVZpdE1MVjYyVWU5YXpwNFhUM2JFZDQrRCtMUHAyblExdWtsTzVnRnFQa3NRc09aZG8wVXRxVWg2ckhqaW0weUp3U0VpUy9GdHl5dnVUbEkyYURtbUx3ckszRlRvbnAwM0ErQitHMHVpWGs2UmZvaEcwUWdFRWp1blBUZzV1dHFIRVZvS2pFVmhVMkRUdEpKcjRBV2N1dTJXUEFVTmRJRT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

3d1f9b2d47093179cd4562887361dcaed6da7cc91075743ed6e768d9e91fc344

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3938
strict-transport-security: max-age=86400; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
location: https://mug.criteo.com/sid?cpp=S0lGKnxBV3VueHdrV3VKUGVrdjlrbFI0K3BvSVVjRDd4ZmdjZVBjNTduc1NsbEVLZXRXVkliSm9FRUhkRm14NTV2cVlXaWpyaUFXZE9tSnBaZVdRYVozUnJ2OUJHT21YUEpFQ25xNUcvTEI5a0FLYVRQdGhnVGZCbmN1TnJOL0M2ZXVKUHhUc1RVYWxaRk1MdVZpdE1MVjYyVWU5YXpwNFhUM2JFZDQrRCtMUHAyblExdWtsTzVnRnFQa3NRc09aZG8wVXRxVWg2ckhqaW0weUp3U0VpUy9GdHl5dnVUbEkyYURtbUx3ckszRlRvbnAwM0ErQitHMHVpWGs2UmZvaEcwUWdFRWp1blBUZzV1dHFIRVZvS2pFVmhVMkRUdEpKcjRBV2N1dTJXUEFVTmRJRT18&cppv=2
strict-transport-security: max-age=86400; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.cadaminuto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2227
content-length: 567
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 59ms
20ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cadaminuto.com.br%2F&domain=www.cadaminuto.com.br&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.cadaminuto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.cadaminuto.com.br
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1679
date: Mon, 13 Dec 2021 16:27:44 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C43A 2 KB
814 B 8ms
7ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1639412862650

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 00CC 281 B
554 B 26ms
7ms Document
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Dec 2021 16:27:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5DC9 52 KB
17 KB 36ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 08 Dec 2021 02:31:34 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 13 Dec 2021 16:27:45 GMT
Age: 50161
X-Served-By: cache-lga21969-LGA, cache-hhn4071-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 863735
X-Timer: S1639412866.791766,VS0,VE0
Vary: Accept-Encoding

POST
H/1.1 200
OK bsevent.gif
tps618.doubleverify.com/ Frame F2B9 807 B
1 KB 285ms
86ms Ping
image/gif 204.154.111.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps618.doubleverify.com/bsevent.gif?impid=7d2f1e3ea01d4c38a2e884e7ce6325d6&vfdur=91&cbust=1639412865767441
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb07.doubleverify.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:45 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 12/12/2021 4:27:45 PM

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame F2B9 9 KB
4 KB 7ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 13 Dec 2021 17:17:15 GMT

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame F2B9 41 KB
17 KB 7ms
6ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 15:45:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B29 0
20 B 42ms
41ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUB7xgXS3YdbXJfeg7_UP8a-MsAwAAAAAOAHgBAI&bg=!8fKl8rbNAAZKWFskSlg7ACkAdvg8WlIyfNPt84HlHQm1URYyZRCkrzmHZWjQAz3hyqz5t2BIgEdnIgIAAABBUgAAAA9oAQeZAxSwg-AHtvP7sDcsxIDYIQWm0mz-lBMaoGIgXvLTmDUuFTqKR82g3WwIGOYo10qSSRyVt4W-huab6B2v4vm1v4JoB8pRIpzPfoF06sxKa2hZvRBhnBaz541lpDqALJBhHs_KCSHA9k4N38t0CLRK5_2tOFoZ_wnmnnfbF9KRymlhbJxmq1ghSa7FlAUOOQ7-milD3I_4jAJ89dUEZhsh49KDefw4Hmwk7PIukiAqydBJNygy7qbW-eBPcn7bx9yzII7SFFqphpA7aRsUQRThRfRO6bSS9wtXvg0V99zQGPsKp6gLTK-Wrrw2uUZJji3PP1tjItuF-6qShXg7lUL4nimK6NVnjK80rZ5gR30gu0IGbGB83GxI0cfpa32_FJNA5_Xx9a5xNJT6IPCRk4TXqcBigVRQXwKBoERvzdgrxWtkPUZzIpYX_OFcZR4knwNk3pBTPKSYeAwV0KMQYs9TbrLdenS3JkRT0ie8rQZY16BaWJh5IuyRt0MJViRsof1IuXaBZggNXtlY9QeAwj4CBJODfeLK_2NfHUXNevc8IX6VPw0V5cYG1rsn0jYIKy5fGNfV-flmYJmiiQtPMQmRwHiOP2OW8U2arr12aV-bWRtoWAeAumMFxUYvqxKKb2K4ufkNedpcTAqFdkO-9Bja5GnCm55SDTy1YRHxtRV2zloLgc595Hk3GUi3LwH5_ZH5fgKj9Q0szsWsAb5OdRgKXcqIbqwR2rRmUNOHSUEtp1NY_Q2JCm2gdrgLq_GACJktNKBXAoNTvPBmJ6iwiVGs7fcoiKNYv_HjqlILIR3QJY6jtk0a4Lugu0Rv7p95QPJjsJf3wPxLxV_fRoBGpfuOdrcaUnJzx2Ywkl73fACHy4L23nlCeXJw0MhkKKJ3O2zbtTihkzMu_k5ZUAI6nY9mlvoVPFcpqG64BMPCwZa5McoASqbsr1JV70yRXBECO7ldiJQEXpWbF7WVFMqtJz2ADEkWeHMSReQ0LETueEZm_tUZcrpvJnqXFxNRYjAZKaruhxHRNBNt-LsTVyNlmBnXWRBWog7TJg

Requested by

Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 B9689862.280621528;dc_ver=81.236;sz=320x50;u_sd=1;dc_adk=1832254322;ord=d8wx87;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fwww.cadam... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame F2B9 44 KB
21 KB 65ms
50ms Script
text/javascript 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280621528;dc_ver=81.236;sz=320x50;u_sd=1;dc_adk=1832254322;ord=d8wx87;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fwww.cadaminuto.com.br$2,https%3A%2F%2Fwww.cadaminuto.com.br%2F$0;xdt=1;crlt=WVUdn.apwI;sttr=19;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

7595f182d3f1718cda3774ad56670e50f6baf5eb9320e3bbaf71a0019125e485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21712
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 00CC 32 KB
10 KB 8ms
7ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 54465fe0b05e2deb901b5531e8ef17d4e0dd7aaafd7cddee7b7f47ee594f1e9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 16:27:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 17:06:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61588
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9507
Expires: Tue, 14 Dec 2021 09:34:13 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5DC9 0
729 B 31ms
30ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:45 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 643fd00e-2bea-4d39-9929-6e16b74e575c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 39ms
13ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1060
date: Mon, 13 Dec 2021 16:27:44 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame F2B9 8 KB
3 KB 7ms
7ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280621528;dc_ver=81.236;sz=320x50;u_sd=1;dc_adk=1832254322;ord=d8wx87;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fwww.cadaminuto.com.br$2,https%3A%2F%2Fwww.cadaminuto.com.br%2F$0;xdt=1;crlt=WVUdn.apwI;sttr=19;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 16:19:04 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F2B9 0
23 B 58ms
43ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueLa2uCoOklM-GQ8LynJagwK4Sppg6yr7Lcqn790FM87-fyUc_WwPdWJ0T_aEhIaPJxGZHsUmPQ5P03PVeyCL5w_BZSQsXoc0wagN1eqkj6HR2J9KX-4b9JcLbnWPpYJOWjRgtYtqo16JVnpVeC_Pk41GJaNcz&sig=Cg0ArKJSzLKoM3PDm9-0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211207.02582&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame F2B9 8 KB
4 KB 21ms
21ms Script
application/javascript 2a02:26f0:60:88b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280621528&num=&adid=&advid=2276943&adsrv=1&btreg=505086692&btadsrv=doubleclick&crt=156986859&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280621528;dc_ver=81.236;sz=320x50;u_sd=1;dc_adk=1832254322;ord=d8wx87;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fwww.cadaminuto.com.br$2,https%3A%2F%2Fwww.cadaminuto.com.br%2F$0;xdt=1;crlt=WVUdn.apwI;sttr=19;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:60:88b::4469 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1e3126f4b1713295ca3a4510ea8a6be422cfe78cc9603dc8351818edcc6a1254

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 16:27:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Dec 2021 14:09:11 GMT
Server: Microsoft-IIS/10.0
ETag: "801dd2174ebd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H3 200 8355182992233989945
s0.2mdn.net/simgad/ Frame F2B9 17 KB
17 KB 23ms
8ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8355182992233989945

Requested by

Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c46f3db0c3a352c7797dc4e327b8a4270f60923d01ee6fc1871316eaff82182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:01:55 GMT
x-content-type-options: nosniff
age: 548750
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17822
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:09:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Dec 2022 08:01:55 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2E6E 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 12 Dec 2021 23:38:39 GMT
expires: Mon, 12 Dec 2022 23:38:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 60546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EDDF 1 KB
752 B 7ms
7ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 13 Dec 2021 13:26:12 GMT
expires: Tue, 14 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 10893
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F2B9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c873908807df171dac681a7c9795f82745498b824a7525d79aaccd0b30fcfd3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F2B9 0
23 B 46ms
46ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 16:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 00CC
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/Vnh_4d6nZ0rEkXuBCRLIcMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7989154304957820749

0
239 B

8ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7989154304957820749
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

date: Mon, 13 Dec 2021 16:27:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7989154304957820749
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 00CC
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g0VzM4TzgtMVItMzdaMQ==

170 B
188 B

20ms
20ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g0VzM4TzgtMVItMzdaMQ==

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g0VzM4TzgtMVItMzdaMQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 00CC
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWM2NmQyNzEzNmZmOWIzZTQyMTJlMzIxYWY2MWZjZjBlZTMwZTg2Mw

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWM2NmQyNzEzNmZmOWIzZTQyMTJlMzIxYWY2MWZjZjBlZTMwZTg2Mw

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWM2NmQyNzEzNmZmOWIzZTQyMTJlMzIxYWY2MWZjZjBlZTMwZTg2Mw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 00CC 0
0 33ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 00CC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=Ybd0ggALojlrTQAz
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ybd0ggALojlrTQAz&_test=Ybd0ggALojlrTQAz

0
239 B

9ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ybd0ggALojlrTQAz&_test=Ybd0ggALojlrTQAz
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639412866.148301,VS0,VE0
x-served-by: cache-cdg20762-CDG
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ybd0ggALojlrTQAz&_test=Ybd0ggALojlrTQAz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 00CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBv2fHx_FuW7-ep2VkDseTo&google_cver=1

0
239 B

24ms
12ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBv2fHx_FuW7-ep2VkDseTo&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBv2fHx_FuW7-ep2VkDseTo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 00CC 70 B
264 B 31ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 00CC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8ae361b7-7481-4a00-9fd8-b96af512b7c9

0
239 B

8ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8ae361b7-7481-4a00-9fd8-b96af512b7c9
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

Date: Mon, 13 Dec 2021 16:27:45 GMT
Server: MT3 4133 baa842e master zrh-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8ae361b7-7481-4a00-9fd8-b96af512b7c9
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 13 Dec 2021 16:27:44 GMT

GET
H/1.1 200
OK dv-measurements1940.js Show response
cdn.doubleverify.com/ Frame FDCE 490 KB
89 KB 21ms
21ms Script
application/javascript 2a02:26f0:60:88b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1940.js
Requested by: Host: t.co
URL: https://t.co/UZbg9fqRz6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:60:88b::4469 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a017571443bb27ca29ee2d9221639df656b0b5f3b0f370fc68aac31fa98ef30c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 16:27:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Dec 2021 09:41:32 GMT
Server: Microsoft-IIS/10.0
ETag: "02ee99d4eebd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91098

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ 0
75 B 368ms
115ms Image
text/plain 199.187.193.182
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.182 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:46 GMT
content-length: 0

GET 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame EDDF 0
0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame EDDF 70 B
264 B 33ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEL5lZB0FrC_yCYs3mEAvNW4&google_cver=1&google_push=AYg5qPIbcarSDjki5t4XnCl4M1brwYLPeJuzuEJWPdL9HMoUaILH58z0Z2C-3nR6vYFH95i9IFWGDspeTt9mKnIawYNn8o-gcv86Yg
Requested by: Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame EDDF 0
191 B 74ms
23ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECs5lVJsxVEheqVnSmn3vsk&google_cver=1&google_push=AYg5qPKH5eqSvSECCw68Shp3gcHzpAKaCF3Ro_lIzXHRZs8xNBAqe-nAe3OcxVJLGvbV0TKS0iEufC11lx1fpmBcKHsB53E05dF8Mg
Requested by: Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDDF
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEHPLxuHrsMrrPxe681KI6a4&google_cver=1&google_push=AYg5qPK3Z6QatrjZt3wTK3AKsU-Dq6c0lJamfwZaWJqx0mGSKox6iIrEmDbAu...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEHPLxuHrsMrrPxe681KI6a4&google_cver=1&google_push=AYg5qPK3Z6QatrjZt3wTK3AKsU-Dq6c0lJamfwZaWJqx0mGSKox6iIrEmDbAu...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=D7DSv9w5_tnCWzg-RAUXxg&google_push=AYg5qPK3Z6QatrjZt3wTK3AKsU-Dq6c0lJamfwZaWJqx0mGSKox6iIrEmDbAu_Mm9mdNtiBsgxbG3WNdN...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=D7DSv9w5_tnCWzg-RAUXxg&google_push=AYg5qPK3Z6QatrjZt3wTK3AKsU-Dq6c0lJamfwZaWJqx0mGSKox6iIrEmDbAu_Mm9mdNtiBsgxbG3WNdNZpflKTCsBxdx-3VQ-vdpA

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 13 Dec 2021 16:27:46 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=D7DSv9w5_tnCWzg-RAUXxg&google_push=AYg5qPK3Z6QatrjZt3wTK3AKsU-Dq6c0lJamfwZaWJqx0mGSKox6iIrEmDbAu_Mm9mdNtiBsgxbG3WNdNZpflKTCsBxdx-3VQ-vdpA
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 240

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDDF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDb6Asvx_KJwx-d3mypRvKQ&google_cver=1&google_push=AYg5qPKpS8bfO37PMSoNILWRguFEpAqRd24EUxCDrdlIkEeFhobRnwU6QbtmjKPBKhbRkqBBPVl...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g0VzM4TzgtMVItMzdaMQ==&google_push=AYg5qPKpS8bfO37PMSoNILWRguFEpAqRd24EUxCDrdlIkEeFhobRnwU6QbtmjKPBKhbRkqBBPVlLmq9Yt5x33ALMZCSeZ7pDt5rFsA

170 B
188 B

20ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g0VzM4TzgtMVItMzdaMQ==&google_push=AYg5qPKpS8bfO37PMSoNILWRguFEpAqRd24EUxCDrdlIkEeFhobRnwU6QbtmjKPBKhbRkqBBPVlLmq9Yt5x33ALMZCSeZ7pDt5rFsA

Requested by

Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g0VzM4TzgtMVItMzdaMQ==&google_push=AYg5qPKpS8bfO37PMSoNILWRguFEpAqRd24EUxCDrdlIkEeFhobRnwU6QbtmjKPBKhbRkqBBPVlLmq9Yt5x33ALMZCSeZ7pDt5rFsA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDDF
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECfGMezmlcbkh6xV2WkGg7k&google_cver=1&google_push=AYg5qPJgRUR41FUWXLYw2I8ySh4jjW4kSqkpgIx3er_GgxOMoD68cYK-sZffm_D3spfEY490RWgJ40rUoZF6BEzjS26KIE7-ru...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODEwOTg0Mjk4ODQyMjM2MzA2MA%3D%3D&google_push=AYg5qPJgRUR41FUWXLYw2I8ySh4jjW4kSqkpgIx3er_GgxOMoD68cYK-sZff...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODEwOTg0Mjk4ODQyMjM2MzA2MA%3D%3D&google_push=AYg5qPJgRUR41FUWXLYw2I8ySh4jjW4kSqkpgIx3er_GgxOMoD68cYK-sZffm_D3spfEY490RWgJ40rUoZF6BEzjS26KIE7-rueH8g

Requested by

Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODEwOTg0Mjk4ODQyMjM2MzA2MA%3D%3D&google_push=AYg5qPJgRUR41FUWXLYw2I8ySh4jjW4kSqkpgIx3er_GgxOMoD68cYK-sZffm_D3spfEY490RWgJ40rUoZF6BEzjS26KIE7-rueH8g
date: Mon, 13 Dec 2021 16:27:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame EDDF 0
75 B 85ms
22ms Image
text/plain 185.86.138.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFvnfxYMXha0DYDh50E3PpE&google_cver=1&google_push=AYg5qPLe50L13w9b_W5cwAXEoL3oiRWZI6YqU81tqKuW6YzIhN3quhS4leyolo60fLS7N4cPY2EqDHPLOFI_PqQyyJqOioO8M8VfRg
Requested by: Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EDDF 0
12 B 16ms
16ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-zwZFzluGbI7G0wwJPWrOeKp5Fsdcm3CP4D3TkzcLbQgCIPC2B05Wo7-E5wM6qqiNHVOt

Requested by

Host: b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
URL: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E6E 35 KB
13 KB 9ms
9ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 21:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 21:37:34 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame FDCE 2 KB
2 KB 12ms
12ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=65&ttfrms=5&brid=3&brver=96.0.4664.93&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4252%3E%3A%3FFE%40%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4252%3E%3A%3FFE%40%5D4%40%3E%5D3CTar9EEADTbpTauTauHHH%5D4252%3E%3A%3FFE%40%5D4%40%3E%5D3CTar9EEADTbpTauTau3ff3e7d6b2d3d2%60fafh72f%60aa5fd_d_b%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=303&ddur=22&uid=1639412866005964&jsCallback=dvCallback_1639412866005563&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=50&winw=320&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1940&tgjsver=1940&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fb77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&fcifrms=18&brh=2&sdf=2&dvp_epl=303&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280621528&crt=156986859&btreg=505086692&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=9352503150.357044&dvp_tukv=48322776927.70809&dvp_uuid=675709766.9742821&dvp_tuid=85635607165
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 988439009ac67153d4c5c6d4a436d1309fd63790d9109cbd1c3c3faffcb72a6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:46 GMT
Cache-Control: max-age=0
Connection: keep-alive
Content-Type: text/javascript
Transfer-Encoding: chunked
Expires: 12/12/2021 16:27:46

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame E64E 0
305 B 30ms
9ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=e1978bf272a547faa1b56b2ae2cecf89&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=64&eoid=8&msrjs=1940&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=21&tetms=10&msltms=52&vltms=64&sei=289&vetms=16&engms=1&engisel=1&ttfurm=2098&cbust=1639412866075887
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:46 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 12/12/2021 16:27:46

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E6E 0
22 B 42ms
42ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bq_lJgXS3YYG3Msj5-gbZi43oCgAAAAA4AeAEAg&bg=!4OOl46fNAAZKWFskSlg7ACkAdvg8WstrCCgTI9_wRz1c4sBsKJtlnhTK_r_5MhD1AmIoywjshafUIwIAAABiUgAAAAtoAQeZAzf6ckOvS19MR2UMi8vBh80TPCt0QyUhGeSgdGeuLwCVpv9u1OSgp3uF80yx1WekVMQRrMtZcQs9jOH2L8XhXRAfwqWnwO36gANTNf2yt9gV3nJOAQQjZnrfSSHkWWcHzu1Bw20zfS6yqVpGDwSFLT-cEaDBDwSU8wrdFAJNYVmdpEEeWTdNLr-QQt-OEpzmcVLJRUVBgzruVN0MW3AUewTpX7A8fsH_Y0UmpJtN9yMbqsNGfeZzMK7MoLFxZJLoE48Q8ZmB3iSGHpZL9Zxxps7dvSO7x3trGzxGdlYwnKbcaRvkrdhSqZtEuphfD5CudnHNgT95VYMc9OPSePCI6PWz7gKeeLXNqfsKZExfiuZNyqTB7P0c_uR0P7eiiWPQ188QpQrTTX7SxjsON7sYZwy47R9p_clCqlm2_icEpM7QdhEMuGDhMMeX42VfKL3XVoVBCJ__vOq1KAy4jU51ziz2bpXZly793JVRCjcy9oRahQPlEAcEkDuS_1CNKKVa1rLuXMiesA_bNu-D14iG4YXf4g1eP_XJPSYE6kB47e6xQVm-v1HjcC2v3n_f2D1uXdqade9i91_ILWsMmbrMqm1Cr_JlHIt8MLCKVVoGK4YRhKAC96gn4W0g2HGZ2LouH1NYTRpC0YohJRowdvNCRgo4G-E2ItSqPdR5i4l_rfbF8IjoMxs53zD5dGJ0tPsg9_QL71vGduBUzi1SxB3rSsemL_3Y_3Q0ytHo9INztaphwpQOW0rJbW3c854hXNy7QASoJlaFiBjtcEjCc1zq7fsvShu4w7zdhWAzNMmnpiRKqQm18v327kAUYrQqN28XRpku1T0tYX7jnrc2d1uAB4X25IQxxMdPlBvoTRfmvnF7kAxuCkz-HVu7FCIX5fNsjQV-GQ1bx6yOPAfSlMYAIHJdSuIQseGHmXwqfQ43kPUHu55FbcsRvtjHYI0YePN5gu-Js4nbMzgtkHAYUMEha3LQFSt3s2pcqI8N-hXBnDQDf_pTa2Kj88TZOFvf7r18mTZNRD_hQ06xQDHugnSMzlK9OnZno49pOA4xeb6Q46ypJ5P3ACtyPaeJoDyMeUiVOV36hEyYW9r9

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5DC9 0
729 B 55ms
54ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:46 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8ab86250-a358-40d3-bf3d-8ec5cce60761
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame E64E 0
305 B 9ms
8ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=e1978bf272a547faa1b56b2ae2cecf89&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=10&ismms=27&isumms=27&isvelg=1&nvr=2&elmtp=3&isbxdms=2127&b0=2215&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&lftb=2215&sftb=2215&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=27&dvp_dpr=1&cbust=1639412867073681
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:47 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 12/12/2021 16:27:47

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1673119859&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cadaminuto.com.br%2Fnoticia%2F2021%2F12%2F10%2Farapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter%26utm_campaign%3Dcadamin&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Arapiraca%20suspende%20temporariamente%20vacina%C3%A7%C3%A3o%20contra%20a%20Covid%20ap%C3%B3s%20ataque%20hacker%20ao%20sistema%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=369855517&gjid=521981207&cid=283175133.1639412862&tid=UA-98623244-1&sf=10&_gid=1258168280.1639412862&_r=1&_slc=1&z=1363628261

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cadaminuto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 12 KB
5 KB 248ms
42ms Script
application/javascript 2606:4700::6810:ef3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f32397ae-3bd7-4b1c-a6b4-fd4668549872
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d5c3f8780456cf0e542f757c796a4ecb58ec0f217584511969580ba8d51778be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Dec 2021 19:28:49 GMT
server: cloudflare
age: 724
etag: W/"61afb5f1-3152"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6bd08fd64dedf92f-MXP
content-type: application/javascript
expires: Mon, 13 Dec 2021 17:15:43 GMT

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ 31 KB
31 KB 215ms
9ms Script
application/javascript 2600:9000:2156:bc00:1c:38a0:8a40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=51&subId=&callback=
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f32397ae-3bd7-4b1c-a6b4-fd4668549872
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:bc00:1c:38a0:8a40:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 30134
etag: "cb2b3e45ae50a1cfc9646f528ea92b50"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 13 Dec 2021 08:05:34 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 31281
x-amz-cf-id: 0EIGifS1ctnkIxGvW9Obh5JbZA1V3eUWVgvVIprLv8UmzG6F8z2Bwg==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 41ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-98623244-1&cid=283175133.1639412862&jid=369855517&gjid=521981207&_gid=1258168280.1639412862&_u=aEDAAEABAAAAAC~&z=1218988419

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Dec 2021 16:27:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.cadaminuto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ 23 KB
6 KB 64ms
15ms XHR
text/plain 2600:9000:2156:3800:8:9ed9:9c40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=51&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:8:9ed9:9c40:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0aec59c0803f49421ffcc6011dc42f89fc1b8f08d525116f1a348b25f362c942

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 13 Dec 2021 09:29:14 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 10:54:20 GMT
server: AmazonS3
age: 25114
etag: W/"ae71ccb26170052ef12b62d80459df1f"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.cadaminuto.com.br
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YXOgO4OAo9-lQbL6RKz5K4M5lgM5tg5B-urZKZa5yH86OtF5h8QceA==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)

GET
H2 200 46575 Show response
tag.navdmp.com/u/ 706 B
614 B 178ms
177ms Script
application/javascript 2606:4700::6810:ef3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/46575
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d1950fe5697646d88798b21ffcc72287ee8f2834dbad51a9b77d226fc2c218f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 23 Nov 2021 14:41:01 GMT
server: cloudflare
etag: W/"619cfd7d-2c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6bd08fd68e76f92f-MXP
content-type: application/javascript
expires: Mon, 13 Dec 2021 17:27:47 GMT

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 2553 42 KB
15 KB 37ms
8ms Document
text/html 2600:9000:2156:bc00:1c:38a0:8a40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=51&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:bc00:1c:38a0:8a40:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e012a3b95a44b7627384b790fa49ef64906299f7d1c0ca2bd2e643c100eba2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/

Response headers

content-type: text/html
date: Mon, 13 Dec 2021 02:46:10 GMT
last-modified: Wed, 08 Dec 2021 10:46:21 GMT
etag: W/"72b7eb0ed3b552f546f4240f3e4e9f26"
x-amz-version-id: mkXtqZN.sX1diyvNHzDOuWx2fzD7.NTz
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: AMGTg-W8trD86ovF-yA8Xewn2LVrRRATKgr5XbRX38el8MmtFSohUg==
age: 49297

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 2553 118 B
872 B 153ms
152ms XHR
application/json 2600:9000:2156:2800:3:748e:7940:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:2800:3:748e:7940:93a1 -, , ASN (),

Reverse DNS

Software

Resource Hash

93dc61b6efff0d04e06d826a99bc7db09f4fc3fe2ac0a4161bb5a50a455669b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 118
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Mon, 13 Dec 2021 16:27:47 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: QOWAbSpHmPfBJM2mDpB7JvP6UL-auyr85xMBAbV6CiPUo33cTA4a_g==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 196ms
148ms Preflight 2600:9000:2156:2800:3:748e:7940:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:2800:3:748e:7940:93a1 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 13 Dec 2021 16:27:47 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fZm9hXJHOTYMADXPDAiXMc4I4MnceIlylXzv472hQdJKpz36N31n1A==

POST
H/1.1 200
OK bsevent.gif
tps618.doubleverify.com/ Frame F2B9 807 B
1 KB 88ms
88ms Ping
image/gif 204.154.111.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps618.doubleverify.com/bsevent.gif?impid=7d2f1e3ea01d4c38a2e884e7ce6325d6&pltfrm=Linux%20x86_64&cbust=1639412867767445
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb07.doubleverify.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:47 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 12/12/2021 4:27:47 PM

GET
H2 200 usr Show response
usr.navdmp.com/ 358 B
478 B 1194ms
1185ms Script
application/javascript 2606:4700::6810:ef3

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=9&acc=46575&u=1&new=1&wst=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bcf929b8d955bd27932f75d0b15d5ca2975e4a9a60aaa4ebacaec8f83b9e1bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Mon, 13 Dec 2021 16:27:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6bd08fd7c856f92f-MXP
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Mon, 13 Dec 2021 17:27:48 GMT

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame FDCE 0
305 B 8ms
8ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=ace5dd98018a4d6daabb1f4c2c7a1ade&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=13&eoid=8&msrjs=1940&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=22&tetms=7&msltms=32&vltms=13&sei=290&vetms=5&engms=1&engisel=1&ttfurm=2023&cbust=1639412868024788
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:48 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 12/12/2021 16:27:48

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 105 KB
33 KB 9ms
9ms Script
application/javascript 2600:9000:2156:bc00:1c:38a0:8a40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=51&subId=&callback=
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=51&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:bc00:1c:38a0:8a40:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5024c8562f3a22835ff37215291695e61389d804a4e2ca943eece13960daeca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: GT7I8D0R3oQufoOiLgwsbuUzlEWb3JHV
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 08:42:49 GMT
server: AmazonS3
age: 58360
etag: W/"2f50e5f43fca3ba6efc6a53a514d50c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
date: Mon, 13 Dec 2021 00:15:08 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mWUb2WUFxlPm38rV8OJKBLUP66PGB_PQXQ2NnOkybUoTuLzAFvPWlg==

GET
H2 200 t Show response
avm.avantisvideo.com/api/v1/tag/645b490f-24f2-429d-a04c-d266868eea7c/51/desktop/generate/ 1 KB
2 KB 155ms
154ms XHR
text/plain 2600:9000:2156:2800:3:748e:7940:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/645b490f-24f2-429d-a04c-d266868eea7c/51/desktop/generate/t?subId=dlvr.it&browser=chrome&utm=dlvr.it&os=windows&url=https%3A%2F%2Fwww.cadaminuto.com.br%2Fnoticia%2F2021%2F12%2F10%2Farapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter%26utm_campaign%3Dcadamin&eu=true&country=DE&hour=16&amp=false

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=51&subId=&callback=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:2800:3:748e:7940:93a1 -, , ASN (),

Reverse DNS

Software

Resource Hash

7dd8e22cd43ea04ebe04cbb74bc4242213ccc7e491e9ac645bc09b144fe738db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Dec 2021 16:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 0
access-control-allow-origin: https://www.cadaminuto.com.br
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id: ydCkF5u-pslDTJ_E7kkO3jkL56NHj3F71Kqm8ReABTqV8g1WLTANaQ==

OPTIONS
H2 204 t
avm.avantisvideo.com/api/v1/tag/645b490f-24f2-429d-a04c-d266868eea7c/51/desktop/generate/ Frame 0
0 150ms
150ms Preflight 2600:9000:2156:2800:3:748e:7940:93a1

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:2800:3:748e:7940:93a1 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.cadaminuto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 13 Dec 2021 16:27:48 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://www.cadaminuto.com.br
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jAR4W-1lWKfzyFW3kYlTRBBbs60sfjH3aT6GR9er0pR90Y0HInJVcQ==

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 519ms
168ms Ping
text/plain 52.42.142.109

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cadaminuto.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 13 Dec 2021 16:27:48 GMT

GET
H2 200 3.video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 20 KB
7 KB 8ms
8ms Script
application/javascript 2600:9000:2156:bc00:1c:38a0:8a40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/3.video-loader2.1-cr.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=51&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:bc00:1c:38a0:8a40:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 281b837703bcfe56606f7dce0044f01725b5fa444b22f326b24b4cf78fa6b21a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: aTDZT.PiA_q626OVj8GMxd4M3Jm9TVFO
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 08:42:48 GMT
server: AmazonS3
age: 78069
etag: W/"3f3b83e5861233563c8c72cdfdb211ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
date: Sun, 12 Dec 2021 18:46:51 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: UdezoNRD05r9K_qiw6MiQzygRDnMc1k6AAwM3Aovp4MP1Vzo69Pgqw==

GET
H/1.1 200
OK adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
746 B 84ms
25ms Script
text/javascript 2a02:26f0:60:8a4::2c79

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/3.video-loader2.1-cr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:60:8a4::2c79 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 16:27:48 GMT
X-GUploader-UploadID: ABg5-UzVSBIf7xAuibqyphT1WUOVX76d9z8DzLd9VBIBeJNK2bSX8FJ44g9pJzmXIEpgcTjwQ9xuKbGbbmbDkDBTSujLh9Cuug
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2
Last-Modified: Thu, 14 May 2020 13:22:36 GMT
Server: UploadServer
ETag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==
x-goog-generation: 1589462556858294
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=1800
x-goog-stored-content-length: 2
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Mon, 13 Dec 2021 16:57:48 GMT

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ 27 KB
10 KB 95ms
32ms Script
application/javascript 2a02:26f0:60:8a4::2c79

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=51&subId=&callback=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:60:8a4::2c79 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 7b97fdca40040900c32d349b9e5a352210e5d704dba6e6b8643c3b81d1cd9a4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:48 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdt6hRJtEwT8xoUZPwepB07v_gABhmybu59ZKQCY_tqPtef4Wh2H9lOVc3RlZnm8KMg6kQEJXIVwj2yMWLW14VQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9567
last-modified: Sun, 12 Dec 2021 09:10:25 GMT
server: UploadServer
etag: "d55ca3943f7f701e224f6205a9c9e0f4"
vary: Accept-Encoding
x-goog-hash: crc32c=9HeREg==, md5=1VyjlD9/cB4iT2IFqcng9A==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1639300224946133
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9567
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 13 Dec 2021 16:32:48 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
102 B 174ms
165ms Script
application/x-javascript 2606:4700::6810:ef3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=9&id=fdce530a31982dfc2340b258c09%7C0&acc=46575&tit=Arapiraca%2520suspende%2520temporariamente%2520vacina%25E7%25E3o%2520contra%2520a%2520Covid%2520ap%25F3s%2520ataque%2520hacker%2520ao%2520sistema%2520do%2520Minist%25E9rio%2520da%2520Sa%25FAde&url=https%253A%2F%2Fwww.cadaminuto.com.br%2Fnoticia%2F2021%2F12%2F10%2Farapiraca-suspende-temporariamente-vacinacao-contra-a-covid-apos-ataque-hacker-ao-sistema-do-ministerio-da-saude%253Futm_source%253Ddlvr.it%2526utm_medium%253Dtwitter%2526utm_campaign%253Dcadamin&upd=1&new=1&ref=https%253A%2F%2Ft.co%2F&h1=Arapiraca%2520suspende%2520temporariamente%2520vacina%25E7%25E3o%2520contra%2520a%2520Covid%2520ap%25F3s%2520ataque%2520hacker%2520ao%2520sistema%2520do%2520Minist%25E9rio%2520da%2520Sa%25FAde
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6bd08fdf3c97f92f-MXP
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=68130517155
https://sync2.navdmp.com/sync?prtid=2&id=68130517155&google_gid=CAESEEnEV1Gzt9g-T5YyAH7xOC8&google_cver=1

6 B
58 B

198ms
188ms

Script
application/javascript

2606:4700::6810:ef3

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=68130517155&google_gid=CAESEEnEV1Gzt9g-T5YyAH7xOC8&google_cver=1
Protocol: H2
Server: 2606:4700::6810:ef3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6bd08fdf5ccdf92f-MXP
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 16:27:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync2.navdmp.com/sync?prtid=2&id=68130517155&google_gid=CAESEEnEV1Gzt9g-T5YyAH7xOC8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=8ae361b7-7481-4a00-9fd8-b96af512b7c9

43 B
130 B

168ms
157ms

Image
image/gif

2606:4700::6810:ef3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=8ae361b7-7481-4a00-9fd8-b96af512b7c9
Protocol: H2
Server: 2606:4700::6810:ef3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:27:49 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 6bd08fdfad4af92f-MXP
content-length: 43

Redirect headers

Date: Mon, 13 Dec 2021 16:27:49 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x10 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://sync.navdmp.com/sync?img=1&mdia=8ae361b7-7481-4a00-9fd8-b96af512b7c9
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 13 Dec 2021 16:27:48 GMT

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
0 100ms
33ms Image
text/html 212.82.100.182

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cadaminuto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame FDCE 0
305 B 8ms
8ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=ace5dd98018a4d6daabb1f4c2c7a1ade&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=10&ismms=8&isumms=8&isvelg=1&nvr=2&elmtp=3&isbxdms=2108&b0=2200&adhgt=50&adwdth=320&norwdth=320&norhgt=50&engisel=1&dvp_vsosnmr=1&lftb=2200&sftb=2200&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=50&cwdth=320&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=8&dvp_dpr=1&cbust=1639412869024914
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
Pragma: no-cache
Date: Mon, 13 Dec 2021 16:27:49 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 12/12/2021 16:27:49

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEChRII5jInA53ohV5CDyYrQ&google_cver=1&google_push=AYg5qPJXsXO1XQbHLUMHtTkvjiCtNshe4PFM0cC9m2BjgVv3RJp_E9nX3oEjMHE6DmLAWav9zXLJnYj1b-oZfLHqKXwfdrf6sYW2NA

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 03:42:44	Name: _GRECAPTCHA Value: 09ABBMTcPrZZ2Pxdhx56H1-r40DvFaMnSCSn0oqOev4JSrEsZQwpk2dIw8QaJYe2P1cEDZjx2fbEIaXZF8oLAm_NE
.3lift.com/sync	1970-01-20 01:33:08	Name: sync Value: CgoIgQIQurP8pNsvCgoI4gEQurP8pNsvCgoI5gEQurP8pNsvCgoIhwIQurP8pNsvCgkICRC6s_yk2y8KCQg6ELqz_KTbLwoJCAsQurP8pNsvCgoIjAIQurP8pNsvCgoIzgEQurP8pNsvCgkIXxC6s_yk2y8=
.t.co/	1970-01-20 16:54:44	Name: muc Value: e531d806-136b-43f5-889e-20c2226886f3
.t.co/	1970-01-20 16:54:44	Name: muc_ads Value: e531d806-136b-43f5-889e-20c2226886f3
.bit.ly/	1970-01-20 03:42:44	Name: _bit Value: lbdgrF-4c402145cd80ece2d2-00P
www.cadaminuto.com.br/	1970-01-20 08:53:47	Name: __atuvc Value: 1%7C50
www.cadaminuto.com.br/	1970-01-19 23:23:34	Name: __atuvs Value: 61b7747e38df0e10000
www.cadaminuto.com.br/	1970-01-20 08:53:47	Name: __atssc Value: twitter%3B1
.addthis.com/	1970-01-20 08:53:47	Name: uvc Value: 1%7C50
.addthis.com/	1970-01-20 08:53:47	Name: ssc Value: twitter%3B1
.cadaminuto.com.br/	1970-01-20 16:54:44	Name: _ga Value: GA1.3.283175133.1639412862
.cadaminuto.com.br/	1970-01-19 23:24:59	Name: _gid Value: GA1.3.1258168280.1639412862
.cadaminuto.com.br/	1970-01-19 23:23:32	Name: _gat_UA-10952075-1 Value: 1
www.cadaminuto.com.br/	1970-01-20 00:06:44	Name: _pbjs_userid_consent_data Value: 3524755945110770
.addthis.com/	1970-01-20 08:53:47	Name: loc Value: MDAwMDBFVURFQlkyMjk3MTkwOTAwNTAwMDBDSA==
.rubiconproject.com/	1970-01-20 08:09:08	Name: khaos Value: KX4W38O8-1R-37Z1
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f
.rubiconproject.com/	1970-01-20 08:09:08	Name: audit Value: 1\|naVuGyos1qofaDFZe9HIQXNEnEPvxbSem0AuhTX0VRxyH6GfBxt1tnvxw90Kv6obPM3AzuJfv4mskXq8C0iUflww/adD15BgOT72qKi9C9mRGRv3Pn/H7Q==
.360yield.com/	1970-01-20 01:33:08	Name: tuuid Value: 2d68b756-8127-4539-8eea-3761646da0f5
.360yield.com/	1970-01-20 01:33:08	Name: tuuid_lu Value: 1639412862
.adnxs.com/	1970-01-20 01:33:08	Name: uuid2 Value: 7545439605706458514
.doubleclick.net/	1970-01-20 08:45:08	Name: IDE Value: AHWqTUkARbPfsRODf2sbUIXy91YbmlMHH3zacboKSyFB4uYeR7iQ-PAd-2DkdseVRnI
.casalemedia.com/	1970-01-20 01:33:08	Name: CMPS Value: 3228
.casalemedia.com/	1970-01-20 08:09:08	Name: CMID Value: Ybd0f-5Yk-gC4uLltysiJgAA
.casalemedia.com/	1970-01-20 01:33:08	Name: CMPRO Value: 1193
.criteo.com/	1970-01-20 08:45:08	Name: uid Value: 56c99491-38d6-4815-9e51-a388f89e823d
.adtelligent.com/	1970-01-20 00:52:49	Name: vmuid Value: f6298c1073558374
.cadaminuto.com.br/	1970-01-20 08:45:08	Name: cto_bundle Value: UdFKRF9McyUyQlhxM2I1QkZSV3UlMkJkaWJRcmlWbXRiWEk1Z3daJTJCbXpxVHVrdXZMMm5BSGI2NGdYWElmQ3BuS3NGb2ducWg4Nm1RYXAyRGFMJTJGcGNLYUxBWGpGQmVYdTRFVzdCNUVYdnNZTVdBUFJFNDZxWXVnRGRpSzUydyUyRndOTjVacVlvenVvUTF6Mlhhc2ZBY0VEZVFKJTJCQ1RZdXclM0QlM0Q
.3lift.com/	1970-01-20 01:33:08	Name: tluid Value: 8109842988422363060
.bidswitch.net/	1970-01-20 08:09:08	Name: tuuid Value: 2975ef73-d23c-40d9-9ad9-a6906329ec93
.bidswitch.net/	1970-01-20 08:09:08	Name: c Value: 1639412865
.bidswitch.net/	1970-01-20 08:09:08	Name: tuuid_lu Value: 1639412865
.bing.com/	1970-01-20 08:45:08	Name: MUID Value: 10C685A1E1C66F35194894ADE0146EFA
.turn.com/	1970-01-20 03:42:44	Name: uid Value: 7119648974622752365
.adnxs.com/	1970-01-20 01:33:08	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI3NTQ1NDM5NjA1NzA2NDU4NTE0IiwiZXhwaXJlcyI6IjIwMjEtMTItMjdUMTY6Mjc6NDMuMDkyODQxMDQ2WiJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiIyZDY4Yjc1Ni04MTI3LTQ1MzktOGVlYS0zNzYxNjQ2ZGEwZjUiLCJleHBpcmVzIjoiMjAyMi0wMy0xM1QxNjoyNzo0MloifSwiYWR0ZWxsaWdlbnQiOnsidWlkIjoiZjYyOThjMTA3MzU1ODM3NCIsImV4cGlyZXMiOiIyMDIyLTAzLTEzVDE2OjI3OjQ1WiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjgxMDk4NDI5ODg0MjIzNjMwNjAiLCJleHBpcmVzIjoiMjAyMi0wMy0xM1QxNjoyNzo0NVoifX19
.cadaminuto.com.br/	1970-01-20 08:45:08	Name: __gads Value: ID=f348703a979d62aa:T=1639412862:S=ALNI_MZtPab188y8AaTq0juEU743RJKeLw
.adsrvr.org/	1970-01-20 08:09:08	Name: TDID Value: c264eebb-1f8c-4bc9-ad8b-42f915dd20ab
.yahoo.com/	1970-01-20 08:09:30	Name: A3 Value: d=AQABBIF0t2ECEJVKFlGZ2gPFanyj_C3yka4FEgEBAQHGuGHBYQAAAAAA_SMAAA&S=AQAAAjKR131PaGQgTJuMfbWLuso
.adsrvr.org/	1970-01-20 08:09:08	Name: TDCPM Value: CAESFgoHc3Z4OXQ1MBILCK65_O7wl586EAUYBSABKAIyCwiuq9Wbh5ifOhAFOAE.
.smadex.com/	1970-01-20 08:01:56	Name: smxtrack Value: e6c310aa-3d9d-49c7-999f-874ac8daef51
.adnxs.com/	1970-01-20 01:33:08	Name: anj Value: dTM7k!M4.wgjZ%3ghqdmU(7TMeWMpK#?nHU2hk_>2[Rgl?UA!QhEt)H]whcL#dl!A>=P3$:<FK5w`%:W.ZuBRE)gt_>UdU3PVXC+3%t1q$I`BZ6pG5VDF_3Aw<3KqcJ4_BS$GkZGVLW!y>fVD)kw+Tnh1w0NMvUV)ZJ2P<>bSGn-<Fu!7JCzFivG44uw!b+h/Sj^RBU>tqMis+L#O5QveEja+omQ^TWBnS3I?-K'qA1f
.casalemedia.com/	1970-01-19 23:24:59	Name: CMST Value: Ybd0f2G3dIEA
.casalemedia.com/	1970-01-20 08:09:08	Name: CMRUM3 Value: 2d61b774812760CAESEH7p6x7GD_cSBfzNhnIe6cY
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:55:26	Name: bcookie Value: "v=2&8f466db9-26f5-433a-8fe5-0baa5813125a"
.linkedin.com/	1970-01-20 16:54:01	Name: li_gc Value: MTswOzE2Mzk0MTI4NjU7MjswMjEfOrINdQiGmCC07N6bvBbjP2/fH1DRcxORedLXcYt0ZQ==
.linkedin.com/	1970-01-19 23:24:59	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2603:u=1:x=1:i=1639412865:t=1639499265:v=2:sig=AQGMK-9FirZIEp3uParN0xsnwSNaYj7P"
.amazon-adsystem.com/	1970-01-20 04:11:32	Name: ad-id Value: A9p6q51o-klxj5aHSPqbL6g
.amazon-adsystem.com/	1970-01-21 19:40:20	Name: ad-privacy Value: 0
www.cadaminuto.com.br/	1970-01-20 08:45:08	Name: cto_bundle Value: CFrv6V94TWxDckdEZFVSRnVHZGdsQXVxYmZBN1ZSckdjTURIMVBoTWxvRFJiSzFCOFhSaTZ2Z0tkOSUyQlJwb0tOQVZOQSUyQkVCSlpCeG1HVWJFNVRCMDJkOUh1dkZsRGFtWVJBTkhsZjRRYVFUWlg4cm1BY2FicmxxSktaNCUyRjlvNCUyRjdDUE02cWJ4MEZmaW12bHNVeURUdGpYUDM0dyUzRCUzRA
www.cadaminuto.com.br/	1970-01-20 08:45:08	Name: cto_bidid Value: -cqDKF9uUjVWbUxHVGppNUNlMjlWZkpCVXRkaVVRbEp5VmhaMmdNUUdESHNaa1d2NTduR2hkODFBVGZqS0xlbG8zRjNvb2czVU1uTUs2OVFJZ3ZlSE1paGlndHclMkJpSldjYUlxaVA0bG5aR0M5ZyUyQlU3JTJCMnRKYmhoZkI5YVBMaCUyRloxTW9H
.mathtag.com/	1970-01-20 08:49:28	Name: uuid Value: 8ae361b7-7481-4a00-9fd8-b96af512b7c9
.m6r.eu/	1970-01-19 23:23:36	Name: test Value: true
.m6r.eu/	1970-01-20 01:33:08	Name: cct Value: 1639412866072
.m6r.eu/	1970-01-20 01:33:08	Name: id Value: 0fb0d2bfdc39fed9c25b383e440517c6
.everesttech.net/	1970-01-20 08:09:08	Name: everest_g_v2 Value: g_surferid~Ybd0ggALojlrTQAz

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
adservice.google.com
adservice.google.de
ae1c800f20d89f05d74130ecb98fb7dc.safeframe.googlesyndication.com
analytics.cadaminuto.com.br
audima.co
audio.audima.co
avm.avantisvideo.com
b1sync.zemanta.com
b77b6f5e3a5b5a17279fa7122d750503.safeframe.googlesyndication.com
bidder.criteo.com
bit.ly
c.bing.com
cdn.avantisvideo.com
cdn.doubleverify.com
cdn.navdmp.com
cdn1.avantisvideo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.smadex.com
cms.analytics.yahoo.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events1.avantisvideo.com
fastlane.rubiconproject.com
firestore.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
img.cadaminuto.com.br
m.addthis.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.rubiconproject.com
play.aniview.com
player.aniview.com
pr-bh.ybp.yahoo.com
prebid.adnxs.com
px.ads.linkedin.com
rtb0.doubleverify.com
s.amazon-adsystem.com
s0.2mdn.net
s7.addthis.com
s8t.teads.tv
script.4dex.io
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
static.avantisvideo.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.mathtag.com
sync.navdmp.com
sync2.navdmp.com
t.co
t.teads.tv
tag.navdmp.com
tags.premiumads.com.br
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tps618.doubleverify.com
tps628.doubleverify.com
tpsc-eu3.doubleverify.com
tracking.m6r.eu
usr.navdmp.com
v1.addthisedge.com
www.cadaminuto.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
s7.addthis.com
sync-tm.everesttech.net
104.107.161.75
104.244.42.197
104.85.0.246
104.85.1.154
142.250.184.194
142.250.184.226
142.250.186.134
142.250.186.162
143.204.98.87
151.101.193.108
151.101.2.49
178.250.0.165
178.250.2.146
18.193.179.35
184.30.24.121
185.29.132.245
185.33.221.90
185.86.138.131
199.187.193.182
2.18.232.7
2.18.233.201
2001:678:cb4:bbbb::11
204.154.111.110
212.82.100.182
23.79.143.124
2600:9000:2156:2800:3:748e:7940:93a1
2600:9000:2156:3800:8:9ed9:9c40:93a1
2600:9000:2156:bc00:1c:38a0:8a40:93a1
2602:803:c003:200::41
2606:4700:20::681a:15f
2606:4700:20::681a:8a9
2606:4700:20::ac43:4a15
2606:4700:3031::6815:5b8f
2606:4700:3034::ac43:de16
2606:4700::6810:135e
2606:4700::6810:ef3
2620:119:50e8:101::9002:f05
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9c
2a02:2638:1::13
2a02:2638::3
2a02:26f0:60:88b::4469
2a02:26f0:60:8a4::2c79
2a02:26f0:6c00:19c::26e5
2a05:d018:d29:3605:ccb:acde:da2f:31fc
3.33.220.150
34.149.12.213
35.244.174.68
37.252.161.190
50.31.142.95
51.89.9.254
52.42.142.109
52.46.154.242
52.48.46.48
62.149.0.72
66.155.71.25
67.199.248.11
69.173.144.165
72.251.244.140
76.223.111.18
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
04791da198db85f0d288f3fac9723eb0e2e5523183a359aefd1f1010935e0f02
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0aec59c0803f49421ffcc6011dc42f89fc1b8f08d525116f1a348b25f362c942
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9922446c735e6bdfced02a4522c6092c5ffe5ceac954c9a09e6e8df0b5b030
0bec953577ff611fc61ffa29cbcdbd12d0f025c4ec418bda8e36918e7f5930a6
113e30ed7d62f56a8334877ae0bba2f6bcff38c46eac9ebb0bc482d1a5b222e5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ad76fb4b3601dd03473fbf2b409d958e1c98874176219884ae67372adc5267
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
192a341d270da81327cdfb94c0c201011c0bcc86c0a9b598053169e5c7d61b91
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e3126f4b1713295ca3a4510ea8a6be422cfe78cc9603dc8351818edcc6a1254
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
22efd5c5c7c805793cfdd261f9bb688a84a3dc996a343c8ff3b7a2c86a2f2a65
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
27fb32285e8a2600b427c147efa1d561f02e949dfa638a00480340a0b16a5ffc
281b837703bcfe56606f7dce0044f01725b5fa444b22f326b24b4cf78fa6b21a
2c6ac8507aa8c7a22d748fa39ff72874a3c862d7461d91b7055c51141e47f966
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
30561c4116adf3801524426f63bcbfe56c855440fa5390fbc09e1e5abb91746d
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
349ce09d0aceb7ea96173c1d73dec16b8405b89453da98274e098491d9bbc180
355dbd55d6b0c58a833bf2dccd44665f768190e11c436de0afcdf996be53cf7c
36c0c8ec2d94cd96be84befb7afb71088c91a5550c9820dd061792f09a807b9b
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3b93824cbdab791dcc1a2fe0c5b34f3b2759d354f9075eacceb4c67418812aec
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d1f9b2d47093179cd4562887361dcaed6da7cc91075743ed6e768d9e91fc344
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d0a4bdc96c431bc57e293029d1ccc94aff164021fbc3942e38b3d4df43d282
429f69b29c558dc7c31e98bf3e06d0940b207638f8b1ffe65a6f8374d0063777
435ab5fee7aff8f86225ab5e8f9c0c4cf82016432ab93295721df5e464c5f51e
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
474118e144accf0ada7019e2a2abe64085b8f8c84589c978a375ea453297fa0c
4ad12268da77c77a50ec33f5771a9ef64d33d53335c03a23b3d459be4544b5c2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c46f3db0c3a352c7797dc4e327b8a4270f60923d01ee6fc1871316eaff82182
4cd97f7cc199f7aa1c3b23ff9e21c46846003a0f7bf986e8e86cf20b6f55727c
4e012a3b95a44b7627384b790fa49ef64906299f7d1c0ca2bd2e643c100eba2f
4fa7d0808391f4006d66b3bb9b01ffae822abedd0ce403834460d81626e33b17
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
54465fe0b05e2deb901b5531e8ef17d4e0dd7aaafd7cddee7b7f47ee594f1e9b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
575afcb369fe859a676133a1a0624c3746ffa286fddfc7d2c228b8fad1a80a09
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5becd33a92036d90d10274c26d5d8af2821bbf8297d30d6343133eba6c8b4924
5bed973be807590dc417b3198008056cd2d5c7f0c1029535ad4a3c11a337d145
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e68754d7f0d50875df26b44faa8f8a82d86be719de23fb19319dbfe5dbf296
63f9cfdc969fcfa0ba6f76de8cc24f3872b1c039b3bb284612242954d7d50f26
646258c0e3b709edb3aa4489aa142ef62cdf4cfa7a7ddbc7c7c752b10ace2831
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66d2d3a3d3aa76a0660fb7c0de89bb58cebddaecdf066484a26ff8dd83053d34
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bcf929b8d955bd27932f75d0b15d5ca2975e4a9a60aaa4ebacaec8f83b9e1bb
71155c62fa97e8e38e2ba4eaa47d56563d65129d2d05420cdcdd0bc3efdcf9bc
715018c214053075d70b38f7a2bc2756d40d3897d3774d0aadb816b6fdb86d35
7345197b597e660c738cafa70ebdec6821036fe485ad67c9f3c29c0c0385c5e6
7595f182d3f1718cda3774ad56670e50f6baf5eb9320e3bbaf71a0019125e485
789cee8b1b73c116de5e34fd53cde9eab8a768411bc9231731fcc6cab753f9d2
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7b97fdca40040900c32d349b9e5a352210e5d704dba6e6b8643c3b81d1cd9a4a
7dd8e22cd43ea04ebe04cbb74bc4242213ccc7e491e9ac645bc09b144fe738db
848f9542f98ad26853abd0026a3c8c28d524e31e2112773ef6b8657a86ab4f25
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8d4bfe51b12bb290dcff62be14e7029e4bd736d66638847cd69f8257a83be7b1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e9af80a7117292b028470d0240b91522e74ee054a48151e6554f8aa1b2d02b9
8fe8677633636b0791f3a04dfc9b99652a51d30bc00092450c34379deee00f2d
92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1
93dc61b6efff0d04e06d826a99bc7db09f4fc3fe2ac0a4161bb5a50a455669b7
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
97e9b984417245777c6c4082fe1e448e483c183a1ba916b60cc9a8fc78d766e5
987003625f0a7205f92a3ab9461a5be4b06ffb8bd045fabbc4c926c6fda28a11
988439009ac67153d4c5c6d4a436d1309fd63790d9109cbd1c3c3faffcb72a6c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ee86af243da0d9b241f2f5c2adf6ec4f728bed1be1aad36337f9a208ecd3b8a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a017571443bb27ca29ee2d9221639df656b0b5f3b0f370fc68aac31fa98ef30c
a022c341461e50e5e93157549e8c3c2485cef872ba39ded734a121470ee0e6c8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bf55ed543cabc1258e643b862f5c35ffbe2186910eb67f4030f482a0680cd5
a5f4df4b4a891fe54c7f385e7402c4249e11a7a3fa8496c7e7df028628ef0645
a705940924a834908c31f9447b78380ffd2ee23021049c43d18088de246ab054
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
acf5a8ec1316a73cfe9de3fce899c49d2e770bd8170a5e2017b445dd424fdd2d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee358310b5136f91e8a325a9edd8b997a1f932324158f0f0372423bc5018040
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7ca5ab62de4c4eef9906aae2ced444ff6df4d3391d9f09d2fa1fbde55503113
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb82fae4ecdbe615b65a3fa94287df262ceb4aeacc3e36def75b7ee8fea38d19
bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e
c0e4c29899d8162c424a4f130cfddb979bfce21b69885a6f4087cb97e0a6cf7e
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99
c26099049a8384d1e39b1ff46ea05561556a6caa6c03bad3c2995c1e1d248ad5
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3887e88aa38108fa504c32cdb5a8a6d774bfc5b7090490297903e873acb0300
c44e54b4d766bdf3de931ba731e0b6d19ca81e440f1562d91b44101381d99ee6
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c7611d990fa2936442cf20b365ffa4ab41607a9ed5af0668c01f8225ac10e47b
c873908807df171dac681a7c9795f82745498b824a7525d79aaccd0b30fcfd3b
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
cb19ebdeca811fb2873e05827caa88cf76251e2d8fd1149008c2512a8e141800
cb9e0b144974816b9927528758390cc58047707dea7411497a8dff1f50fad73b
cc1407cd98f7348965efd8ab9190e1dd01af73faaa0574dcb9936df5400d2d27
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce31a78565b5acde46f61d569714364485b34eab94e65a5cdfb36a8725346c52
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d146304fec35d9e6041e5da14526fd0a2c478e8941906a1e45fc872d31190b85
d1950fe5697646d88798b21ffcc72287ee8f2834dbad51a9b77d226fc2c218f9
d5c3f8780456cf0e542f757c796a4ecb58ec0f217584511969580ba8d51778be
d66fa02830a2f40de12b131be3ee8ae1321c2f88bc7264bbdf071643a47e7542
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
da91800befddd4d71c2a8a949f8e4c3bfe0e5c0dcaeb62ca26b3a3d373d1bd3a
dc3e6fd5d8163e461f9d70fa542f4e3d05b0dc9134e70b144fc5a724ef67c0f0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e10d0419b61c7081ab86071e9d94b62d0e3eaf4250dfcbe91eee6158378f78ad
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4647c0b382d507df5fb300be8550276dcd839305772a6bd85ea97f6c0ae533a
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e70d22dabd1a3c5ce0437439b3fd81b78c60d941dad64005d41d5b186e9a464d
e873ac7aff4b933ec608556a1e2a39d7ac230628a8ba194fb12523d419801e33
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea4f7780392f4165a1fdb5528ca84f4ae6df2007864849900478040be222a45f
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
eda26430dbd58fedf7e2c772bd6e2b344ffe2019e1628c81a39779369bd58a91
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6755f4325220e4fe3e9b785e24e416ab4b98adc1757ac5648d838a9a9ca90b
efd08389bfaebe8d7310b30ce5a03b74bfcfdeaebb9ccdd2735745d2d6cf83da
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f5024c8562f3a22835ff37215291695e61389d804a4e2ca943eece13960daeca
f693f7378370275383c83d6edf23e6ac68ccad9fba805c217040f618c700b85f
f6f7962f61dd8785fe4cc055a6386f1fe3ccd6b8a4e83769091ee9ec91ca9f08
f7473a96bc1be6e95e90ef09ea6b40ce3870fd2f161ae995a3a321bcc8d91c25
f89b76cc0da8365582eebe7368f357244c37599576358f646bb506cba5458147
fb8c210d0a617ffc3acfab996ec9b910223dd739beb4808777f336414a036290
fc93131839d7d8bcccf6d001ac6a4e11ffe7a7986a60869dde3267efcac8baff
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.cadaminuto.com.br Open in urlscan Pro 2606:4700:20::681a:15f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

278 Requests

88 %HTTPS

49 %IPv6

50 Domains

92 Subdomains

66 IPs

9 Countries

3599 kBTransfer

9968 kBSize

56 Cookies

5 Outgoing links

Page URL History

Redirected requests

278 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cadaminuto.com.br Open in urlscan Pro
2606:4700:20::681a:15f Public Scan

Screenshot
Live screenshot

Full Image

278
Requests

88 %
HTTPS

49 %
IPv6

50
Domains

92
Subdomains

66
IPs

9
Countries

3599 kB
Transfer

9968 kB
Size

56
Cookies

278 HTTP transactions
5 data transactions