www.baixaki.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.baixaki.com.br/
Effective URL:
https://www.baixaki.com.br/
Submission: On November 17 via api (November 17th 2023, 9:04:01 pm UTC) from US — Scanned from DE

Summary HTTP 449 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 65 IPs in 8 countries across 56 domains to perform 449 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is www.baixaki.com.br.
TLS certificate: Issued by GlobalSign ECC CloudSSL CA - SHA384 - G3 on May 26th 2023. Valid for: 6 months.

This is the only time www.baixaki.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 86	179.191.182.65 179.191.182.65	52580 (Azion Tec...) (Azion Technologies Ltda.)
8	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4606	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2606:4700:20:... 2606:4700:20::681a:ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6810:ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	4.227.249.197 4.227.249.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	18.245.60.107 18.245.60.107	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2646:ba00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	3.232.12.98 3.232.12.98	14618 (AMAZON-AES) (AMAZON-AES)
9	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 43	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 2	52.51.13.119 52.51.13.119	16509 (AMAZON-02) (AMAZON-02)
1	3.33.153.203 3.33.153.203	16509 (AMAZON-02) (AMAZON-02)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	108.156.60.116 108.156.60.116	16509 (AMAZON-02) (AMAZON-02)
2	52.51.176.114 52.51.176.114	16509 (AMAZON-02) (AMAZON-02)
29	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:20:... 2606:4700:20::ac43:4637	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2600:9000:20a... 2600:9000:20ab:c800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2600:1f18:1ac... 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.95.152.229 13.95.152.229	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 24	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3 3	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	54.154.243.27 54.154.243.27	16509 (AMAZON-02) (AMAZON-02)
2	217.182.178.229 217.182.178.229	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	23.35.233.56 23.35.233.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.214.145.42 35.214.145.42	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.29.179.202 52.29.179.202	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:8101:fe84:3355:65	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
2	23.212.218.19 23.212.218.19	16625 (AKAMAI-AS) (AKAMAI-AS)
3	52.222.214.37 52.222.214.37	16509 (AMAZON-02) (AMAZON-02)
449	65

86 179.191.182.65 (Offenbach, Germany) 1 redirects

ASN52580 (Azion Technologies Ltda., BR)

www.baixaki.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bk.ibxk.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tecmundo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4606 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
disclaimer-api.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:ab (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 4.227.249.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-107.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:ba00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.12.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-12-98.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.13.119 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-13-119.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.153.203 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4b61a47cf5978487.awsglobalaccelerator.com

de2-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-116.ams1.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.176.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-176-114.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4637 (United States)

ASN13335 (CLOUDFLARENET, US)

osp-assets.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20ab:c800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.95.152.229 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.smrk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 216.58.206.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.118 (Loerrach, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.243.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-243-27.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.182.178.229 (France)

ASN16276 (OVH, FR)
PTR: ip229.ip-217-182-178.eu

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.233.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-233-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.145.42 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 42.145.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.179.202 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-179-202.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:8101:fe84:3355:65 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.218.19 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.214.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-37.fra56.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	651 KB
71	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	782 KB
54	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 154 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	567 KB
41	ibxk.com.br bk.ibxk.com.br	112 KB
24	baixaki.com.br 1 redirects www.baixaki.com.br	272 KB
21	tecmundo.com.br www.tecmundo.com.br — Cisco Umbrella Rank: 661344	500 KB
17	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 pixel.adsafeprotected.com — Cisco Umbrella Rank: 736 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	203 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 33424 ad4m.at — Cisco Umbrella Rank: 12394 assets.ad4m.at — Cisco Umbrella Rank: 45800	121 KB
13	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732 dis.criteo.com — Cisco Umbrella Rank: 597	173 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	179 KB
13	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	2 KB
11	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	604 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 u.clarity.ms — Cisco Umbrella Rank: 7536 c.clarity.ms — Cisco Umbrella Rank: 1405	29 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	590 KB
7	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 28178 usr.navdmp.com — Cisco Umbrella Rank: 33544 cdn.navdmp.com — Cisco Umbrella Rank: 7255	13 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	87 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	104 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	4 KB
5	pn.vg cdn.pn.vg — Cisco Umbrella Rank: 120823 osp-assets.pn.vg — Cisco Umbrella Rank: 195184	74 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	2 KB
4	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	2 KB
3	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 872	10 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 746	972 B
3	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 823	248 B
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	2 KB
3	adsrvr.org de2-bid.adsrvr.org — Cisco Umbrella Rank: 13793 insight.adsrvr.org — Cisco Umbrella Rank: 584 match.adsrvr.org — Cisco Umbrella Rank: 353	2 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 18131	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 495	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	957 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 683	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	450 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	10 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 774	89 B
2	360yield.com match.360yield.com — Cisco Umbrella Rank: 2249	397 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 795	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 150954 static-de.ad4mat.net — Cisco Umbrella Rank: 188473	4 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	goadopt.io tag.goadopt.io — Cisco Umbrella Rank: 158703 disclaimer-api.goadopt.io — Cisco Umbrella Rank: 171646	99 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 90716	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 83719	426 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 82742	257 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	762 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	715 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	548 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 940	416 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	608 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	464 B
1	smrk.io p.smrk.io — Cisco Umbrella Rank: 222264	566 B
1	truste.com choices.truste.com — Cisco Umbrella Rank: 883	10 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1376	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1585	15 KB
449	56

	Domain	Requested by
43	tpc.googlesyndication.com	1 redirects 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com googleads.g.doubleclick.net ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com www.baixaki.com.br tpc.googlesyndication.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
41	bk.ibxk.com.br	www.baixaki.com.br
38	imageproxy.eu.criteo.net	ads.eu.criteo.com
29	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
28	pagead2.googlesyndication.com	www.baixaki.com.br pagead2.googlesyndication.com ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
24	cm.g.doubleclick.net	4 redirects ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
24	www.baixaki.com.br	1 redirects www.baixaki.com.br cdn.pn.vg
21	www.tecmundo.com.br	www.baixaki.com.br www.tecmundo.com.br
16	securepubads.g.doubleclick.net	1 redirects www.googletagmanager.com www.tecmundo.com.br securepubads.g.doubleclick.net 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com www.baixaki.com.br
11	www.googletagservices.com	03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com googleads.g.doubleclick.net fw.adsafeprotected.com ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com s0.2mdn.net www.baixaki.com.br
11	www.google.com	2 redirects www.baixaki.com.br ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com tpc.googlesyndication.com
10	dt.adsafeprotected.com	03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com www.baixaki.com.br
9	fonts.gstatic.com	www.tecmundo.com.br fonts.googleapis.com
8	www.googletagmanager.com	www.baixaki.com.br www.googletagmanager.com www.tecmundo.com.br
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.baixaki.com.br ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	s0.2mdn.net	www.baixaki.com.br s0.2mdn.net
6	ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	fonts.googleapis.com	www.tecmundo.com.br ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.baixaki.com.br
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	ad4m.at	as.ad4m.at ad4m.at
4	dis.criteo.com	ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
4	as.ad4m.at	ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	www.gstatic.com	ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com www.baixaki.com.br
4	csm.eu.criteo.net	ads.eu.criteo.com
4	u.clarity.ms	www.clarity.ms
4	cdn.pn.vg	www.googletagmanager.com cdn.pn.vg
3	choices.trustarc.com	choices.truste.com
3	onetag-sys.com	2 redirects ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
3	image6.pubmatic.com	ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
3	dsp.adfarm1.adition.com	3 redirects
3	a.tribalfusion.com	1 redirects ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
3	ad.doubleclick.net	2 redirects www.googletagservices.com
3	static.adsafeprotected.com	03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com pixel.adsafeprotected.com
3	cat.nl3.eu.criteo.com	ads.eu.criteo.com
3	ads.eu.criteo.com	03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
3	03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	tag.navdmp.com	www.googletagmanager.com www.baixaki.com.br tag.navdmp.com
3	www.clarity.ms	www.baixaki.com.br www.clarity.ms
2	www.awin1.com	as.ad4m.at
2	c.clarity.ms	1 redirects
2	pm.w55c.net	2 redirects
2	googleads4.g.doubleclick.net	www.baixaki.com.br
2	secure.adnxs.com	2 redirects
2	eb2.3lift.com	2 redirects
2	ap.lijit.com	2 redirects
2	sync.teads.tv	1 redirects ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
2	ssum-sec.casalemedia.com	2 redirects
2	r.turn.com	ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
2	ad.turn.com	2 redirects
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	ssbsync.smartadserver.com	ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
2	match.360yield.com	ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
2	um.simpli.fi	2 redirects
2	www.googleadservices.com	ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
2	rtb.nl3.eu.criteo.com	03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com www.baixaki.com.br
2	pixel.adsafeprotected.com	03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
2	cdn.navdmp.com	tag.navdmp.com
2	usr.navdmp.com	tag.navdmp.com
2	sb.scorecardresearch.com	www.tecmundo.com.br
2	www.google.de	www.baixaki.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	c.bing.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	csync.loopme.me	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
1	cms.quantserve.com	ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
1	s.tribalfusion.com	ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
1	prod-rtb.ad4mat.net	www.baixaki.com.br
1	rtb.fr3.eu.criteo.com	www.baixaki.com.br
1	p.smrk.io	cdn.pn.vg
1	osp-assets.pn.vg	cdn.pn.vg
1	choices.truste.com	03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
1	insight.adsrvr.org	03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
1	de2-bid.adsrvr.org	03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
1	disclaimer-api.goadopt.io	www.baixaki.com.br
1	ping.chartbeat.net	www.tecmundo.com.br
1	static.chartbeat.com	www.tecmundo.com.br
1	tag.goadopt.io	www.googletagmanager.com
449	88

This site contains links to these domains. Also see Links.

Domain
www.tecmundo.com.br
nzn.io
www.megacurioso.com.br
www.clickjogos.com.br
disneyplus.bn5x.net
amzn.to
net.geo.opera.com
nzn.gupy.io
goadopt.io

Subject Issuer	Validity	Valid
azion.com GlobalSign ECC CloudSSL CA - SHA384 - G3	`2023-05-26` - `2023-12-10`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
pn.vg GTS CA 1P5	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-16`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
smrk.io R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-09-26` - `2023-12-25`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh

This page contains 40 frames:

Primary Page: https://www.baixaki.com.br/
Frame ID: 7E4FFE5D4E14634CA81BE517537D6485
Requests: 115 HTTP requests in this frame

Frame: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Frame ID: 53F7C766B446D8AF695EA8E1D14481A2
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 759E11FD04647C7AF5EF65FBC9C07E98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7019091094896260&output=html&adk=1812271804&adf=3025194257&lmt=1700255033&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.baixaki.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700255033066&bpp=3&bdt=2808&idt=335&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2968005148359&frm=20&pv=2&ga_vid=29021821.1700255033&ga_sid=1700255033&ga_hid=215414781&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078301%2C31079698%2C44807763%2C44808148%2C44808285%2C44809055&oid=2&pvsid=3143800575038114&tmod=89457674&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=378
Frame ID: C18885A9062657C517FEC43F36597106
Requests: 1 HTTP requests in this frame

Frame: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0978E39238F92AABC905329A9E564C55
Requests: 1 HTTP requests in this frame

Frame: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 340E2D6EEAE5723EAABC5676489EE412
Requests: 8 HTTP requests in this frame

Frame: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 30F991FEF4FC7C24195DFE41C1D06470
Requests: 35 HTTP requests in this frame

Frame: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 42E04756DDC72E374874FFC55C772DFC
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVfVOQAMN5oKe6AZAACphxOS5SKNV95IrWRkhA&u=%7CT5r8n43arj2%2FBnMahs3MaGmhpLiNYaW9c6RBkkNEJj4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyRUAeNv4apneUh2EL6ha-6XejKOxrhIXlc8i_xR21Nl0IjfMFfVjUTCXXGW3KrzsqA_IO_ludDri5mQ3mvFtGOvJ4SueMZCcAwrN_ihkU5huesg9mx38Ewb0W2lSDjdfeJpc5BjmA5L3x17_4V8aKjVbgOb45aISxM4Y1dQh2CWwOTpfVp6XWKGRCfuG1A6yeuhJOtfVJKny2xN9XdCc6fxX9yFNLbLIGbvc6c23AbLe3v689cZq9Tm-N4YKsyTx0qZaoeKzdOh2-BFHMi22m4WydnQvRNCIGZYNARhnLjqFz32uyKUdeLkgXieQWy0MGrNdlIZ3UCyyvTDkExVVCoDBVcgzsq4-IujkJ70qyVv_IrFXylN0Z67Giv3WWV50Sr-jpiZ5TmqMbmBJ8OmiqrseQ9ZJOs6A3Esb1GCxyl1ff4J7iayZC8rLQT9jSeC7XYlSm2yzIO1yJhKkHGtF7f-z6u10DKj8sUW_TWkjORgDa-cJiK_XfwtGSk0CMTgozpdtX3fRY22VuamqC8QuJINvZ3m6a3NtzO_FFBl_gmtVvl-E-ZqXjAJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs6gpOdVXZZrvMJnA7gOH04KYAcme0rFc1Z2R93DAjbcBEAEgAGCVsqmCsAeCARdjYS1wdWItMTcxMjQyMDk4OTc2OTc1OMgBCakCAHcZnNREsj7gAgCoAwHIAwKqBL4CT9C_gmGTWQ5Oj77jHTcZfPg3zwCQk2PA8WTotOw_kL5y0VRsao8LV5p15Mw6588Hh6aD8j3FAvdeVdgqlPbha4nwTSvsEq6-qDpIu1PTGeIZzAUHdis2ztiRPhtn27XvMwbJDk69C4ZIXHz-1W56eMJ77wBKFW9sge02ovQSeqDNwxtqFPMeREBpTnDnYs9Y5RsP8gRLJlu-fRFz0Cke7zCzW0fPyHxqPufj2JWb1hbGtXQJyJ1AUdNZBCGAVJw43zSpCzuXjG0XAZj7fI6GgaaFVXQSBM6bX771csQtSgwTJtiT99lEri_T07hppklqdte1p9mIN8RrjmN-P7UfrPpCV2gkz7ffov5Ks3ULZF8jGNhdxkWZc-bfI4QP8ljLyC3ricXAXjVW6pat1kfTg8lEseK8fs-Kn64y9xay4AQBgAa2ypLfn6janpYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHiDRMIldbDyvfLggMVGaB7Ch2HqQAT0BUBgBcB%26num%3D1%26sig%3DAOD64_1biGLEY_MB8Dy1CPhAvckqVGRqzQ%26client%3Dca-pub-1712420989769758%26adurl%3D
Frame ID: 6862D66B9F2734239BC9912735968AC2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E9B54F0F67C42157A3D0C05FCEA2CE76
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C3DC3CA2183E62190C74E57691292EC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D2BF76252EEC69A2CCF0EE2A6DB709D1
Requests: 2 HTTP requests in this frame

Frame: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5372F50A49F64B27B5DBB8A58B2F7BAB
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D1A303F2A59F471B5C2F90527176A1D1
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 9C20B4D3B558D6A03FF5B0DB4B43D69E
Requests: 17 HTTP requests in this frame

Frame: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EAFBC9D45EFEBAD56F0C9887067411AB
Requests: 9 HTTP requests in this frame

Frame: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AA2EEDBBBDDB3BB1CCB61F79F5CC58A5
Requests: 9 HTTP requests in this frame

Frame: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A521099839DD6EEC54ED3FEEDC8BE9CC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 47AF3BE447E28E97824483084AE06566
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVfVOgAC6-0Ke7xTAAlctK8LkLPx2kKAi2IAvQ&u=%7CM4oPt2nQRDwUMAMgWAZ9LS%2FAp3%2FM9yUHKDCXrNUZBZU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF6S88U_parnddOln9oo_0N6JiK1k4rFtTc2HkATgykOlcU4lDaIvienmNZK933_AAgtp-3PVjJW6IbZL5mq8_As_WT5vPwOM_S7zI_EeE7q_sl-1O-sYrWKXUrgWdZFV3TorAGbXJQNgHfw4MfY-7lusBqsZDLuC8Wa7gOSieQkykiYI-rAO-FRWxVBak3HK99M10ticQqkXeBodATi361G3rq6F1oYwQ5EtrczvAiiQawtHYXnQ_a3Rsbl-wB3TqTapzWpgkTXlCLwRhr2tJzdil94jbBVAZmqEqY9O5yeF4FEjjPoLgEqrVH4J1nx8jKPpTA7vthNiTkANmwdy2-9hs7nX7pZwLO2Mmw-KtN9J2DNLHe15jZKBt2rFKKPmRc-9jCAD_2dRiZPLnjtQKVws4cRwGX-bz7Bvy4lqx9_PaYRWwjBEbS2DccG8KFhvQzRpPz4tVvsldPiQbpBHrMvxdY27S-BDQL_nuldkJ1_TQ61LKtullWOkeA2v29iRDEQ-CNbQKl-MdiOmPbeRdqRRD1Zh1QhNPurlGx1mGmIg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8Pp9OtVXZe3XC9P47gO0uaW4BMme0rFc1Z2R93DAjbcBEAEgAGCVsqmCsAeCARdjYS1wdWItMTcxMjQyMDk4OTc2OTc1OMgBCakCAHcZnNREsj7gAgCoAwHIAwKqBIECT9A2RUJJvuI63WY4f2E1-sRQ51Rli6uMaYr4g3UD69_eh1btdEABT65kJtuoxm8maIlAasMUfBEfMJ4iE-MnVZOeP0VH7jdyCFatK3ErS52dHc3Po0Qc-TEphfa2xdXei_SC1O3yyc1ThsxZm5_Zxn4dylV7bMfl4wgR0OlBZJ0xewueM85692MVOWW8uSP74xbNHrFxy9Dsy5tVFxc07AmkZiHODjR-5aN4uoCvDY8XrTrWLSSF7L3tzoE0X_CSDm_Yq5DyVWCuPkQrq1hASpvGQHsqLVsuNFhzQGiQBtdy_FfspojAvz9X-mbcT-v11nNKwYPI93q0YzNxG6Le6QfgBAGABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYk6PayvfLggP6CwIIAYAMAeINEwjY7trK98uCAxVTvHsKHbRcCUfQFQGAFwE%26num%3D1%26sig%3DAOD64_0Wm_voKbfCCZwR3HzoU6LakXIqcA%26client%3Dca-pub-1712420989769758%26adurl%3D
Frame ID: 829DC0DA1821B45918BDF69B5F0ED621
Requests: 35 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 84ED23404E30A51203A2D228592B24D1
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVfVOgAC6-4Ke7xTAAlctCqmk-eQyxmqMmgnug&u=%7CM4oPt2nQRDwBrEhK7DEBCgJlfetoHb4xUeoib3%2Bw%2FzI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1H2d8JJFfC7T9me-4wJNNusvUNPP9daZQXaZ7kwzz8hDu9ber1QMpN4Yishz-5XfnV7o-pzCL4grgCo6uw6rHIc9BYzFrXTbk74xHfAGXAheWFr8vBoMQIPeACwnIQavGBmkj3i9iCQdA1dM-RxH3I9kNC5RiYAFcomZ0UiWA5ilTOXmLBpGl1xF4ARJmSV6eFOfNXYBEcVJWU7zrfV1gdT4fiJfvTeKtaup1J1o1Te7osL2W0EgQtc8oYqM-7gCAWBvfjpNCg7uJxizOXpV-07FW52hRSB8BEo1oK8AFa32qAQunGxRHX1NB--6l77sDdfwf_ClC0FnGJRgazv6MizFtqnSc39QPHH0Ylkq_QER26hefHaeWD_fcfVEQ3iqkfOnwwDJELTaSlHG7VZdfOWGfliUZEzhy5YuPZoN6O_xG6LvtnnkQVip-YP29Wi0XTrHXmKQe1o9q9OJEjnSEPAyV0N-n7ygy4Py2rm3L88NehqXKk3-SCiv8MWgClz0BApADB4uOSsL2cXj5Ip5q6NSVvyT0luSIIoXXSq0k1gCd9yJkpRIq7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0qmOtVXZe7XC9P47gO0uaW4BMme0rFc1Z2R93DAjbcBEAEgAGCVsqmCsAeCARdjYS1wdWItMTcxMjQyMDk4OTc2OTc1OMgBCakCAHcZnNREsj7gAgCoAwHIAwKqBPgBT9DkE2HjsarHEyFLy4pk_EvgA8QztkZho5a8FBjCRb20xra36bTmJAmtKzHdrHOR-wgfMA_-DEXuLc0o2MZfT8KiJtuNJJNNfybxp4b_5iw5nIXKu6qcsFaJ78n6oLeJpaGe6UUXTbV9Ik7zfbJPDLiO58TRnogPidDd-sl9XiUHZML-xSQt8_4InW895IKXJG9TWv9Z2Xe9JlPuu7yQ-99xpXj-Dy5t8gt4tY8z8P1Y3wk79fUlVoigGlpc_n9OvVlqQLC1tFrGcMQ5GmNfIzBFJl5P1eHpf7xfCsy_8LRqoFXtFWJJ789gMRZlnyBbCJSka9dUMaXgBAGABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYk6PayvfLggP6CwIIAYAMAeINEwjZ7trK98uCAxVTvHsKHbRcCUfQFQGAFwE%26num%3D1%26sig%3DAOD64_25paL4l2cN8k5z1enl1Swr9vKdNA%26client%3Dca-pub-1712420989769758%26adurl%3D
Frame ID: 690411721B6D231BA1CB2F5B1833A1CE
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CCDAAE9DFE0E662AD046DDC5549C835A
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gpgh5xk4eqwne1hg0k219rzr0avmfj1r3qf16c025dx9e12nta1k0z8aamfbpgznvbdmd39vdmm27x0mgqwbcy8zgyqx7yytxwb2nwkw1aqbtgphv03b391re7ykvecz1yt4fbmc58k4bzm98hcv2rybbn1sht6jfbz65vsdy21666wf6hwzqxqrmdqfh3jjn7vs819fs3yvxsb5z1htegah6eem8s48f6af5gg96czn96g9fds6kv96h5bbkwdg3sqy1dehpyw53m4j6gjwpx8kph2jpss3ma00t7n72rzten1df503tthf0trpgpskx85bgxcsa64hc54je7x187ym93f6e5yfhwm1pvcq3yabx7ndd5by8bdg7qahg2t0yfsx020kq4cgjs9gw8qn8fy5ya1xcmv8qb9hw727v55srdbr6c12&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%26client%3Dca-pub-1712420989769758%26adurl%3D
Frame ID: AB3283C2579EC877D05DE1A5E41114E7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F53868E6E57E4848416B365E57E1E8F1
Requests: 9 HTTP requests in this frame

Frame: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4596164B81F3EA56EB08F844E10FC15D
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3638633087173458953/index.html?ev=01_250
Frame ID: D0FFEBF8DF0B45DCBA6A7F7ABB1F3FFC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B806091D11AF562163D483D0C9A0800C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: C1FC204E540725FA3AE0DAC4E0C1C0E8
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 36672A89F76F2FAAEEB2CE43B728E598
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 231842FB538E7B1FFF294B353C5D88A6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BFF50AB5066026CA8362ECAB96DEF4AC
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A38DD2F29F8ECEB0CBF5D45C53DF077E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 22005C1AD0F8FA7095119BE9B1648B79
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: CAB3B430458C9BF27CE10A0883909963
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=e7a53f204a8b411f6dc6935fb13f329a%2F8367502191538351043&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700255036457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx20m11371c07g2k827g6p8ngmpyymkayqk0c8ze168vb7vptb3n8eg3vky7fh3wx95w0nme8jp7wv2cx8phjdn6t65fc6anneee74xd13t1nhgad8wbkezh6vh4a2bwdvetrpmjrds5ehhrmd1e38g30pbes4ctmdgj9xceh3c3hvpechhsngdzx4mzmgp72cvvv2ba1g3acztf71f59xyqshpq4dpmsn9h293fh4snbpayznaxsyvasy700nvskc8v9wxcaxc2xa6cb50%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%2526client%253Dca-pub-1712420989769758%2526adurl%253D&y=1&s=&z=0
Frame ID: 6D4D5E5177B0D7352B4F5D77CD07EEC4
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BCE965BEAC17F0A76AFBB6CBF90D2158
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9DE76369E21380FE4A752E789237EE4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5148E3A00CAB70488F5E27D62E75C6AE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 21CE77F7C71C84D64F5C6BC2E25C3968
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Baixaki - Milhares de apps e jogos para você

Page URL History Show full URLs

http://www.baixaki.com.br/ HTTP 301
https://www.baixaki.com.br/ Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

449
Requests

94 %
HTTPS

52 %
IPv6

56
Domains

88
Subdomains

65
IPs

8
Countries

5267 kB
Transfer

13573 kB
Size

52
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tecmundo.com.br/videos
Title: TecMundo Videos

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/comparador
Title: Comparador TecMundo

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/teste-de-velocidade.htm
Title: Teste de velocidade

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/cupons
Title: Cupons de desconto

Search URL Search Domain Scan URL

URL: https://nzn.io/#contato
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/

Search URL Search Domain Scan URL

URL: https://www.clickjogos.com.br/

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/blackfriday/hub/?utm_source=bxk&utm_medium=bf23
Title: Na TecFriday você encontra as ofertas mais incríveis em tecnologia.

Search URL Search Domain Scan URL

URL: https://disneyplus.bn5x.net/rQBAev
Title: Disney Plus - Assine a versão anual do Disney Plus e pague o valor referente a 9 meses!

Search URL Search Domain Scan URL

URL: https://amzn.to/40rQs4P
Title: Kindle Unlimited - Teste Kindle Unlimited grátis por 30 dias e tenha acesso a mais de um milhão de ebooks diferentes!

Search URL Search Domain Scan URL

URL: https://net.geo.opera.com/opera/stable/windows?utm_source=nzn&utm_medium=pb&utm_campaign=baixaki
Title: Navegador Opera - Navegação rápida e sem distrações com o bloqueador de anúncios

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/ciencia/273938-tempo-dura-dia-terra-estudo-revela-flutuacoes-precisao.htm
Title: TecmundoQuanto tempo dura um dia na Terra? Estudo revela flutuações com precisão

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/273914-mortal-kombat-1-recebe-nova-arma-letal-soltar-pum-veja-video.htm
Title: VoxelMortal Kombat 1 recebe nova arma letal: soltar pum! Veja vídeo

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/260423-netflix-veja-series-canceladas-2023.htm
Title: Minha SérieNetflix: veja lista com todas as séries canceladas em 2023

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/blackfriday/hub/
Title: Black Friday 2023

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/seguranca/avast-ciberseguranca/?utm_source=tecmundo&utm_medium=cta-canais-exclusivos&utm_campaign=avast-ciberseguranca
Title: Avast Cibersegurança

Search URL Search Domain Scan URL

URL: https://nzn.io/
Title: Sobre

Search URL Search Domain Scan URL

URL: https://nzn.gupy.io/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://nzn.io/termos-de-privacidade/
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://nzn.io/exclusao-dados/
Title: Solicitação de Exclusão de Dados

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie
Title: Minha Série

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/the-brief
Title: The Brief

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel
Title: Voxel

Search URL Search Domain Scan URL

URL: https://goadopt.io/en/porque-aviso/?source=firstLevel
Title: AdOpt

Search URL Search Domain Scan URL

URL: https://nzn.io/termos-de-privacidade
Title: Datenschutz-Bestimmungen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.baixaki.com.br/ HTTP 301
https://www.baixaki.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 180

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1526752/72603760/dcm/dcmads.js?bundleId=www.tecmundo.com.br&ias_dspID=9&ias_campId=bnzq4wb&ias_pubId=pub-1712420989769758&ias_chanId=google&ias_placementId=tcvdzeq&bidurl=www.tecmundo.com.br%2fcomparador&ias_dealId=&adsafe_par&ias_impId=v4~~eadc7262-7069-42d2-af44-bcd598bcd833&adsafe_url=https%3A%2F%2Fwww.baixaki.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.tecmundo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:cfc022dc-bbb4-1d21-a6d2-8345d01df9e1,c:ugtumc,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7bc8d8d488-6z6wl,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:3,mot:0,app:0,maw:0,fm:tVU4QON+111%7C1121%7C113*.1526752-72603760%7C12%7C13%7C14%7C15,idMap:113*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:d0fc38b6-858c-11ee-bfdf-da6811c17afb,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://www.googletagservices.com/dcm/dcmads.js?bundleId=www.tecmundo.com.br

Request Chain 192

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 204

https://securepubads.g.doubleclick.net/pagead/adview?ai=CRWM1OtVXZevXC9P47gO0uaW4BL2Npq9vj86vrL8OrayDrcwFEAEgwqbWG2CVsqmCsAegAbC6odcDyAEJqQIAdxmc1ESyPuACAKgDAcgDywSqBIUCT9Bw2YxQQyoCw37bly6z87aoH7mETRz2kUM2ikcWFWXRZLLk4eD4et1SIXgS3PpJp7b70b2Vm7RGyLgO9SvKUc7Hmq3IDRIe2qMYA7Mg-sVWhCkm7h9rf_tPnn5hJDgkV_Hc3SKXF19FT8R9fnW75mnHrqvCx0U9Rz4YAZw5OtRS5KcV_HVopMMR7d4S_UqDWpUc1NrxaIHRREj7WXzWQdm4SG_pxOpqV-qpA3RAdrfJ5sQKsRYJD0QvBhMucS5sY2YRapnm-6LQbacybfzVwMD5hoqvvxtu32LCjNcyhGTb5CwwzUX0plO_DUdYfritbP4RKfKVkB_LknO3CSAVgRn4cYeBwASZnqmq4APgBAGIBfjE1Og2kgUECAQYAZIFBAgFGASgBi6AB8X3rT6oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQiJ0G0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliTo9rK98uCA5oJPGh0dHBzOi8vd3d3LmtheWFrLmRlL3NlbWkvZ2RudGV4dC9mbGlnaHRfZ2VuZXJhbC9hbnkvZGUuaHRtbIAKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMI1u7ayvfLggMVU7x7Ch20XAlH2BMMiBQC0BUBgBcBshceChwIABIUcHViLTcwMTkwOTEwOTQ4OTYyNjAY0sAW&sigh=s1r_fWXdFKc&uach_m=[UACH]&ase=2&cid=CAQSOwDICaaNlgTI2xS0d556OoIP1qgsnDKotuzH5Sw5A4dB14H8Py1HsRElFVpA-9namtrggy1SDuOZ7mvbGAE&template_id=494&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225952855305177679%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214631453557654319985%22}&andc=true

Request Chain 213

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 264

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBLYZZJw1U3SyW1c7W5_rRk&google_cver=1&google_push=AXcoOmQhlXZqzlS8cFTDc_cjwJK5DQnxabR6RKxLsvGzXEfsEdxD7O0OeXTw71UU5SzuZyyeh8zXM2MznGh3sJEixhMtIrOzyI2b&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQhlXZqzlS8cFTDc_cjwJK5DQnxabR6RKxLsvGzXEfsEdxD7O0OeXTw71UU5SzuZyyeh8zXM2MznGh3sJEixhMtIrOzyI2b%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBLYZZJw1U3SyW1c7W5_rRk&google_cver=1&google_push=AXcoOmQhlXZqzlS8cFTDc_cjwJK5DQnxabR6RKxLsvGzXEfsEdxD7O0OeXTw71UU5SzuZyyeh8zXM2MznGh3sJEixhMtIrOzyI2b&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQhlXZqzlS8cFTDc_cjwJK5DQnxabR6RKxLsvGzXEfsEdxD7O0OeXTw71UU5SzuZyyeh8zXM2MznGh3sJEixhMtIrOzyI2b%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 265

https://um.simpli.fi/gp_match?google_gid=CAESEG1Z6KWLC_FLlykk2nrAR30&google_cver=1&google_push=AXcoOmRyNKGdJPpS4hnaQL81ljnBEMgTR-l9_qbP_buzXlNERNIYi8Wdb2YLPILxYKobBJ-pHwFttM5UoVHgMdj_jx9WE-Yi1f0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34EC05656B0D485CBCF49A4ACF2D99CF&google_push=AXcoOmRyNKGdJPpS4hnaQL81ljnBEMgTR-l9_qbP_buzXlNERNIYi8Wdb2YLPILxYKobBJ-pHwFttM5UoVHgMdj_jx9WE-Yi1f0

Request Chain 266

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN4DWPTsg2EVOOpC8LbRfco&google_cver=1&google_push=AXcoOmSNeZqOOpgUV3KafQ5sOrL74UZMmXDt9-zxcUiny2uD_tydH8hqpCURZFtdnVaf2qghtZteiBeF8UBIV-2xzyRjZ6lufTKC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjUzOTc3MDE5MjMyODg2NA%3D%3D&google_push=AXcoOmSNeZqOOpgUV3KafQ5sOrL74UZMmXDt9-zxcUiny2uD_tydH8hqpCURZFtdnVaf2qghtZteiBeF8UBIV-2xzyRjZ6lufTKC

Request Chain 295

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEELPEHEAfvmYcNasTM3bhqc&google_cver=1&google_push=AXcoOmQfP8dhD96dgq1gYUmTg09f0BXhXZPw2WLB2VXfdEVmQa6PfG6mP86p5uJZbCQY_xVgvkdXpqyFT1zOPWGyiYeKFlNwlZXzcA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUxOTUzODgwMDk2MjQ5OTU5Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB9jZeKKOSpzj-DaiWedPQU&google_cver=1

Request Chain 297

https://um.simpli.fi/gp_match?google_gid=CAESEG1Z6KWLC_FLlykk2nrAR30&google_cver=1&google_push=AXcoOmSXroSIiFj3YqL4Vj72n-We-eCuc_UZYjEZSRFUxFG_Rx88U7NClTQV9Euu3_y0a9QqZwErOoHrbpefwRgtayaLyL33HtQeaA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34EC05656B0D485CBCF49A4ACF2D99CF&google_push=AXcoOmSXroSIiFj3YqL4Vj72n-We-eCuc_UZYjEZSRFUxFG_Rx88U7NClTQV9Euu3_y0a9QqZwErOoHrbpefwRgtayaLyL33HtQeaA

Request Chain 298

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN4DWPTsg2EVOOpC8LbRfco&google_cver=1&google_push=AXcoOmTOaz5-Y40UEx7GXFLcCOQWO11itYFqFJ3DyUrnPZbDdI8kbytT9-tZQpg9O8P2ukvclUPPkH63I0wn403VRB6w4FOAytKOfQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjUzOTc3MDE5MjMyODg2NA%3D%3D&google_push=AXcoOmTOaz5-Y40UEx7GXFLcCOQWO11itYFqFJ3DyUrnPZbDdI8kbytT9-tZQpg9O8P2ukvclUPPkH63I0wn403VRB6w4FOAytKOfQ

Request Chain 300

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEElsPnrp_4oWxVJseEo9gJs&google_cver=1&google_push=AXcoOmQNZRB46gmqxMCyQhQ5OvkJZX2aGZtLBvULv17uJIOlIRLhPVDOVggHn-SitT9YrxUb_M5DOUdNR-LYmTiE29xiPQEQgWnA5w HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEElsPnrp_4oWxVJseEo9gJs&google_push=AXcoOmQNZRB46gmqxMCyQhQ5OvkJZX2aGZtLBvULv17uJIOlIRLhPVDOVggHn-SitT9YrxUb_M5DOUdNR-LYmTiE29xiPQEQgWnA5w&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEElsPnrp_4oWxVJseEo9gJs&google_hm=ZVfVO3IFLNabKqLTmo5JVwAABHYAAAAB&google_nid=index&google_push=AXcoOmQNZRB46gmqxMCyQhQ5OvkJZX2aGZtLBvULv17uJIOlIRLhPVDOVggHn-SitT9YrxUb_M5DOUdNR-LYmTiE29xiPQEQgWnA5w

Request Chain 301

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPOCzxrAyPJ0G57cqV8ZliU&google_cver=1&google_push=AXcoOmRng-Hx0oEtKAbgG4wZLfL_GDtCTKyD29ZykXR-jvOvsX1wbXrNiEVegfk4LJmbOSh5jU4zV_A3Sv2gkkwySablpJ8qkwiFJco HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRng-Hx0oEtKAbgG4wZLfL_GDtCTKyD29ZykXR-jvOvsX1wbXrNiEVegfk4LJmbOSh5jU4zV_A3Sv2gkkwySablpJ8qkwiFJco HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 305

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEP5O9x_bZx4nLa-awoFW4kU&google_cver=1&google_push=AXcoOmTGeRIxIulk7us9atF0iZHXD1H1TLhk5La20YwqhcZQD0qpZTVg3FbeiQCs24Fr0fgVQdOkY46DOScz8t5sG1WRVSEEzjdAjQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTGeRIxIulk7us9atF0iZHXD1H1TLhk5La20YwqhcZQD0qpZTVg3FbeiQCs24Fr0fgVQdOkY46DOScz8t5sG1WRVSEEzjdAjQ&google_hm=MRBxwauLTgayqmIz3Aaa42g

Request Chain 308

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEL8tYrlvUS5HgCmUN99diMc&google_cver=1&google_push=AXcoOmQBxPNwRWu8XOkYsS1TGBrRXFz8UXvmh2RHhAEwdT1vumJacTO1sR4y0wbvxWMRfZpm3R8T5Y5Hg1-S43xS6OJK0iJ34uGdtw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQBxPNwRWu8XOkYsS1TGBrRXFz8UXvmh2RHhAEwdT1vumJacTO1sR4y0wbvxWMRfZpm3R8T5Y5Hg1-S43xS6OJK0iJ34uGdtw HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 309

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEGaQWqpLoeOtJaAqx8rhP_c&google_cver=1&google_push=AXcoOmRGojI2wJyzS2h0ngjkFMYJzuZaxjRKrmxNHo7hLHy59Lbw21j4m217EYX3TchXL0ATNpy08822kverskGw_Qa1gGSCrlXDyDk HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=12a94e97-1723-47dc-864d-34bf47b6d412&google_cver=1&google_gid=CAESEGaQWqpLoeOtJaAqx8rhP_c&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRGojI2wJyzS2h0ngjkFMYJzuZaxjRKrmxNHo7hLHy59Lbw21j4m217EYX3TchXL0ATNpy08822kverskGw_Qa1gGSCrlXDyDk&gdpr=${GDPR}

Request Chain 311

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN4DWPTsg2EVOOpC8LbRfco&google_cver=1&google_push=AXcoOmTDBq8oHlsEABGJRqF9j9uZr4dq4XCwSZBownGj_arJ2ajbIRe9YPaj9ZKlQJkNcoU4eY6rbFOHwSB63n-fyOKQwg6agXE8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjUzOTc3MDE5MjMyODg2NA%3D%3D&google_push=AXcoOmTDBq8oHlsEABGJRqF9j9uZr4dq4XCwSZBownGj_arJ2ajbIRe9YPaj9ZKlQJkNcoU4eY6rbFOHwSB63n-fyOKQwg6agXE8

Request Chain 313

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL87tMRAEcRxVKQOoAd8sMU&google_cver=1&google_push=AXcoOmTTEAz-nEKiNM-Pvc-88lpAwyHWUAka59nw7lqleQLaNXbFflAm4ORju3gFk6_Rvs_N7Zng3AmlqyZ99HE5HeI8MXe9nw6wbg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL87tMRAEcRxVKQOoAd8sMU&google_cver=1&google_push=AXcoOmTTEAz-nEKiNM-Pvc-88lpAwyHWUAka59nw7lqleQLaNXbFflAm4ORju3gFk6_Rvs_N7Zng3AmlqyZ99HE5HeI8MXe9nw6wbg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTTEAz-nEKiNM-Pvc-88lpAwyHWUAka59nw7lqleQLaNXbFflAm4ORju3gFk6_Rvs_N7Zng3AmlqyZ99HE5HeI8MXe9nw6wbg&google_hm=HrFvrGZHIS-_ASPXQaWYzBNn

Request Chain 314

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPOCzxrAyPJ0G57cqV8ZliU&google_cver=1&google_push=AXcoOmSYDCGkS3e86V_mNGLVrdRuqLGdxjjz8F9PehoqN5tnQyxSXWcTFSWdcjrc6oqJfihJtvIla50JU8Zeo6ZlxYDLIXxVaCik HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSYDCGkS3e86V_mNGLVrdRuqLGdxjjz8F9PehoqN5tnQyxSXWcTFSWdcjrc6oqJfihJtvIla50JU8Zeo6ZlxYDLIXxVaCik

Request Chain 315

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN4gVxsWtK7qq5cUhcELajU&google_cver=1&google_push=AXcoOmTNf_vEHHW8MTB1jPn_1UDqD9leTrPnls0Fb3gkKHSZt7uiGA8JoR4jn77YhwGA5Ov57uUpSuy9cVbZqDL-SPUs8tsgGslLhg HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTNf_vEHHW8MTB1jPn_1UDqD9leTrPnls0Fb3gkKHSZt7uiGA8JoR4jn77YhwGA5Ov57uUpSuy9cVbZqDL-SPUs8tsgGslLhg&google_gid=CAESEN4gVxsWtK7qq5cUhcELajU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTkxOTAyNDY0MTg1NDUwMDU3MzQ3OA%3D%3D&google_push=AXcoOmTNf_vEHHW8MTB1jPn_1UDqD9leTrPnls0Fb3gkKHSZt7uiGA8JoR4jn77YhwGA5Ov57uUpSuy9cVbZqDL-SPUs8tsgGslLhg

Request Chain 317

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEIByB_9rEQH-kZCiDF_NLWk&google_cver=1&google_push=AXcoOmTRjZyvfbD3acNqxiW_xJYKAvyJKuOrclvAYAH_OuNff-C2R8xQ36yXkG9Svgk8tevEue7TCxJZMEaHGPZLeTrZXePwIY447g HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEIByB_9rEQH-kZCiDF_NLWk%26google_cver%3D1%26google_push%3DAXcoOmTRjZyvfbD3acNqxiW_xJYKAvyJKuOrclvAYAH_OuNff-C2R8xQ36yXkG9Svgk8tevEue7TCxJZMEaHGPZLeTrZXePwIY447g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA4NDI5NzE5MDYwODIyNDgzMw%3D%3D&google_gid=CAESEIByB_9rEQH-kZCiDF_NLWk&google_cver=1&google_push=AXcoOmTRjZyvfbD3acNqxiW_xJYKAvyJKuOrclvAYAH_OuNff-C2R8xQ36yXkG9Svgk8tevEue7TCxJZMEaHGPZLeTrZXePwIY447g

Request Chain 401

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOFoRvSZeXE0ghvMR7GzXjo&google_cver=1&google_push=AXcoOmQl7g1FsLSJHIziP_1uj8ReqJ95YNhOsildRnoj05tibuh5NH2fdW1MB0W_4Z4FPDMJSIzXx7Vqe6cPBEkw3satol6GFoU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUxOTUzODgwMDk2MjQ5OTU5Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB9jZeKKOSpzj-DaiWedPQU&google_cver=1

Request Chain 402

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELR0yWyEhdatFxfZhYPrxYQ&google_cver=1&google_push=AXcoOmQYFCn9FdFlUXZde2QdnA2SGSvv79xgYRWa-SUcXCFh8kMlc6n07qXK6MIEUU8popBvpfNPy4nlijCKQakK5gVOFpV5_VIT HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELR0yWyEhdatFxfZhYPrxYQ&google_cver=1&google_push=AXcoOmQYFCn9FdFlUXZde2QdnA2SGSvv79xgYRWa-SUcXCFh8kMlc6n07qXK6MIEUU8popBvpfNPy4nlijCKQakK5gVOFpV5_VIT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MTVoR05mMmUxUjQ2MGs1&google_gid=CAESELR0yWyEhdatFxfZhYPrxYQ&google_cver=1&google_push=AXcoOmQYFCn9FdFlUXZde2QdnA2SGSvv79xgYRWa-SUcXCFh8kMlc6n07qXK6MIEUU8popBvpfNPy4nlijCKQakK5gVOFpV5_VIT

Request Chain 404

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAgb-gLFreM3IlT8u6MlOxs&google_cver=1&google_push=AXcoOmRyMeIU0LHGS1wZ2HyxHFbkyts84Hno_Yi1htpv-4QU4gXtcBNliaO-skoQGTyKt15oXODtAi1FLAsrr4VvuWcQ4xr2vsPV HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VzaV8-hUSQEVeve4Imc4-A&google_push=AXcoOmRyMeIU0LHGS1wZ2HyxHFbkyts84Hno_Yi1htpv-4QU4gXtcBNliaO-skoQGTyKt15oXODtAi1FLAsrr4VvuWcQ4xr2vsPV

Request Chain 405

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELHi9MTIwn2IfsXbwKk4Iz8&google_cver=1&google_push=AXcoOmSj7QFRrfkuJYwfP6jC3rqu2axwMh6xZIQC5no_ZqKc4ZJoZJQyRJU3f-1FarljPPn7rDqbuBJt68TChQFISLkI0nM-fBOh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSj7QFRrfkuJYwfP6jC3rqu2axwMh6xZIQC5no_ZqKc4ZJoZJQyRJU3f-1FarljPPn7rDqbuBJt68TChQFISLkI0nM-fBOh&google_hm=eS1FRmFPTllCRTJwR2RkRm5KOGwwY3JKYWExNUVZcUouUn5B

Request Chain 410

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 419

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C4A04B2C938E401EBFFA20C3FBA3FEF7&RedC=c.clarity.ms&MXFR=1DC42CC8510262A9133D3F0455026C82 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4A04B2C938E401EBFFA20C3FBA3FEF7&MUID=3D09EC861E7C62923095FF4A1FF763C9

Request Chain 435

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CK-l8sv3y4IDFcuS_QcdXJULIQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023111722035690618131523X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023111722035690618131523X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

449 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.baixaki.com.br/
Redirect Chain

http://www.baixaki.com.br/
https://www.baixaki.com.br/

203 KB
31 KB

266ms
184ms

Document
text/html

179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

/ Next.js

Resource Hash

8e9f4df0f7d0bbb8361f39c090fd4438739ab2b83b3aa87a154834a98c63ffff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 21:03:50 GMT
expires: Fri, 17 Nov 2023 21:08:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
version: 3.0.4
x-nextjs-cache: HIT
x-powered-by: Next.js

Redirect headers

Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 17 Nov 2023 21:03:49 GMT
Expires: Fri, 17 Nov 2023 21:08:49 GMT
Location: https://www.baixaki.com.br/
Server: azion webserver

GET
H2 200 27152529195012.png
bk.ibxk.com.br/2023/10/27/ 10 KB
10 KB 2232ms
1409ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/10/27/27152529195012.png?ims=400x300
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1d8198ecb56a757c0e632f50685fc63d575c4a6409685798652989a46f055c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 28296
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 9896
expires: Sat, 28 Oct 2023 18:27:51 GMT

GET
H2 200 f9bc0d62fd0adc4a.css
www.baixaki.com.br/_next/static/css/ 14 KB
3 KB 133ms
132ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/css/f9bc0d62fd0adc4a.css

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

8a657fe831072589b2cbb415c5f52c937c97927190f63cab58bff2f6b6aadb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:50 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 09 Nov 2023 18:59:19 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:50 GMT

GET
H2 200 9a1e30072b12ed16.css
www.baixaki.com.br/_next/static/css/ 12 KB
4 KB 264ms
264ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/css/9a1e30072b12ed16.css

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

f1e0fee79d0e7f71cd351a14cc1fa636c96cab2b528b0f063a2f019f33afb0d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:50 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 09 Nov 2023 18:59:19 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:50 GMT

GET
H2 200 c99e2bd6d429f7bb.css
www.baixaki.com.br/_next/static/css/ 124 B
386 B 347ms
347ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/css/c99e2bd6d429f7bb.css

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

b0533929c94679e1764e59854df5b4c35f25e12f2441858f1387a13c80c13303

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 12:45:33 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:50 GMT

GET
H2 200 2c2dfa59234d7097.css
www.baixaki.com.br/_next/static/css/ 1 KB
643 B 426ms
426ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/css/2c2dfa59234d7097.css

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

f5904bd549353572027cc444a4a12473c04717561b0a3bbe70f09bb26331227f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:50 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 09 Nov 2023 18:59:19 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:50 GMT

GET
H2 200 5360.ba2cdf142814fdf0.js Show response
www.baixaki.com.br/_next/static/chunks/ 8 KB
3 KB 550ms
546ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/5360.ba2cdf142814fdf0.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

c9eff84f192229df9e7d510b1d8d7111ec0a39287a68ad6391c565110fb3a8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:50 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 14:10:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:50 GMT

GET
H2 200 5192.1995a323f46bc42a.js Show response
www.baixaki.com.br/_next/static/chunks/ 6 KB
2 KB 620ms
616ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/5192.1995a323f46bc42a.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

cdd1c789e974fbfc4ca7d8545db65e1149e2154c1aa78398598f2d4fb16ae02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:50 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 09 Nov 2023 18:59:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:50 GMT

GET
H2 200 5667.ff0c60e8e0e46189.js Show response
www.baixaki.com.br/_next/static/chunks/ 378 B
538 B 743ms
739ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/5667.ff0c60e8e0e46189.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

e5d9b42644509e0035e0fc807ddef46ef15a3da90d12c8ebf93461123384570d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 12:45:33 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:50 GMT

GET
H2 200 9370.a198f17fc359d2ab.js Show response
www.baixaki.com.br/_next/static/chunks/ 81 KB
28 KB 830ms
826ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/9370.a198f17fc359d2ab.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

f805dd01878296d8d30d229360f2d27db297cc3dc9c66735962843e7786159f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:51 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 14:10:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:51 GMT

GET
H2 200 6165.e4e0e706e2fdff0e.js Show response
www.baixaki.com.br/_next/static/chunks/ 13 KB
5 KB 904ms
900ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/6165.e4e0e706e2fdff0e.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

a4aa692f7c38464f7803ed2ce5c80b48c94bfaa369448780cec6a21a8694663e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:51 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 09 Nov 2023 18:59:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:51 GMT

GET
H2 200 1733.f561ad338f887001.js Show response
www.baixaki.com.br/_next/static/chunks/ 3 KB
2 KB 1035ms
1032ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/1733.f561ad338f887001.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

eabd3e9e62dea0c3e2c7540f976cdf699a5ceb9e1592d41d29288666b804edde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:51 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 09 Nov 2023 18:59:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:51 GMT

GET
H2 200 4321.a85b233abcd80b48.js Show response
www.baixaki.com.br/_next/static/chunks/ 977 B
776 B 1119ms
1116ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/4321.a85b233abcd80b48.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

5e1f9788804e56603b28fd1c5f6d7921742d055c9d6410e70cc968ae26869b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 09 Nov 2023 18:59:19 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:51 GMT

GET
H2 200 7977.48481e262407791c.js Show response
www.baixaki.com.br/_next/static/chunks/ 31 KB
8 KB 1201ms
1198ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/7977.48481e262407791c.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

fa001b35724882aa2decade92d44cfd39bd90da9018a0b9a984f4e710a8fc40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:51 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 31 Oct 2023 12:45:33 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:51 GMT

GET
H2 200 7210.d429157401b8f9fe.js Show response
www.baixaki.com.br/_next/static/chunks/ 5 KB
2 KB 1333ms
1330ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/7210.d429157401b8f9fe.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

a3e09d1bb70875f7caff071153acb9ed39a65d1bddd906826658895b5fc5f660

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:51 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 14 Nov 2023 16:31:36 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:51 GMT

GET
H2 200 webpack-75917d9e8701d813.js Show response
www.baixaki.com.br/_next/static/chunks/ 6 KB
3 KB 1404ms
1401ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/webpack-75917d9e8701d813.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

e470ce9d3528e853537125739960327ef964b2a5a397080630a12a8a8cd7f573

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:51 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 14 Nov 2023 18:37:53 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:51 GMT

GET
H2 200 main-bc4332a6d061cb1e.js Show response
www.baixaki.com.br/_next/static/chunks/ 130 KB
40 KB 1531ms
1529ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/main-bc4332a6d061cb1e.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

eb26702f8f6453f01431da6b65c2b0e2a9851bd365bd1591ee8fec1e1d30fea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:51 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 14:10:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:51 GMT

GET
H2 200 _app-40c7488e5a55c1cd.js Show response
www.baixaki.com.br/_next/static/chunks/pages/ 240 KB
76 KB 1617ms
1615ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/pages/_app-40c7488e5a55c1cd.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

0e3124c571d42b81a3f179b9d9ebac0adeb9b8ed0034fd8b3d027d223c8642f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:51 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 14 Nov 2023 16:31:36 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:51 GMT

GET
H2 200 7899-8ff7a6b4611fdbc1.js Show response
www.baixaki.com.br/_next/static/chunks/ 8 KB
4 KB 1696ms
1693ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/7899-8ff7a6b4611fdbc1.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

053dc0b1a4cf06c65e6447715a0848e39197b11039e6d98246df3d25ff5f5e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:51 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 09 Nov 2023 18:59:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:51 GMT

GET
H2 200 177-89dcbb9480015c7b.js Show response
www.baixaki.com.br/_next/static/chunks/ 182 KB
51 KB 1823ms
1821ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/177-89dcbb9480015c7b.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

157b0c2526e0f70d90786061cdc99fe46708e08e02740a4fcf996474c3a45954

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:52 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 09 Nov 2023 18:59:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:52 GMT

GET
H2 200 index-49b598cafc681950.js Show response
www.baixaki.com.br/_next/static/chunks/pages/ 23 KB
6 KB 1903ms
1901ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/pages/index-49b598cafc681950.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

9f1e2010ffc7b59273c6fa68a929b5317e41caaaa25809ee021f0b11eed7cd43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:52 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 14 Nov 2023 16:31:36 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:52 GMT

GET
H2 200 _buildManifest.js Show response
www.baixaki.com.br/_next/static/SQN5ITw4vfsqGsBBERFgE/ 3 KB
1 KB 2025ms
2024ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/SQN5ITw4vfsqGsBBERFgE/_buildManifest.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

6afc65cd1dbf5d6450360c53dde94ae10d31b8c1dbd630a94f01e461c52b1320

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:52 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 14 Nov 2023 18:37:53 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:52 GMT

GET
H2 200 _ssgManifest.js Show response
www.baixaki.com.br/_next/static/SQN5ITw4vfsqGsBBERFgE/ 374 B
453 B 2114ms
2113ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/SQN5ITw4vfsqGsBBERFgE/_ssgManifest.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

b8fb8c87ad9bb7aa9d223693f8c0d1d3d671f6471cb0fb71c11247653217abfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 14 Nov 2023 18:38:55 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:52 GMT

GET
H2 200 17180102227005.png
bk.ibxk.com.br/2023/02/17/ 1 KB
1 KB 2211ms
1409ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/17/17180102227005.png?ims=fit-in/76x64
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 6a61e2152bb0f50b52ed1d49a51f9095edcb2c8a11bc0ba5bc73516a0f3d0612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 690
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1266
expires: Tue, 12 Sep 2023 11:34:22 GMT

GET
H2 200 17180102242009.png
bk.ibxk.com.br/2023/02/17/ 962 B
1 KB 2211ms
1410ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/17/17180102242009.png?ims=fit-in/76x64
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 383c0ebf36d7f49984d2e8e5772c7c987126b636e7f888010d1cac9d8c4d07cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 760
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 962
expires: Wed, 06 Sep 2023 19:42:32 GMT

GET
H2 200 17180102242008.png
bk.ibxk.com.br/2023/02/17/ 784 B
932 B 2212ms
1410ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/17/17180102242008.png?ims=fit-in/76x64
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: ba3c2c7f509173ab6a5052f8f2ce9fed59da307a1e1c3a3e0a29b5e3012b5d70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 777
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 784
expires: Wed, 06 Sep 2023 19:50:38 GMT

GET
H2 200 17180102227007.png
bk.ibxk.com.br/2023/02/17/ 908 B
1 KB 2212ms
1410ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/17/17180102227007.png?ims=fit-in/76x64
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 75db0d81ecaef7357e8399d89b5274a42f5f2b8827c5141c68a15413c4cd6177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 665
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 908
expires: Tue, 12 Sep 2023 11:34:23 GMT

GET
H2 200 08111936759001.png
bk.ibxk.com.br/2023/11/08/ 2 KB
2 KB 2212ms
1411ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/08/08111936759001.png?ims=fit-in/120x33
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3c9a00c2cd0e54ba2ea5898897ab0a23d1549653889faee464b1da81e70d853f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 1087
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1662
expires: Thu, 09 Nov 2023 14:26:04 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4e474f1050d67e8203653858209ae1a670c9e13a343acfeab863111ccb4b165

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 153 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79ed2e084714116ec490bae4fda28bab0a0c793c9f76bd3ca7261b69ffd27899

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 14194056736000.png
bk.ibxk.com.br/2023/06/14/ 13 KB
13 KB 1773ms
1408ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/06/14/14194056736000.png?id=sprite-tm
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/_next/static/css/f9bc0d62fd0adc4a.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 0b5aa49b400f84b30a5cfb6ba1905f95c719db126e51bf83424b17c5b30eaf4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 8534
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 13130
expires: Thu, 09 Nov 2023 13:25:12 GMT

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed40095cbb8a9422dc1720990f3ac67cd3752f0bf432db9feca0288045849369

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaadcba60ae494e13ec2e8abc57dca8e614e86943782044fb387b7f91d9c3cce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 25164635239000.png
bk.ibxk.com.br/2023/09/25/ 2 KB
2 KB 196ms
196ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/09/25/25164635239000.png?ims=400x300
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 5c4d8c1d71cb3f06e376df4cb71bdcd950b29f9f84f7a6a7a278c220a480ccd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 954
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1602
expires: Fri, 06 Oct 2023 21:02:31 GMT

GET
H2 200 07175154326015.jpg
bk.ibxk.com.br/2023/08/07/ 1 KB
2 KB 1762ms
1406ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/07/07175154326015.jpg?ims=50x50
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 0d199267e69e6bfa9bdbeb33ceadd2e54f323160457e09c7b0ccadc02645da59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 12736
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1398
expires: Wed, 06 Sep 2023 12:03:22 GMT

GET
H2 200 24134647326055.png
bk.ibxk.com.br/2023/08/24/ 3 KB
3 KB 1764ms
1408ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/24/24134647326055.png?ims=50x50
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 481ac16a35740a6159c1b357029f5eada79ae03070c87d2fc232c4103612e525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 15326
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2650
expires: Tue, 12 Sep 2023 22:47:57 GMT

GET
H2 200 30134149355003.png
bk.ibxk.com.br/2023/08/30/ 872 B
1021 B 49ms
49ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/30/30134149355003.png?ims=50x50
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 60af737c59104af32ed30ce00483c81beaa95b9488f886d09994b2d88e22f760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 11520
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 872
expires: Tue, 12 Sep 2023 22:47:57 GMT

GET
H2 200 13095542946006.jpg
bk.ibxk.com.br/2018/09/13/ 2 KB
2 KB 50ms
49ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2018/09/13/13095542946006.jpg?ims=50x50
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3038c3fbf860a0c460ee0ad00e3f7f85c16403322972e5d8107ca72ff4607659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 24690
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2012
expires: Fri, 20 Oct 2023 14:50:29 GMT

GET
H2 200 15181617589156.jpg
bk.ibxk.com.br/2019/02/15/ 664 B
813 B 50ms
50ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2019/02/15/15181617589156.jpg?ims=50x50
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 443e354b86f086967e160ed266eff20cea7a1e0dce02fb789c48695a8c5da6e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 34869
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 664
expires: Fri, 20 Oct 2023 14:50:28 GMT

GET
H2 200 15134917932005.png
bk.ibxk.com.br/2023/08/15/ 2 KB
2 KB 1761ms
1406ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/15/15134917932005.png?ims=50x50
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: fc5e24bfc2b1d0ea7cf9983b92367e7b56354e70d1dd34f351aecc700d695e38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 42019
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1588
expires: Wed, 06 Sep 2023 12:03:22 GMT

GET
H2 200 24101828553011.png
bk.ibxk.com.br/2023/08/24/ 446 B
594 B 1763ms
1407ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/24/24101828553011.png?ims=50x50
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: de18802894346c57fdea7cf687e7b422d33b6c07ddf0b19a958ffa5a064f0484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 6955
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 446
expires: Tue, 14 Nov 2023 00:00:41 GMT

GET
H2 200 24162007668152.jpg
bk.ibxk.com.br/2023/08/24/ 730 B
878 B 51ms
50ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/24/24162007668152.jpg?ims=50x50
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 4d23f3bae0ca00448172087bf2190cb832b476b82e741c5dd97a27c6374a4514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 3414
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 730
expires: Tue, 12 Sep 2023 22:47:37 GMT

GET
H2 200 31160449638126.png
bk.ibxk.com.br/2023/08/31/ 502 B
650 B 51ms
51ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/31/31160449638126.png?ims=50x50
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: fb96efc9b09625e10915122c15338c83e9c5213699b2a5408de6c30957587480

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 1934
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 502
expires: Tue, 14 Nov 2023 00:00:41 GMT

GET
H2 200 14195310960036.png
bk.ibxk.com.br/2023/08/14/ 748 B
897 B 52ms
51ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/14/14195310960036.png?ims=50x50
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 20dc2a6a39f55cfab55e8a9b3fee0cc77748ee2ddea57d7ff99bbc8c0ac84a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 13842
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 748
expires: Wed, 06 Sep 2023 12:03:22 GMT

GET
H2 200 06150025351006.png
bk.ibxk.com.br/2023/09/06/ 3 KB
3 KB 1761ms
1405ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/09/06/06150025351006.png?ims=75x75
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 7505d7e03d267b06f1f1ce1ab2aa2eeb168acbd9994049a24b42d2016e4c2751

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 10328
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 3052
expires: Thu, 07 Sep 2023 18:01:38 GMT

GET
H2 200 24162007668152.jpg
bk.ibxk.com.br/2023/08/24/ 994 B
1 KB 1764ms
1408ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/24/24162007668152.jpg?ims=75x75
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 9dbad73a13cd0f34233e0d0c731bd075bcc8a66dffb65769abd17a309977b4c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 3414
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 994
expires: Wed, 06 Sep 2023 18:26:40 GMT

GET
H2 200 15181617589156.jpg
bk.ibxk.com.br/2019/02/15/ 958 B
1 KB 1762ms
1407ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2019/02/15/15181617589156.jpg?ims=75x75
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: ef69eca203e040c5282878fa6a9641e5244da268537cb4a90b74c62ce716ee1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 34869
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 958
expires: Wed, 06 Sep 2023 18:26:40 GMT

GET
H2 200 31154355784115.png
bk.ibxk.com.br/2023/08/31/ 1 KB
1 KB 39ms
38ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/31/31154355784115.png?ims=75x75
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 443546b93e8143c9c77865a9d96fc92e48c36b60ac2f0ed43d380500146a15fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 43121
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1148
expires: Wed, 06 Sep 2023 18:33:59 GMT

GET
H2 200 25124318749164.jpg
bk.ibxk.com.br/2014/02/25/ 1 KB
1 KB 40ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2014/02/25/25124318749164.jpg?ims=75x75
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1b4ab8263744686e9216e11aa5806f58c663f897c2664f81b8ece30ff9b02fe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 13027
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1278
expires: Wed, 11 Oct 2023 12:57:39 GMT

GET
H2 200 24101828553011.png
bk.ibxk.com.br/2023/08/24/ 592 B
740 B 40ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/24/24101828553011.png?ims=75x75
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 5504382459f6ba7ed50a72936ea40ea4168323251c8315e633ec6dd1bbecb950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 6955
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 592
expires: Wed, 11 Oct 2023 12:57:39 GMT

GET
H2 200 18133808956021.jpg
bk.ibxk.com.br/2023/08/18/ 902 B
1 KB 41ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/18/18133808956021.jpg?ims=75x75
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: c9cc59f1a54a6a15d83f64d4e84da2750cd868e7a37b1f2bcea7947d90b1e22a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 42736
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 902
expires: Wed, 11 Oct 2023 12:57:39 GMT

GET
H2 200 10101056802001.png
bk.ibxk.com.br/2023/10/10/ 2 KB
2 KB 42ms
41ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/10/10/10101056802001.png?ims=75x75
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 483029fbbed00780659263fea22a08ff4b65193d2679fdf509c96aac743a3c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 6557
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1782
expires: Wed, 11 Oct 2023 13:46:26 GMT

GET
H2 200 14151036678065.png
bk.ibxk.com.br/2023/11/14/ 706 B
854 B 42ms
42ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/14/14151036678065.png?ims=60x60
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 708df249df0671baab45d8d393633244062c6519ab7951f86d3d9ac6c56519f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 4662
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 706
expires: Wed, 15 Nov 2023 18:30:20 GMT

GET
H2 200 14141732058006.png
bk.ibxk.com.br/2023/11/14/ 444 B
592 B 40ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/14/14141732058006.png?ims=60x60
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b841627f57b426c4f559b9afe7f38138d172705417552b9d6c0fb2e2f95d971e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 3448
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 444
expires: Wed, 15 Nov 2023 17:45:32 GMT

GET
H2 200 14135201591003.jpg
bk.ibxk.com.br/2023/11/14/ 878 B
1 KB 41ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/14/14135201591003.jpg?ims=60x60
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 7fb1a63c6cd7a363756f32358ecc30887694ad5bd04c16e1bf7a7b843a824f5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 18433
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 878
expires: Wed, 15 Nov 2023 17:08:39 GMT

GET
H2 200 13200107618019.png
bk.ibxk.com.br/2023/11/13/ 952 B
1 KB 41ms
41ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/13/13200107618019.png?ims=60x60
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 41512f475fbebdd88ac4631b7c88f1af0e2fd015e190dabed7e60d4c3ebb5e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 1955
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 952
expires: Tue, 14 Nov 2023 23:12:30 GMT

GET
H2 200 13122721297003.jpg
bk.ibxk.com.br/2023/11/13/ 1 KB
1 KB 41ms
41ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/13/13122721297003.jpg?ims=60x60
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 84fa7151be61bc8190b134ddbce1fb7cb902869f2864def2da2606e89d4f310f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 45168
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1286
expires: Tue, 14 Nov 2023 16:00:35 GMT

GET
H2 200 13115659690002.png
bk.ibxk.com.br/2023/11/13/ 3 KB
3 KB 40ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/13/13115659690002.png?ims=60x60
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 8bd3bd8dbf5050ebd0673bf97ee05b98f6ab2f72fd555e4f63c879817dc809c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 19832
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2608
expires: Tue, 14 Nov 2023 15:09:03 GMT

GET
H2 200 21142524737006.png
bk.ibxk.com.br/2023/09/21/ 3 KB
3 KB 40ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/09/21/21142524737006.png
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 612e1798abdd89f6ebd02453e5f80f5bcee4583b21214c5f56470cc2a1fdabb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 34739
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 3330
expires: Tue, 26 Sep 2023 18:20:16 GMT

GET
H2 200 20185202749022.png
bk.ibxk.com.br/2023/09/20/ 2 KB
2 KB 183ms
181ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/09/20/20185202749022.png
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d03bf52989264bbd0fa6fb8e5a5a77278c8ab1364ae575509a233e56c32e29f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 13928
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1800
expires: Thu, 21 Sep 2023 21:52:04 GMT

GET
H2 200 05093540221001.png
bk.ibxk.com.br/2023/09/05/ 6 KB
6 KB 183ms
181ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/09/05/05093540221001.png
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: ce0cab8045845ffbf253a8ad09c2957f114e082a60234b6848dbc9d7d08c9d2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 73495
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 5898
expires: Wed, 06 Sep 2023 12:35:43 GMT

GET
H2 200 28172553025105.png
bk.ibxk.com.br/2023/08/28/ 7 KB
7 KB 183ms
182ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/28/28172553025105.png
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 0602336e0a9d0caf9876031607786b5ebf33f3031722078fef6129a6110423e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 66045
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 7424
expires: Sat, 02 Sep 2023 12:48:58 GMT

GET
H2 200 13193802214016.jpg
bk.ibxk.com.br/2023/11/13/ 1 KB
1 KB 184ms
182ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/13/13193802214016.jpg?ims=80x80
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 4c6b41fa6d7b12bbb62f08baa66a1da5c3e23f4de9a364b45e20c34a05b13cfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 4563
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1246
expires: Tue, 14 Nov 2023 22:46:32 GMT

GET
H2 200 07154941632008.jpg
bk.ibxk.com.br/2023/11/07/ 1 KB
1 KB 184ms
182ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/07/07154941632008.jpg?ims=80x80
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 13f6f85860befcef4c9588120dc7d2027b7542a11469dbc17cc800681faad4e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 37112
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1370
expires: Wed, 08 Nov 2023 19:05:01 GMT

GET
H2 200 11151736214001.png
bk.ibxk.com.br/2023/08/11/ 2 KB
2 KB 184ms
183ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/11/11151736214001.png?ims=80x80
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: ffa92dc331c410155a0c720e5c33d31928aee6769ee9a12b55d7cbf0ec2e2c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 9504
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1770
expires: Sat, 21 Oct 2023 22:23:04 GMT

GET
H2 200 14175950167030.png
bk.ibxk.com.br/2023/08/14/ 2 KB
2 KB 40ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/14/14175950167030.png?ims=80x80
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: f0407e146bcebab46829dd76ad972189e6153391f9a2f2e30cff965b303d48a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 7767
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2108
expires: Wed, 06 Sep 2023 14:09:58 GMT

GET
H2 200 05163022275004.jpg
bk.ibxk.com.br/2023/10/05/ 24 KB
24 KB 175ms
175ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/10/05/05163022275004.jpg?ims=400x300
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: a00abff46408f55fc957f1f4ad379071c0c0f42c9aadfad18eb927e8c5861f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
server: Azion IMS
x-original-image-size: 27878
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 24514
expires: Fri, 06 Oct 2023 21:11:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 247 KB
82 KB 152ms
66ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0ef2abbbd1a1057070e79ccf5cc3f569f1f1b621c65c718c030b67de8e5fbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 21:03:52 GMT

GET
H2 200 / Show response
www.tecmundo.com.br/comparador/ Frame 53F7 169 KB
18 KB 919ms
49ms Document
text/html 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/_next/static/chunks/pages/index-49b598cafc681950.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Apache /

Resource Hash

fec83bc9c8c355001a36a720d247a3d23de565dd6adb753f516ad5b42c950a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: max-age=300
content-encoding: gzip
content-language: pt-BR
content-length: 17782
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 21:03:53 GMT
expires: Fri, 17 Nov 2023 21:08:53 GMT
server: Apache
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding Accept-Encoding, User-Agent
version: 2.10.13

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
91 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6e767d8ab7203cc31cd0e2deb23d30d2e2dbdb4221e645da511661b09de66d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93400
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 21:03:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 19:49:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4452
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 17 Nov 2023 21:49:40 GMT

GET
H2 200 injector.js Show response
tag.goadopt.io/ 320 KB
98 KB 1332ms
1228ms Script
text/javascript 2606:4700:20::ac43:4606
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.goadopt.io/injector.js?website_code=a8b131a9-d7fb-4185-b074-da8dd2ac7aa8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 681af2e622c8759c97e9b12caf6b31e16a6849dce4e1567ae7be4a3c1e5e2f33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Nov 2023 21:03:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKyal9EZNcVj0SGgyUjI4%2F0tHahNyQv1BYzvazNfg8lVeKsl7xBLMDB1Dn7Dm5lMu75uOvaryCxm%2Bck2%2B5738dd12WYvIHKMpJ5Um%2BFk5G%2B9FSE1jbOoGFt%2Fk%2ByZkjv0wTujXlY158yH7Uyz"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=120
access-control-allow-credentials: true
cf-ray: 827aec424c9f373e-FRA
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:

GET
H2 200 cmm3u97hf1 Show response
www.clarity.ms/tag/ 700 B
1 KB 244ms
128ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/cmm3u97hf1?ref=gtm2
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ad45ebf3c0ff695b7d6b90a8daf2a565af7783ac1f389351b7a24801359376f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: -1
date: Fri, 17 Nov 2023 21:03:52 GMT
x-azure-ref: 20231117T210352Z-1t9x12bk8d77d3u7t34dezyv2c000000013000000000m7aw
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 700
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 cmm3u97hf1 Show response
www.clarity.ms/tag/ 650 B
1011 B 256ms
140ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/cmm3u97hf1
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3e7329ebb006b74d985f1ccf79086b0ad32d2378c7bca32167e17713404e093

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: -1
date: Fri, 17 Nov 2023 21:03:52 GMT
x-azure-ref: 20231117T210352Z-1t9x12bk8d77d3u7t34dezyv2c000000013000000000m7ax
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 pushnews-launcher.js Show response
cdn.pn.vg/push/ 923 B
1 KB 183ms
81ms Script
application/javascript 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/pushnews-launcher.js?appId=5bf881a8-5b79-4aea-b103-91e5386249de
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b6fe56ad4e8d293ef0f3f3aecdcbd57befae8b08812e9c98b64c0bb3edbeb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
via: 1.1 8cb7965839bd69a62e95873e40c54db4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP53-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 14 Feb 2023 18:33:43 GMT
server: cloudflare
etag: W/"3b0072743385c7b1bb595312ab9c3eab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjf2c32wseV2DXi27IuW9BQvfSkg7sHSTrOYqhjrplLBYwhhgAlN4MSZln2rh7f%2BwnvxK5Yjd%2FbdveGUYIbIuGCJ0aMQJlaETcd3lUJf0XmIRje8mrAJ%2Fv9YGhPd3en3L6x25%2B%2FYaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 827aec434d5619a9-FRA
x-amz-cf-id: V5oT-df3taRKzyTsNoGWacFVVIkEpZpTm-HyBN3OSl8MkZfczdpWew==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 183ms
96ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

952d99276d33e74adea74a2e7be9610226c8769951cafdb71882a3d7a3ddb7fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30406
x-xss-protection: 0
server: cafe
etag: 265 / 19678 / 31079658 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:52 GMT

GET
H2 200 tm13767.js Show response
tag.navdmp.com/ 17 KB
6 KB 150ms
52ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13767.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33efa183f212a940c132bab3a53c88b3adbf0044933a9b4a9a14cbd1c5b86e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 May 2023 18:47:14 GMT
server: cloudflare
age: 55
etag: W/"6470feb2-432e"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 827aec43cab12c20-FRA
expires: Fri, 17 Nov 2023 22:02:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 177ms
89ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d5f19c67123e61b2ac783929a1cfafc470f248b5a240864d1449243bd73dc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53037
x-xss-protection: 0
server: cafe
etag: 8237208892152817424
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:52 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 133ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KDJP529EVF&gtm=45je3b81v874209990z8848907248&_p=1700255032312&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=29021821.1700255033&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700255032&sct=1&seg=0&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3488
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 112ms
48ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDJP529EVF&cid=29021821.1700255033&gtm=45je3b81v874209990z8848907248&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 153ms
65ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KDJP529EVF&cid=29021821.1700255033&gtm=45je3b81v874209990z8848907248&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=944166274

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 46ms
46ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=215414781&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=935484131&gjid=1362233556&cid=29021821.1700255033&tid=UA-144680-1&_gid=1244210414.1700255033&_r=1&_slc=1&gtm=45He3b81n81PLT9M46v848907248&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1839764484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 142ms
47ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-144680-1&cid=29021821.1700255033&jid=935484131&gjid=1362233556&_gid=1244210414.1700255033&_u=YADAAEAAAAAAACAAI~&z=1804719642

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Nov 2023 21:03:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.18/ 59 KB
25 KB 78ms
78ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.18/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cmm3u97hf1?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:52 GMT
content-encoding: br
last-modified: Thu, 16 Nov 2023 20:17:47 GMT
etag: W/"0x8DBE6E119B57399"
vary: Accept-Encoding
x-azure-ref: 20231117T210352Z-1t9x12bk8d77d3u7t34dezyv2c000000013000000000m7bn
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 024d946e-301e-005d-1959-19245f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 152ms
64ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144680-1&cid=29021821.1700255033&jid=935484131&_u=YADAAEAAAAAAACAAI~&z=777041706

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 103ms
102ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144680-1&cid=29021821.1700255033&jid=935484131&_u=YADAAEAAAAAAACAAI~&z=777041706

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
298 B 517ms
256ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.baixaki.com.br
Date: Fri, 17 Nov 2023 21:03:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 397 KB
134 KB 188ms
106ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019091094896260&plah=www.baixaki.com.br&bust=31079698

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce49ae1438bdd8ea031fd6de91baa573702699ec256bfce49616584df92c697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137192
x-xss-protection: 0
server: cafe
etag: 7557205021375993340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:53 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 759E 9 KB
4 KB 128ms
40ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 07:40:08 GMT
etag: 16674218716276178799
expires: Fri, 01 Dec 2023 07:40:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fa-solid-900.woff2
www.tecmundo.com.br/comparador/static/production/css/webfonts/ Frame 53F7 49 KB
50 KB 74ms
70ms Font
application/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tecmundo.com.br/comparador/static/production/css/webfonts/fa-solid-900.woff2

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Apache /

Resource Hash

cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Origin: https://www.tecmundo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 2.10.13
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-length: 50372
last-modified: Wed, 27 Apr 2022 17:21:33 GMT
server: Apache
etag: "c4c4-5dda60a743f78"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-language: pt-BR
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 17 Nov 2023 21:08:53 GMT

GET
H2 200 plugins.css
www.tecmundo.com.br/comparador/static/production/css/ Frame 53F7 188 KB
33 KB 53ms
49ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tecmundo.com.br/comparador/static/production/css/plugins.css?v=1111

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Apache /

Resource Hash

8d7b3643b7d5c5a5cc315ae1c4c64351ca66c31884e6703833f17045471eca4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 2.10.13
date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-length: 33509
last-modified: Tue, 07 Nov 2023 22:23:07 GMT
server: Apache
etag: "2f0ff-609976a4684b0-gzip"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
content-language: pt-BR
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 17 Nov 2023 21:08:53 GMT

GET
H2 200 style.css
www.tecmundo.com.br/comparador/static/production/css/ Frame 53F7 117 KB
18 KB 64ms
60ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1111

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Apache /

Resource Hash

abc743f91e17e268db5587a9f2b1b0c9afb3a0ca7bd78ddd85d577db926b1f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 2.10.13
date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-length: 17691
last-modified: Tue, 07 Nov 2023 22:23:08 GMT
server: Apache
etag: "1d55e-609976a4d89f9-gzip"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
content-language: pt-BR
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 17 Nov 2023 21:08:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 53F7 186 KB
67 KB 74ms
71ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-138518480-4

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bad1945ee4b97bcebce117a1f5288c21db80b06592ad2a160f77c474a31b8f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 21:03:53 GMT

GET
H2 200 plugins.min.js Show response
www.tecmundo.com.br/comparador/static/production/js/ Frame 53F7 104 KB
36 KB 83ms
80ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tecmundo.com.br/comparador/static/production/js/plugins.min.js?v=1111

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Apache /

Resource Hash

02bbeda80ceeb8921f45a12d547bcd54e39948b71c7f172a4f0c825cdc6844db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 2.10.13
date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-length: 36793
last-modified: Fri, 15 Jul 2022 16:11:26 GMT
server: Apache
etag: "1a0a6-5e3da453339d0-gzip"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
content-language: pt-BR
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 17 Nov 2023 21:08:53 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 53F7 98 KB
30 KB 108ms
106ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0bad65aed0bb1433c7a0bc1504324712b2f5862a4f9aefaa5586976d4180a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30390
x-xss-protection: 0
server: cafe
etag: 233 / 19678 / 31079658 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 53F7 4 KB
1 KB 139ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd11611c519a8292e00750c134608f8479e2720d244ebd77e12e6846a1dbfeae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 21:03:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 21:03:53 GMT

GET
H2 200 tecfriday.webp
www.tecmundo.com.br/comparador/static/production/images/ Frame 53F7 12 KB
12 KB 138ms
136ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/static/production/images/tecfriday.webp

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

42413772d3607ab5aa44b4b1eeaee98e932f9251724ddaecaf38d00809f9710d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 15944
etag: "a12b69f8937e0fb133ae84fb566152886a87fa6f"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12192
version: 2.10.13

GET
H2 200 logo-elements.webp
www.tecmundo.com.br/comparador/static/tecfriday/ Frame 53F7 6 KB
7 KB 147ms
145ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/static/tecfriday/logo-elements.webp

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

62ca6c183dde8b61ababbd2dbbed0d55eb0b56aff88f119475b4b00a4e6a3aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 7476
etag: "0edf211a18e84b02737afcc58d0be976e986ae93"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6306
version: 2.10.13

GET
H2 200 logo-americanas.png
www.tecmundo.com.br/comparador/static/tecfriday/ Frame 53F7 112 KB
112 KB 63ms
60ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/static/tecfriday/logo-americanas.png

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

8a996c3841fa2f801b54280b3f8ed138da44ce666fa015e864e4bf6d0261ddc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 148452
etag: "075c3386b2e0a142aa25b7af52ec771b2b774094"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 114254
version: 2.10.13

GET
H2 200 logo-dell.png
www.tecmundo.com.br/comparador/static/tecfriday/ Frame 53F7 18 KB
18 KB 72ms
70ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/static/tecfriday/logo-dell.png

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

111f449d476512956db10a51964d47ee4a3f6bbf24a76baa3e4f922a6c0c71f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 12167
etag: "09fa7cdefe7e79aeaa6b78f36a9f676056283385"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18394
version: 2.10.13

GET
H2 200 logo-dolcegusto.png
www.tecmundo.com.br/comparador/static/tecfriday/ Frame 53F7 99 KB
100 KB 82ms
79ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/static/tecfriday/logo-dolcegusto.png

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

4fdf07e9109a2da0b506a51be1a5b3e64cb1e9d674a847f51f6fe6a1f1cad7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 578904
etag: "ac1da1e248c406d5df3fe6736be8172e64bc0a1a"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 101602
version: 2.10.13

GET
H2 200 logo-kaspersky.png
www.tecmundo.com.br/comparador/static/tecfriday/ Frame 53F7 29 KB
30 KB 90ms
88ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/static/tecfriday/logo-kaspersky.png

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

e5bdb144181525baf125d87f86282c568389d3d43d09db2a94baa210fe290d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 22724
etag: "a4180eff8e3bb39c885d1ce19e45eb5ff70507ad"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30172
version: 2.10.13

GET
H2 200 logo-acer.webp
www.tecmundo.com.br/comparador/static/tecfriday/ Frame 53F7 988 B
1 KB 75ms
74ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/static/tecfriday/logo-acer.webp

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

4ed9decb578b34e37091a7e9765db5b4295289d52f3bf92e03ef5f645c14c688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 1286
etag: "9ee6d6af4acee4a40ac482be7480373bfd92c823"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 988
version: 2.10.13

GET
H2 200 blank200x200.png
www.tecmundo.com.br/comparador/image/ Frame 53F7 138 B
507 B 75ms
75ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/image/blank200x200.png

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

175b616d38847e1451a8d93d960619befe774aefeffe27de39ac918fc6981d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 321
etag: "c5070831bc9c7848bd17d846e06bd7d8cf38bb12"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 138
version: 2.10.13

GET
H2 200 371_Slide154.jpg
www.tecmundo.com.br/comparador/uploads/banners/ Frame 53F7 14 KB
15 KB 62ms
62ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/uploads/banners/371_Slide154.jpg

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

ba3e6f3c297951fb29ebc8f5e4c88d4267bfc00c94d1e685bdf6a5411ff55463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 31027
etag: "eb06ecc2099185cfa3d39ad83a3e1b02a5f12d85"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14788
version: 2.10.13

GET
H2 200 372_Slide155.jpg
www.tecmundo.com.br/comparador/uploads/banners/ Frame 53F7 6 KB
6 KB 63ms
63ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/uploads/banners/372_Slide155.jpg

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

14a236777af102b71783f9eb9b9e2391130abfd04c87d28ddd773b18b1d8e474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 10960
etag: "9557ddd0b82111022e04bcfcc8668f51d09eec12"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5718
version: 2.10.13

GET
H2 200 plugins_defer.min.js Show response
www.tecmundo.com.br/comparador/static/production/js/ Frame 53F7 118 KB
30 KB 63ms
63ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tecmundo.com.br/comparador/static/production/js/plugins_defer.min.js?v=1111

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Apache /

Resource Hash

afddaa8a919a8a33ced38eeae1ee7bbe21d66458941b560561fe100938148c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 2.10.13
date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-length: 29732
last-modified: Wed, 27 Apr 2022 17:21:33 GMT
server: Apache
etag: "1d760-5dda60a746c68-gzip"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
content-language: pt-BR
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 17 Nov 2023 21:08:53 GMT

GET
H2 200 system.min.js Show response
www.tecmundo.com.br/comparador/static/production/js/ Frame 53F7 24 KB
6 KB 64ms
64ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tecmundo.com.br/comparador/static/production/js/system.min.js?v=1111

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Apache /

Resource Hash

36bbf4b3490c908ed266fa0da7fb15eb18e7278509c9bf4f9d8f958d7ce204a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 2.10.13
date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-length: 5293
last-modified: Thu, 09 Mar 2023 19:56:14 GMT
server: Apache
etag: "5e7c-5f67d097f0328-gzip"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
content-language: pt-BR
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 17 Nov 2023 21:08:53 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 53F7 120 KB
46 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZFH2FM

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcae625a5d2d855b472d4c7d01785da24fb33d6f5d44ba0a2e0ddee093a7c91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 21:03:53 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 53F7 4 KB
2 KB 140ms
45ms Script
application/javascript 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:54:32 GMT
content-encoding: gzip
via: 1.1 bc841916063a49c638b48e73f77a28e8.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 44945
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 7OMa7rIs4CJ4EB4Aw594n320Qffp3YNUNA3ynu32TbtviXQ1G07-Xg==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ Frame 53F7 37 KB
15 KB 155ms
46ms Script
application/x-javascript 2600:9000:2646:ba00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:ba00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:48:40 GMT
content-encoding: gzip
via: 1.1 f7bf54ada21ef4f1f7e0646051894136.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 01:59:58 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 913
etag: W/"6555779e-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: sGeOEctNk7j5_Fvh9kbO4XcggVhdoEAFhYel2cYVUEVNk_fQNHxn6g==
expires: Sat, 18 Nov 2023 20:48:40 GMT

GET
H2 200 logo-tecmundo.png
www.tecmundo.com.br/comparador/static/production/images/ Frame 53F7 6 KB
6 KB 63ms
63ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/static/production/images/logo-tecmundo.png

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1111

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

3c53ad775bdb28fce9a0385cc600f8952d2054ef431b58a2be38faf7a9a32d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 6389
etag: "5d216eb63ec454e27b75ef5103adb0725de7be55"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5980
version: 2.10.13

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 53F7 16 KB
16 KB 137ms
50ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tecmundo.com.br/
Origin: https://www.tecmundo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:59 GMT
x-content-type-options: nosniff
age: 78414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:16:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 53F7 15 KB
16 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tecmundo.com.br/
Origin: https://www.tecmundo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:59 GMT
x-content-type-options: nosniff
age: 78414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:16:59 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C188 144 KB
44 KB 711ms
711ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7019091094896260&output=html&adk=1812271804&adf=3025194257&lmt=1700255033&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.baixaki.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700255033066&bpp=3&bdt=2808&idt=335&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2968005148359&frm=20&pv=2&ga_vid=29021821.1700255033&ga_sid=1700255033&ga_hid=215414781&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078301%2C31079698%2C44807763%2C44808148%2C44808285%2C44809055&oid=2&pvsid=3143800575038114&tmod=89457674&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=378

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019091094896260&plah=www.baixaki.com.br&bust=31079698

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

412009cef52e74ec92076bd93b8ce700d99f89ab14d07922f7f82c02542130a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45166
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:54 GMT
expires: Fri, 17 Nov 2023 21:03:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=new-float-ads&cls=new-float-ads&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 blank200x200.png
www.tecmundo.com.br/comparador/image/ Frame 53F7 138 B
507 B 63ms
63ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/image/blank200x200.png

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

175b616d38847e1451a8d93d960619befe774aefeffe27de39ac918fc6981d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 321
etag: "c5070831bc9c7848bd17d846e06bd7d8cf38bb12"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 138
version: 2.10.13

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 53F7 183 KB
66 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-138518480-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZFH2FM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d25c8dcb24ea7c520453c4345f7eb24d0b20a402aa02d0038f836814aae92c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67875
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 21:03:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 53F7 186 KB
67 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144680-14&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZFH2FM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26c13a1ba297b8f50ee03191bf446c00d28d0ba9dbcc142d22427494fe145b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 21:03:53 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ Frame 53F7 14 KB
5 KB 50ms
50ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 1389
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 827aec478e742c20-FRA
expires: Fri, 17 Nov 2023 21:40:44 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ Frame 53F7 430 KB
135 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42740
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138013
x-xss-protection: 0
server: cafe
etag: 17202369310903786887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 16 Nov 2024 09:11:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 53F7 268 KB
90 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WZZ7CHGVYD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138518480-4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98f10fa8c9eb97a27191baceaa3e35bef6f6556a026527cad91d31c46d6bb980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91614
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 21:03:53 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 53F7 52 KB
21 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138518480-4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 19:49:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4453
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 17 Nov 2023 21:49:40 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame 53F7 0
226 B 41ms
41ms Image
text/plain 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700255033545&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.tecmundo.com.br%2Fcomparador%2F%3Futm_source%3Dbaixaki%26utm_medium%3Diframe%26utm_campaign%3Dhomeportal&c8=Comparador%20TecMundo%3A%20as%20melhores%20ofertas%20est%C3%A3o%20reunidas%20aqui&c9=https%3A%2F%2Fwww.baixaki.com.br%2F
Requested by: Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
via: 1.1 bc841916063a49c638b48e73f77a28e8.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: hFYMKSw5zLb7YHf2Ll98GcDfSqkgJwU3Vuzjix5hWrdZ7gMd-b9kWg==
x-cache: Miss from cloudfront

GET
H2 200 webglobal-logo-footer.png
www.tecmundo.com.br/comparador/static/production/images/ Frame 53F7 1 KB
1 KB 51ms
49ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tecmundo.com.br/comparador/static/production/images/webglobal-logo-footer.png

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1111

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

87b4f1657d1e30b19ee3b393c4678eeeac781512548b1bf19858c758d313ba53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 16 Nov 2024 21:03:53 GMT
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Azion IMS
x-original-image-size: 1580
etag: "05953f0499e73b61a26f15d9063264c8e06c232d"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
x-ims: Enabled
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1118
version: 2.10.13

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 53F7 15 KB
16 KB 73ms
71ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tecmundo.com.br/
Origin: https://www.tecmundo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:39:53 GMT
x-content-type-options: nosniff
age: 257040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 21:39:53 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ Frame 53F7 20 KB
20 KB 57ms
55ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tecmundo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 03:55:36 GMT
x-content-type-options: nosniff
age: 407297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20064
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:58:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 03:55:36 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ Frame 53F7 19 KB
19 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tecmundo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 04:46:53 GMT
x-content-type-options: nosniff
age: 317820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19156
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:04:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 04:46:53 GMT

GET
H2 200 ping
ping.chartbeat.net/ Frame 53F7 43 B
201 B 368ms
118ms Image
image/gif 3.232.12.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=tecmundo.com.br&p=%2Fcomparador%2F&u=B81bP0CqLKYEDk3Q0K&d=tecmundo.com.br&g=55260&g0=home&g1=WebGlobal&n=1&f=00001&c=0&x=0&m=0&y=8232&o=1140&w=560&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Fwww.baixaki.com.br%2F&PA=https%3A%2F%2Fwww.tecmundo.com.br%2Fcomparador%2F%3Futm_source%3Dbaixaki%26utm_medium%3Diframe%26utm_campaign%3Dhomeportal&b=1297&_c=homeportal&_m=iframe&_x=baixaki&t=CGx4VRCOeuvPXw6BxCdE_nnDMKBCF&V=141&i=Comparador%20TecMundo%3A%20as%20melhores%20ofertas%20est%C3%A3o%20reunidas%20aqui&tz=-60&sn=1&sv=BMcX1Whrs8vDQcqLjCdmV-vDlNTnY&sr=https%3A%2F%2Fwww.baixaki.com.br%2F&sd=1&im=067b2fff&_
Requested by: Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.12.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-12-98.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Nov 2023 21:03:53 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 13767 Show response
tag.navdmp.com/u/ Frame 53F7 3 KB
2 KB 167ms
167ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/13767
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d5ca5aa304636bbd4445292c0ce7b26a8d39d838d2fb90d2ff0edffffc51ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 26 May 2023 18:47:14 GMT
server: cloudflare
etag: W/"6470feb2-d3e"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 827aec483f2d2c20-FRA
expires: Fri, 17 Nov 2023 22:03:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 53F7 229 KB
80 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WSNXN0LDEB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144680-14&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

994468c0f21516dea0796c80a893e2183153db3b7250213844ce14c4c00c0903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82204
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 21:03:53 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 53F7 76 KB
17 KB 288ms
287ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1628061074186824&correlator=3721684273576758&eid=31079630%2C31079239%2C31079658%2C44807409&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=36373682%2Ctcm%2Ccomparador%2Cleaderboard%2Chalf-page%2Chalf-page2&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5&prev_iu_szs=728x90%7C970x250%7C970x90%2C160x600%2C160x600&ifi=1&sfv=1-0-40&sc=1&cdm=www.tecmundo.com.br&abxe=1&dt=1700255033742&lmt=1700255033&adxs=15%2C-12245933%2C-12245933&adys=243%2C-12245933%2C-12245933&biw=-12245933&bih=-12245933&isw=1140&ish=560&scr_x=-12245933&scr_y=-12245933&ucis=hjwc4rb3y53o%7Csa8tr8h2p5sh%7Chanvyln0qe37&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.tecmundo.com.br%2Fcomparador%2F%3Futm_source%3Dbaixaki%26utm_medium%3Diframe%26utm_campaign%3Dhomeportal&ref=https%3A%2F%2Fwww.baixaki.com.br%2F&top=https%3A%2F%2Fwww.baixaki.com.br%2F&vis=1&psz=1140x90%7C0x0%7C0x0&msz=1110x90%7C0x0%7C0x0&fws=256%2C384%2C384&ohw=0%2C0%2C0&ga_vid=1682300703.1700255034&ga_sid=1700255034&ga_hid=287510106&ga_fc=true&dlt=1700255033241&idt=480&adks=1936759415%2C916682674%2C3742473635&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abfb18200969bae5462d682c3a2bd44cb066bb820a70ecc9959a0acc6662452a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17598
x-xss-protection: 0
google-lineitem-id: -1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tecmundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0978 6 KB
3 KB 155ms
47ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tecmundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:53 GMT
expires: Sat, 16 Nov 2024 21:03:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 usr Show response
usr.navdmp.com/ Frame 53F7 75 B
260 B 197ms
181ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13767&u=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44f2351708b9074768a82aed3494b416aaf64101d9a5874901f6e337a7e81b9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Fri, 17 Nov 2023 21:03:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 827aec4968e82c20-FRA
expires: Fri, 17 Nov 2023 22:03:53 GMT

POST
H2 200 get-consent Show response
disclaimer-api.goadopt.io/api/tag/ 141 B
825 B 468ms
441ms XHR
application/json 2606:4700:20::ac43:4606
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 99f617beff5554644a1ae88ff8a25eb42f7ea2373315d5f1ff5f11a9ff955932

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:
server: cloudflare
etag: W/"8d-KTOCCf+hC1NNjhtIMgg6Supft18"
vary: Origin
access-control-max-age: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.baixaki.com.br
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXu4KUTLotmh1SgmMwoNJU7WzGm0mNQ5048JyvCfBDrmBM1z57xyo5Mpjx1%2BFy%2B8KlyJTQQp0HNibgLQPVL%2F1Gdc51wAHJCJVsKjSre3oCJTdHWMQb8NTruB9uciSBVOEE1Bhpj3ofn1SJHlg1rGf7TAowTAWkY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 827aec4acdf9373e-FRA
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang,traceparent,tracestate,request-id

GET
H2 200 5bf881a8-5b79-4aea-b103-91e5386249de.js Show response
cdn.pn.vg/sites/ 2 KB
2 KB 60ms
60ms Script
text/javascript 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/5bf881a8-5b79-4aea-b103-91e5386249de.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/pushnews-launcher.js?appId=5bf881a8-5b79-4aea-b103-91e5386249de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d7521cf77aba41609cc4611f0fa174b979318499beae8eb39d58f380f6bec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 09 Nov 2023 18:15:12 GMT
server: cloudflare
etag: W/"cd84669e738afa72934a854992fe41d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMQmDbg%2FLsh94wXaJgQWjtHRMWGm7dkETmJh5iV%2FQU4TKp%2BPU9tA4pQL1EWvJd0CUAbrbM8VVFKWkZxTo1ubFv5kjC0XfHXAp8Q6swfSEzwa7ldWAPMAdwe0Po7Uqik%2F3VuU2galkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 827aec4a9dab19a9-FRA
x-amz-cf-id: bdCvy7W0eKy9zEM7EDRf_Ds1VBQeJSgrQh4IjLR5Uhy6US2sJR6MRg==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 430 KB
135 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42741
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138013
x-xss-protection: 0
server: cafe
etag: 17202369310903786887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 16 Nov 2024 09:11:33 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 55 B
148 B 253ms
253ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13767&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e62c6c553d19ccd93af3fe6e8cc11be4c2a7317ca9b115bc97a12c9748952db1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: max-age=3600
act: f0
cf-ray: 827aec4aaa462c20-FRA
expires: Fri, 17 Nov 2023 22:03:54 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ Frame 53F7 6 B
99 B 187ms
170ms Script
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=13a8149adee100bd6a2c30690610%7C0&acc=13767&tit=Comparador%2520TecMundo%253A%2520as%2520melhores%2520ofertas%2520est%25E3o%2520reunidas%2520aqui&url=https%253A%2F%2Fwww.tecmundo.com.br%2Fcomparador%2F%253Futm_source%253Dbaixaki%2526utm_medium%253Diframe%2526utm_campaign%253Dhomeportal&upd=1&new=1&ref=https%253A%2F%2Fwww.baixaki.com.br%2F&h1=Comparador%2520TecMundo
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 827aec4aea842c20-FRA
content-length: 6
content-type: application/x-javascript

GET
H2 200 container.html Show response
03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 340E 6 KB
3 KB 42ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tecmundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:53 GMT
expires: Sat, 16 Nov 2024 21:03:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 30F9 6 KB
3 KB 40ms
38ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tecmundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:53 GMT
expires: Sat, 16 Nov 2024 21:03:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 219 KB
60 KB 52ms
52ms Script
application/javascript 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/5bf881a8-5b79-4aea-b103-91e5386249de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6e351a889e733a8a4ac938e64858fd7b507375550819f4fde00a669baa3700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 4436
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 01 Nov 2023 21:54:54 GMT
server: cloudflare
etag: W/"9621d813b3fffb53c49b9874797e6f55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkGZ6Z1Z7vJiwZmO6bm5Fw4ooRkYNI1iGYJW6jhdyanqaELorPPk9vhjdKLr1AaUj729P2LC8%2BmtN8vzbijVbPfHgZnkXatItL0sBhPpl0u7C2aKEkah9XBXBSAWKG4UYJofMDHzaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 827aec4b1e4119a9-FRA
x-amz-cf-id: FG9q6WOEa71Qu9TKn43AvMZZeECpYA7QOge5V129QcBWFX4hEoSD3g==

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
298 B 123ms
122ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.baixaki.com.br
Date: Fri, 17 Nov 2023 21:03:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 310 KB
63 KB 695ms
694ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3143800575038114&correlator=2274417144625653&eid=31079659%2C31079668%2C31079312%2C31079658%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=36373682%2Cbxk%2Chome%2Cpremium%2Cdesktop%2Cleaderboard_top%2Cancora%2Cleaderboard_middle%2Chalf_page%2Csquare&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F4%2F5%2C%2F0%2F1%2F4%2F6%2C%2F0%2F1%2F4%2F7%2C%2F0%2F1%2F4%2F8%2C%2F0%2F1%2F4%2F9&prev_iu_szs=1x1%7C800x500%7C1920x750%7C1900x935%7C1920x1080%2C728x90%7C970x250%7C970x90%7C1x1%2C970x90%7C1x1%7C728x90%2C1x1%7C728x90%7C970x90%7C970x250%2C1x1%7C300x600%2C1x1%7C300x250&ifi=2&didk=606830616~1219620439~3093749535~4122620516~445717446~3618103558&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700255034118&lmt=1700255034&adxs=400%2C436%2C315%2C436%2C1090%2C1090&adys=0%2C211%2C1110%2C3578%2C3030%2C3040&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.baixaki.com.br%2F&vis=1&psz=1600x-1%7C728x250%7C1600x4479%7C728x250%7C300x0%7C300x0&msz=1600x-1%7C728x0%7C1600x-1%7C728x0%7C300x0%7C300x0&fws=516%2C4%2C512%2C4%2C4%2C4&ohw=1600%2C728%2C0%2C728%2C300%2C300&ga_vid=29021821.1700255033&ga_sid=1700255033&ga_hid=215414781&ga_fc=true&dlt=1700255030258&idt=3843&prev_scp=%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue&cust_params=referer%3Dhttps%253A%252F%252Fwww.baixaki.com.br%252F&adks=1286048242%2C3987075887%2C2460663856%2C2443166763%2C35649785%2C3654451204&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66901c355d0ccf2c8e68df75f7223aeb5ba60f191b93bd2932b7cda5b07ac6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64525
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.baixaki.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 42E0 6 KB
3 KB 97ms
48ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:54 GMT
expires: Sat, 16 Nov 2024 21:03:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6862 159 KB
51 KB 215ms
123ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVfVOQAMN5oKe6AZAACphxOS5SKNV95IrWRkhA&u=%7CT5r8n43arj2%2FBnMahs3MaGmhpLiNYaW9c6RBkkNEJj4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyRUAeNv4apneUh2EL6ha-6XejKOxrhIXlc8i_xR21Nl0IjfMFfVjUTCXXGW3KrzsqA_IO_ludDri5mQ3mvFtGOvJ4SueMZCcAwrN_ihkU5huesg9mx38Ewb0W2lSDjdfeJpc5BjmA5L3x17_4V8aKjVbgOb45aISxM4Y1dQh2CWwOTpfVp6XWKGRCfuG1A6yeuhJOtfVJKny2xN9XdCc6fxX9yFNLbLIGbvc6c23AbLe3v689cZq9Tm-N4YKsyTx0qZaoeKzdOh2-BFHMi22m4WydnQvRNCIGZYNARhnLjqFz32uyKUdeLkgXieQWy0MGrNdlIZ3UCyyvTDkExVVCoDBVcgzsq4-IujkJ70qyVv_IrFXylN0Z67Giv3WWV50Sr-jpiZ5TmqMbmBJ8OmiqrseQ9ZJOs6A3Esb1GCxyl1ff4J7iayZC8rLQT9jSeC7XYlSm2yzIO1yJhKkHGtF7f-z6u10DKj8sUW_TWkjORgDa-cJiK_XfwtGSk0CMTgozpdtX3fRY22VuamqC8QuJINvZ3m6a3NtzO_FFBl_gmtVvl-E-ZqXjAJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs6gpOdVXZZrvMJnA7gOH04KYAcme0rFc1Z2R93DAjbcBEAEgAGCVsqmCsAeCARdjYS1wdWItMTcxMjQyMDk4OTc2OTc1OMgBCakCAHcZnNREsj7gAgCoAwHIAwKqBL4CT9C_gmGTWQ5Oj77jHTcZfPg3zwCQk2PA8WTotOw_kL5y0VRsao8LV5p15Mw6588Hh6aD8j3FAvdeVdgqlPbha4nwTSvsEq6-qDpIu1PTGeIZzAUHdis2ztiRPhtn27XvMwbJDk69C4ZIXHz-1W56eMJ77wBKFW9sge02ovQSeqDNwxtqFPMeREBpTnDnYs9Y5RsP8gRLJlu-fRFz0Cke7zCzW0fPyHxqPufj2JWb1hbGtXQJyJ1AUdNZBCGAVJw43zSpCzuXjG0XAZj7fI6GgaaFVXQSBM6bX771csQtSgwTJtiT99lEri_T07hppklqdte1p9mIN8RrjmN-P7UfrPpCV2gkz7ffov5Ks3ULZF8jGNhdxkWZc-bfI4QP8ljLyC3ricXAXjVW6pat1kfTg8lEseK8fs-Kn64y9xay4AQBgAa2ypLfn6janpYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHiDRMIldbDyvfLggMVGaB7Ch2HqQAT0BUBgBcB%26num%3D1%26sig%3DAOD64_1biGLEY_MB8Dy1CPhAvckqVGRqzQ%26client%3Dca-pub-1712420989769758%26adurl%3D

Requested by

Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8b691a3a4c86d48555528953745516052a37717cb47328314754ea81077f7aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=_x5I91GlVMGrqaA9FdSdFPCZDpBq2-6C45hWGTn0xwDhBrMIHSNwKkCVC6iPsmWdWAb6RnpWP-21K1tqEvhFiI-Jx641j1wwESKaT6JswmRBgRb5U4cok6rNSUcWJmJ3N9pPsYWwCE_1AALMjvhc-LLFwtbJQjfjov3SSFiEufCIobowznAt0DWdbxxsq_eSa7nCSSeuUikSqK59orLwHPuSk3viF7p_qjs9fy-VI2dEiypb5qzy1KB1c0w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 63445552
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 340E 3 KB
1 KB 155ms
51ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:00:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 340E 20 KB
8 KB 146ms
43ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 340E 24 KB
6 KB 181ms
78ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 340E 202 KB
64 KB 227ms
125ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:54 GMT

GET
H2 200 dcmads.js Show response
fw.adsafeprotected.com/rjss/www.googletagservices.com/1526752/72603760/dcm/ Frame 30F9 254 KB
76 KB 198ms
60ms Script
application/javascript 52.51.13.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/1526752/72603760/dcm/dcmads.js?bundleId=www.tecmundo.com.br&ias_dspID=9&ias_campId=bnzq4wb&ias_pubId=pub-1712420989769758&ias_chanId=google&ias_placementId=tcvdzeq&bidurl=www.tecmundo.com.br%2fcomparador&ias_dealId=&adsafe_par&ias_impId=v4~~eadc7262-7069-42d2-af44-bcd598bcd833
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.13.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-13-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4a251f9a6c32852117bf2a73abe92c9f2b38a62880b5da60ae500c99fc0da7f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK google
de2-bid.adsrvr.org/bid/feedback/ Frame 30F9 807 B
1 KB 129ms
40ms Image
image/gif 3.33.153.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de2-bid.adsrvr.org/bid/feedback/google?t=1&iid=eadc7262-7069-42d2-af44-bcd598bcd833&crid=1u4bsv1h&wp=ZVfVOQAMN5wKe6AZAACphyWHQbW3rsmMfiDL5w&aid=1&wpc=USD&sfe=178f5539&puid=&tdid=&pid=c3crbqj&ag=tcvdzeq&adv=tk3qp9q&sig=1_CQIShIyQfr4Ab2Q_RbDr2JBqeOamxdhRM5Vs62vKt0.&bp=2.16951035236102&cf=5343417&fq=0&td_s=www.tecmundo.com.br&rcats=&mste=&mfld=4&mssi=&mfsi=&uhow=142&agsa=&rgz=48231&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=pt&mlang=&svpid=pub-1712420989769758&did=&rcxt=Other&lat=51.950000&lon=7.960000&tmpc=2.6200000000000045&daid=&vp=0&osi=&osv=&bx=70&bffi=41&c=CgdHZXJtYW55EhZOb3J0aCBSaGluZS1XZXN0cGhhbGlhGgAiCVdhcmVuZG9yZjgBUAGAAQCIAQGQAQGwAQC6AQQIARgEwAHHoAPAAaKfA9ABx6AD2AK0EOACrAL4AgGAAwGIAwGQAwGYAwA.&dur=CjYKHWNoYXJnZS1hbGxJbnRlZ3JhbFZpZXdhYmlsaXR5IhUI-P__________ARIIaW50ZWdyYWwKNgodY2hhcmdlLWFsbEludGVncmFsQnJhbmRTYWZldHkiFQj5__________8BEghpbnRlZ3JhbAo2Ch1jaGFyZ2UtYWxsSW50ZWdyYWxQYWdlUXVhbGl0eSIVCPX__________wESCGludGVncmFsCjcKHWNoYXJnZS1tYXhHcmFwZXNob3RDYXRlZ29yaWVzIhYIrP__________ARIJZ3JhcGVzaG90CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKRwonY2hhcmdlLWFsbElhc0Rpc3BsYXlWaWV3YWJpbGl0eVRyYWNraW5nIhwIpv__________ARINaWFzLXJlcG9ydGluZyoA&durs=93XXYj&crrelr=&fpa=167&pcm=3&grdc=CAEYASABKAFAAUgC&vc=2&said=kJEW1l%2BC0fVUG%2BnPzMldkA%3D%3D&auct=1&im=1&mc=e9e0196d-0310-47ff-86ff-47356a0999b4&abr=d4ccfdf7-f99e-47b3-8bda-c7e7ff42c7f0&tail=1
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.33.153.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a4b61a47cf5978487.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:53 GMT
server: Kestrel
transfer-encoding: chunked
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type: image/gif
cache-control: must-revalidate, no-cache
x-connection: close

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 30F9 70 B
149 B 183ms
57ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=tk3qp9q&ct=0:x85rlvi&fmt=4
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 ca Show response
choices.truste.com/ Frame 30F9 26 KB
10 KB 136ms
40ms Script
text/javascript 108.156.60.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=bnzq4wb_tcvdzeq_1u4bsv1h&c=tradedesk01cont1&js=pmw0&w=160&h=600&sid=0

Requested by

Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-116.ams1.r.cloudfront.net

Software

nginx /

Resource Hash

a5eb836d138f870741033d328c33a3e4bb1fe57026c1b57466c37428e28c3a2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:52:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: AMS1-P2
cross-origin-embedder-policy: unsafe-none
age: 43889
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: FJkz3m5E0xHpMhfDDS9TwYotnAVkdXJz0qi0SkV-nhYDcZfEfVJUjQ==
expires: Fri, 17 Nov 2023 09:52:25 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 30F9 47 KB
13 KB 208ms
62ms Script
application/javascript 52.51.176.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=923116&advId=tk3qp9q&campId=bnzq4wb&chanId=tcvdzeq&placementId=1u4bsv1h&pubId=&bidurl=www.tecmundo.com.br&uId=null&impId=eadc7262-7069-42d2-af44-bcd598bcd833&planId=google&adsafe_par
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.176.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-176-114.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 83e2c54cb06c6ddfac1d6e71767230f4488ac8e722af67c2fcb394bc0bbb6511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 30F9 3 KB
1 KB 148ms
49ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:00:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 30F9 20 KB
9 KB 137ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 30F9 24 KB
7 KB 172ms
73ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30F9 202 KB
64 KB 158ms
59ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:54 GMT

GET
H2 200 pushnews-sw.js Show response
www.baixaki.com.br/ 95 B
364 B 199ms
199ms Fetch
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/pushnews-sw.js

Requested by

Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

version: 3.0.4
date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 14 Nov 2023 18:34:15 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sun, 17 Dec 2023 21:03:54 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 160 KB
55 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/reactive_library_fy2021.js?bust=31079698

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d7a54081588dc8b006952403d7d06a227c6b40c04cd613adb5d71b39a4333b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55797
x-xss-protection: 0
server: cafe
etag: 6381347696399709432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:54 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 92 KB
32 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/slotcar_library_fy2021.js?bust=31079698

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60b86d90ec1c3a36c99acdf40bbd3f7a65c2092dc9723c398ce71053d1e12c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32555
x-xss-protection: 0
server: cafe
etag: 1307496350751659451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:54 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
56 B 166ms
165ms Script
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=13a8149adee100bd6a2c30690610&acc=13767&url=https%3A//www.baixaki.com.br/&tit=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%EA
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 827aec4c4c512c20-FRA
content-length: 6
content-type: application/x-javascript

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6862 2 KB
1 KB 241ms
81ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVfVOQAMN5oKe6AZAACphxOS5SKNV95IrWRkhA&u=%7CT5r8n43arj2%2FBnMahs3MaGmhpLiNYaW9c6RBkkNEJj4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyRUAeNv4apneUh2EL6ha-6XejKOxrhIXlc8i_xR21Nl0IjfMFfVjUTCXXGW3KrzsqA_IO_ludDri5mQ3mvFtGOvJ4SueMZCcAwrN_ihkU5huesg9mx38Ewb0W2lSDjdfeJpc5BjmA5L3x17_4V8aKjVbgOb45aISxM4Y1dQh2CWwOTpfVp6XWKGRCfuG1A6yeuhJOtfVJKny2xN9XdCc6fxX9yFNLbLIGbvc6c23AbLe3v689cZq9Tm-N4YKsyTx0qZaoeKzdOh2-BFHMi22m4WydnQvRNCIGZYNARhnLjqFz32uyKUdeLkgXieQWy0MGrNdlIZ3UCyyvTDkExVVCoDBVcgzsq4-IujkJ70qyVv_IrFXylN0Z67Giv3WWV50Sr-jpiZ5TmqMbmBJ8OmiqrseQ9ZJOs6A3Esb1GCxyl1ff4J7iayZC8rLQT9jSeC7XYlSm2yzIO1yJhKkHGtF7f-z6u10DKj8sUW_TWkjORgDa-cJiK_XfwtGSk0CMTgozpdtX3fRY22VuamqC8QuJINvZ3m6a3NtzO_FFBl_gmtVvl-E-ZqXjAJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs6gpOdVXZZrvMJnA7gOH04KYAcme0rFc1Z2R93DAjbcBEAEgAGCVsqmCsAeCARdjYS1wdWItMTcxMjQyMDk4OTc2OTc1OMgBCakCAHcZnNREsj7gAgCoAwHIAwKqBL4CT9C_gmGTWQ5Oj77jHTcZfPg3zwCQk2PA8WTotOw_kL5y0VRsao8LV5p15Mw6588Hh6aD8j3FAvdeVdgqlPbha4nwTSvsEq6-qDpIu1PTGeIZzAUHdis2ztiRPhtn27XvMwbJDk69C4ZIXHz-1W56eMJ77wBKFW9sge02ovQSeqDNwxtqFPMeREBpTnDnYs9Y5RsP8gRLJlu-fRFz0Cke7zCzW0fPyHxqPufj2JWb1hbGtXQJyJ1AUdNZBCGAVJw43zSpCzuXjG0XAZj7fI6GgaaFVXQSBM6bX771csQtSgwTJtiT99lEri_T07hppklqdte1p9mIN8RrjmN-P7UfrPpCV2gkz7ffov5Ks3ULZF8jGNhdxkWZc-bfI4QP8ljLyC3ricXAXjVW6pat1kfTg8lEseK8fs-Kn64y9xay4AQBgAa2ypLfn6janpYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHiDRMIldbDyvfLggMVGaB7Ch2HqQAT0BUBgBcB%26num%3D1%26sig%3DAOD64_1biGLEY_MB8Dy1CPhAvckqVGRqzQ%26client%3Dca-pub-1712420989769758%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:54 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6862 2 KB
1 KB 208ms
49ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6862 308 B
636 B 240ms
82ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 11 Nov 2024 21:03:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6862 293 B
622 B 201ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 11 Nov 2024 21:03:54 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6862 43 B
348 B 198ms
40ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=c63sruI7S6qMdOBvnXonC7MjT2t8YZlDwZe0gpHy1WUC97E6oMmqurRE_4Qm2lJf0YgXCGSeX6Znqd0mmmCYEXbDMwl9lfpszAlMBeTuwWzUzjLAlc744F17rg4kslu5E3XDdJ2Xcwqhl16Nc7zTDuREFcE8CBMPW8NnhH67IePzz86PT_jKSd6AfC0HLRX7BDR8sgRXHkPkal4a71EgpaZOxkNcConqrvYHn43SqtIQoLzZBV-2vtttS03f7pSJaqiMX5AWwFrfry_iRGFpU8aL63G9nQOE2zI7PLRtTioL_MWk4x9YlTeqx9QEk1fRer1f_SW9LV7q9Awz_J8XGf-tZLzFmAetIlYzhy1LoLP5FIub2WNl0W04uAPFxwJ1fN1TZpT-965Te_3Ov7hseRWMy_tTXqX5HYEGNxxfw0wm0E19

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1557286
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 5bf881a8-5b79-4aea-b103-91e5386249de.json Show response
osp-assets.pn.vg/ 4 KB
2 KB 415ms
261ms Fetch
application/json 2606:4700:20::ac43:4637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osp-assets.pn.vg/5bf881a8-5b79-4aea-b103-91e5386249de.json
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25f2aa9d475ce40e3821665c081c30da7e85ae4cb4344e1e0b26bbaaf44a0337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5FERSCMCT3647A7D
x-amz-server-side-encryption: AES256
x-amz-id-2: On8O11Q7b4PdareTMZkljIchZieaWyZ6wCe8NW0Y4fR4btBHNdccGtNwOXZor6CqTdKz3SEaXaU=
last-modified: Mon, 17 Oct 2022 15:18:42 GMT
server: cloudflare
etag: W/"4466c94390027d272a7ef7edb68cf327"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, PUT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mugineR4zLMWS%2BVusowxCcJnumEc8y%2BQI%2FrpWkb7Dzal6OrQqIXLTZeWGvTb1CyXFBDAhuJKcqyP%2FSTmd8FYX2yBQT7YDvWzG2EOGICmOmskbPvvCGfixrWszjo7lueD6jr8G3usCOSGw69TD0I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 827aec4dfbfd0487-FRA

GET
H2 200 PushnewsSubscriptionSDK.js Show response
cdn.pn.vg/push/ 35 KB
9 KB 48ms
48ms Script
application/javascript 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 4409
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 03 May 2023 17:43:50 GMT
server: cloudflare
etag: W/"d83660b1645b3c67ae586e71ccd92e33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gf1Vm4dNTfpZhXbOmuNELdzqdhqro3pltl6cHuGsr5LcAMgEQdf78e5%2Ba8c3s186nAdKFXutIf%2FuU7evCL5Wb%2BziAG2KMlFWwvociv8YwSKQ4FDZRepJkCaatAt%2B2DUMJOGHGdR%2Bbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 827aec4cf84b19a9-FRA
x-amz-cf-id: NxfsF_zr48onRoXe-weNQJkFYo3r5fx0TDCkD7uS8PnPgttzrNyIOw==

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame E9B5 9 KB
4 KB 44ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:16:35 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 21:16:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 340E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e227a59c2f841620003ec278d8476c48e8581babf017a144ba308c0f907e33e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6862 12 KB
6 KB 120ms
48ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6862 4 KB
4 KB 219ms
134ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048790%2F411021e816b7434f8f71ebb18eb8e2f3_kare-spassamwohnen-2020-clean-rgb.jpg&v=3&w=356&rid=4&s=19t5lsFnFfF5MKDT18n1bH8T

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6221253ad9714c013d8ad0fe4630839bac19c58e88ea423d4cf2a1b9e0f79aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3686
expires: Fri, 18 Oct 2024 12:23:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6862 31 KB
31 KB 169ms
83ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048790%2F921f53e9832f407baf37a7a7682e9e84_2023-09-native-ads-puppet-players-500x500px.jpg&v=3&w=1200&rid=4&s=MnpBGyFF2-6M9Rw4VbvvwJ63

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c883a4fb6fe3a0d9103a7e972061e32fb94f1f5eb192b19a77c59fa40f7cfae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 31422
expires: Fri, 18 Oct 2024 12:23:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6862 26 KB
26 KB 237ms
152ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Fc1ace0e56cf7ca2722f6c8efefa2a1b535d2b088.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=hjNH2eSIo4FRuZWxEf26zPL0&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

efa531d3359b51bcb5daa6ed43ab538f05ded049199ac9e2a639725564d1793c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 26704
expires: Sat, 02 Nov 2024 09:11:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6862 24 KB
24 KB 216ms
131ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F3ba073af864a11ebffab1921c0c2903e43225fe0.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=J1TBlxjVBfN4DAYa0aGlBgZC&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dab6b2a6292dac8130d3d474487435360b7e99e8e3868d2dd1eb5c856dd3401d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 24712
expires: Sat, 02 Nov 2024 04:39:44 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6862 0
128 B 126ms
42ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=_x5I91GlVMGrqaA9FdSdFPCZDpBq2-6C45hWGTn0xwDhBrMIHSNwKkCVC6iPsmWdWAb6RnpWP-21K1tqEvhFiI-Jx641j1wwESKaT6JswmRBgRb5U4cok6rNSUcWJmJ3N9pPsYWwCE_1AALMjvhc-LLFwtbJQjfjov3SSFiEufCIobowznAt0DWdbxxsq_eSa7nCSSeuUikSqK59orLwHPuSk3viF7p_qjs9fy-VI2dEiypb5qzy1KB1c0w&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 21:03:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6862 2 KB
1 KB 101ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6862 2 KB
1 KB 44ms
44ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:54 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2

200

dcmads.js Show response
www.googletagservices.com/dcm/ Frame 30F9
Redirect Chain

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1526752/72603760/dcm/dcmads.js?bundleId=www.tecmundo.com.br&ias_dspID=9&ias_campId=bnzq4wb&ias_pubId=pub-1712420989769758&ias_chanId=goo...
https://www.googletagservices.com/dcm/dcmads.js?bundleId=www.tecmundo.com.br

18 KB
8 KB

51ms
47ms

Script
text/javascript

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js?bundleId=www.tecmundo.com.br

Requested by

Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 17 Nov 2023 22:03:54 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:54 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://www.googletagservices.com/dcm/dcmads.js?bundleId=www.tecmundo.com.br
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C3DC 91 KB
23 KB 163ms
52ms Script
application/javascript 2600:9000:20ab:c800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:c800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 7045006
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: MeVjTfav_kK-SkWpbKn27spKOKjyE4NawaJSGv4KoVpHRg5GIzunTw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 30F9 43 B
215 B 785ms
117ms Image
image/gif 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1526752&asId=cfc022dc-bbb4-1d21-a6d2-8345d01df9e1&tv=%7Bc:ugtumB,pingTime:-3,time:44,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:44,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVU4QON+111%7C1121%7C113*.1526752-72603760%7C12%7C13%7C14%7C15,idMap:113*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&br=c
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 30F9 43 B
216 B 781ms
117ms Image
image/gif 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1526752&asId=cfc022dc-bbb4-1d21-a6d2-8345d01df9e1&tv=%7Bc:ugtumC,pingTime:-6,time:45,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:45,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVU4QON+111%7C1121%7C113*.1526752-72603760%7C12%7C13%7C14%7C15,idMap:113*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&tpiLookup=ao:www.baixaki.com.br*%2Cwww.tecmundo.com.br*&br=c
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 30F9 43 B
215 B 779ms
118ms Image
image/gif 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1526752&asId=cfc022dc-bbb4-1d21-a6d2-8345d01df9e1&tv=%7Bc:ugtumI,pingTime:-2,time:51,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:465,beZ:466,mfA:468,cmA:469,inA:469,inZ:474,prA:474,prZ:479,si:484,poA:485,poZ:505,cmZ:505,mfZ:505,loA:510,loZ:512,ltA:515,ltZ:515%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:ins%7D,ha1:%7Bres1:1,ps:1,ts:1700255034571,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVU4QON+111%7C1121%7C113*.1526752-72603760%7C12%7C13%7C14%7C15,idMap:113*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:20,sinceFw:30,readyFired:false%7D&br=c
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E9B5 23 KB
9 KB 54ms
42ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:17:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D2BF 143 B
166 B 48ms
45ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 20:58:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E9B5 3 KB
1 KB 52ms
45ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:00:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E9B5 20 KB
8 KB 45ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H2 200 4513979529719709924
tpc.googlesyndication.com/simgad/ Frame E9B5 5 KB
5 KB 61ms
54ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4513979529719709924?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlethmOSALOvnj9I7bB7YpzU9b8Bw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fede4ff92e45ef66034faea41d8c0bb3ec52e19a425481420a6914fe7a46a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 07:24:32 GMT
x-content-type-options: nosniff
age: 481162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5094
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 18:32:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Nov 2024 07:24:32 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9B5 202 KB
64 KB 53ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:54 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E9B5 36 KB
15 KB 52ms
46ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:27:11 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D2BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:54 GMT
expires: Fri, 17 Nov 2023 21:03:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 340E 0
0 98ms
96ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CACFzOdVXZZrvMJnA7gOH04KYAcme0rFc1Z2R93DAjbcBEAEgAGCVsqmCsAeCARdjYS1wdWItMTcxMjQyMDk4OTc2OTc1OMgBCakCAHcZnNREsj7gAgCoAwHIAwKqBLsCT9C_gmGTWQ5Oj77jHTcZfPg3zwCQk2PA8WTotOw_kL5y0VRsao8LV5p15Mw6588Hh6aD8j3FAvdeVdgqlPbha4nwTSvsEq6-qDpIu1PTGeIZzAUHdis2ztiRPhtn27XvMwbJDk69C4ZIXHz-1W56eMJ77wBKFW9sge02ovQSeqDNwxtqFPMeREBpTnDnYs9Y5RsP8gRLJlu-fRFz0Cke7zCzW0fPyHxqPufj2JWb1hbGtXQJyJ1AUdNZBCGAVJw43zSpCzuXjG0XAZj7fI6GgaaFVXQSBM6bX771csQtSgwTJtiT99lEri_T07hppklqdte1p9mIN8RrjmN-P7UfrPpCV2gkz7ffov5Ks3ULZF8jGNhdxgebUnRfsFQyVIjsEqHLYGHOeT_g4Li1VPMbvm-2DvyQZldAC47b4AQBgAa2ypLfn6janpYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHiDRMIldbDyvfLggMVGaB7Ch2HqQAT0BUBgBcBshccChoSFHB1Yi0xNzEyNDIwOTg5NzY5NzU4GNLAFg&sigh=FWFlAStleWE&uach_m=[UACH]&cid=CAQSGwDICaaNVIcDum13ToabKwKUBF-xjA7y26oIvRgB&cbvp=2&vis=1
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 340E 0
126 B 528ms
42ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kMHZGOv_CsoH-gGdg2ICAgAAAB9WbrxBItW6EDjVV2ViShOWY3ZlzdGgAAASAAAKCkFRVURBUUVCQVE&wp=ZVfVOQAMN5oKe6AZAACphxOS5SKNV95IrWRkhA&cbvp=2

Requested by

Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 173475
server: Kestrel
content-length: 0

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 30F9 59 KB
23 KB 48ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1526752/72603760/dcm/dcmads.js?bundleId=www.tecmundo.com.br&ias_dspID=9&ias_campId=bnzq4wb&ias_pubId=pub-1712420989769758&ias_chanId=google&ias_placementId=tcvdzeq&bidurl=www.tecmundo.com.br%2fcomparador&ias_dealId=&adsafe_par&ias_impId=v4~~eadc7262-7069-42d2-af44-bcd598bcd833&adsafe_url=https%3A%2F%2Fwww.baixaki.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.tecmundo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:cfc022dc-bbb4-1d21-a6d2-8345d01df9e1,c:ugtumc,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7bc8d8d488-6z6wl,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:3,mot:0,app:0,maw:0,fm:tVU4QON+111%7C1121%7C113*.1526752-72603760%7C12%7C13%7C14%7C15,idMap:113*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:d0fc38b6-858c-11ee-bfdf-da6811c17afb,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 05:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 05:44:07 GMT

GET
H/1.1 200
OK / Show response
p.smrk.io/api/public/geolocation/7z2mkcK41CTmhbHKGRyrzlIum250VTGrpYok/ 412 B
566 B 337ms
52ms Fetch
application/json 13.95.152.229
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.smrk.io/api/public/geolocation/7z2mkcK41CTmhbHKGRyrzlIum250VTGrpYok/
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.95.152.229 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f1c8ccf2c6c00fea2c67436e338a08d5aa7c45720ccf8a9d609859879930d189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 21:03:55 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Max-Age: 86400
Connection: keep-alive
Access-Control-Allow-Method: GET, OPTIONS

GET
H2 200 B30158606.371294245;dc_ver=99.292;sz=160x600;u_sd=1;dc_adk=3799905114;ord=rkolle;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Deadc7262-7069-42d2-af44-bcd598bcd833%26ag%3Dtcvdzeq%26s... Show response
ad.doubleclick.net/ddm/adj/N238002.2547732PRECISIONDISPLAY/ Frame 30F9 78 KB
33 KB 202ms
92ms Script
text/javascript 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N238002.2547732PRECISIONDISPLAY/B30158606.371294245;dc_ver=99.292;sz=160x600;u_sd=1;dc_adk=3799905114;ord=rkolle;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Deadc7262-7069-42d2-af44-bcd598bcd833%26ag%3Dtcvdzeq%26sfe%3D178f5539%26sig%3Dk_tgODef-KHpOFTO8mQFQJon7g8e_n2uYFjBtM8KJLA.%26crid%3D1u4bsv1h%26cf%3D5343417%26fq%3D0%26t%3D1%26td_s%3Dwww.tecmundo.com.br%26rcats%3D%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D142%26agsa%3D%26wp%3DZVfVOQAMN5wKe6AZAACphyWHQbW3rsmMfiDL5w%26rgz%3D48231%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-1712420989769758%26rlangs%3Dpt%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D2.6200000000000045%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EhZOb3J0aCBSaGluZS1XZXN0cGhhbGlhGgAiCVdhcmVuZG9yZjgBUAGAAQCIAQGQAQGwAQC6AQQIARgEwAHHoAPAAaKfA9ABx6AD2AK0EOACrAL4AgGAAwGIAwGQAwGYAwA.%26dur%3DCjYKHWNoYXJnZS1hbGxJbnRlZ3JhbFZpZXdhYmlsaXR5IhUI-P__________ARIIaW50ZWdyYWwKNgodY2hhcmdlLWFsbEludGVncmFsQnJhbmRTYWZldHkiFQj5__________8BEghpbnRlZ3JhbAo2Ch1jaGFyZ2UtYWxsSW50ZWdyYWxQYWdlUXVhbGl0eSIVCPX__________wESCGludGVncmFsCjcKHWNoYXJnZS1tYXhHcmFwZXNob3RDYXRlZ29yaWVzIhYIrP__________ARIJZ3JhcGVzaG90CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKRwonY2hhcmdlLWFsbElhc0Rpc3BsYXlWaWV3YWJpbGl0eVRyYWNraW5nIhwIpv__________ARINaWFzLXJlcG9ydGluZyoA%26durs%3D93XXYj%26crrelr%3D%26npt%3D%26fpa%3D167%26pcm%3D3%26said%3DkJEW1l%252BC0fVUG%252BnPzMldkA%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCmsEUOdVXZZzvMJnA7gOH04KYAaSjibdc58KD3O0FwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQngAgCoAwHIAwKqBL4CT9DRWVUnDMLUoqnPcLSsQzq-vLfFgwAUVbf3T-EHhnibhQPzyrXEIn7ElgF0iiyK84jlWxbkjTJYMfZHjcC9nhqC-7C6S0eh9y6_UyX6f5snLwAYjzZFuz9OAWSQ8giVR5gfn2zFSK2k77ycwa5rZysvURRgOckvNae43Oq73svKfgWqP9EQ9h7QvwBpd1w_it1stU6MB7tFnRtDEvr9d6aSjCwcn_ZW-yyXSjbOfs05Sp9tsEW9ppqbKaRbUCz7Yr7CU4Sg2euHXQblvpsm7ifxiwh9Y97FFtFj7PxjujxMz3AoOi773dLB6yubqv_7mV3zqOLjAYkahYW7Hei21f8LiRoxD3x-4q4OEDeOFaL2GGafR6WNEJ9QySLM4Re9eYq0GKJPlTVRQESq8181N3aLV7bW77eCoVcoRdHU4AQBgAaq5Jvzk4CwgS6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwiX1sPK98uCAxUZoHsKHYepABPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1GkUk2GIbdO03qvI_iIZz1VaSREA%2526client%253Dca-pub-1712420989769758%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.baixaki.com.br$2,https%3A%2F%2Fwww.tecmundo.com.br%2F$0;xdt=1;crlt=(UipVmYHRT;stc=1;chaa=1;sttr=69;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

4ec7bc84f7402eb4e7d330eea4a51282c0597775942acd4599ae304ced91d5f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33396
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5372 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:54 GMT
expires: Sat, 16 Nov 2024 21:03:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 192 KB
53 KB 460ms
459ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3143800575038114&correlator=3791527408238838&eid=31079659%2C31079668%2C31079312%2C31079658%2C31079527%2C31078660&pied=Eh4KHAoaQ092YzNNcjN5NElERlZPOGV3b2R0RndKUnc.&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=36373682%2Ctcm%2Cinternal%2CInterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=9&didk=1038626840&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D5e8f29e7247e2b8b%3AT%3D1700255034%3ART%3D1700255034%3AS%3DALNI_MZQRkMX0XuJcGyw7-b2wP7GjWDlhA&gpic=UID%3D00000ccb70241ea8%3AT%3D1700255034%3ART%3D1700255034%3AS%3DALNI_MZipBmpOz1xvykKkE3xKmU5PF2hCA&abxe=1&dt=1700255034865&lmt=1700255034&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.baixaki.com.br%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=29021821.1700255033&ga_sid=1700255033&ga_hid=215414781&ga_fc=true&dlt=1700255030258&idt=3843&cust_params=referer%3Dhttps%253A%252F%252Fwww.baixaki.com.br%252F&adks=2792147645&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5285788583749d8febe815a785d8a784d981036519f143547f2863fe56af54b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53902
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 39 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl_page_level_ads.js?cb=31079658

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8934c75d7b6faf5e681a0d3fc7854a70876feebd7f613f792ffe35345486b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 815
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13740
x-xss-protection: 0
server: cafe
etag: 13319621592303420164
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 16 Nov 2024 20:50:19 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 156ms
74ms Preflight
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CRWM1OtVXZevXC9P47gO0uaW4BL2Npq9vj86vrL8OrayDrcwFEAEgwqbWG2CVsqmCsAegAbC6odcDyAEJqQIAdxmc1ESyPuACAKgDAcgDywSqBIUCT9Bw2YxQQyoCw37bly6z87aoH7mETRz2kUM2ikcWFWXRZLLk4eD4et1SIXgS3PpJp7b70b2Vm7RGyLgO9SvKUc7Hmq3IDRIe2qMYA7Mg-sVWhCkm7h9rf_tPnn5hJDgkV_Hc3SKXF19FT8R9fnW75mnHrqvCx0U9Rz4YAZw5OtRS5KcV_HVopMMR7d4S_UqDWpUc1NrxaIHRREj7WXzWQdm4SG_pxOpqV-qpA3RAdrfJ5sQKsRYJD0QvBhMucS5sY2YRapnm-6LQbacybfzVwMD5hoqvvxtu32LCjNcyhGTb5CwwzUX0plO_DUdYfritbP4RKfKVkB_LknO3CSAVgRn4cYeBwASZnqmq4APgBAGIBfjE1Og2kgUECAQYAZIFBAgFGASgBi6AB8X3rT6oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQiJ0G0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliTo9rK98uCA5oJPGh0dHBzOi8vd3d3LmtheWFrLmRlL3NlbWkvZ2RudGV4dC9mbGlnaHRfZ2VuZXJhbC9hbnkvZGUuaHRtbIAKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMI1u7ayvfLggMVU7x7Ch20XAlH2BMMiBQC0BUBgBcBshceChwIABIUcHViLTcwMTkwOTEwOTQ4OTYyNjAY0sAW&sigh=s1r_fWXdFKc&uach_m=[UACH]&ase=2&cid=CAQSOwDICaaNlgTI2xS0d556OoIP1qgsnDKotuzH5Sw5A4dB14H8Py1HsRElFVpA-9namtrggy1SDuOZ7mvbGAE&template_id=494&nis=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 21:03:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 5372 4 KB
752 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 19:46:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 21:03:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5372 2 KB
822 B 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:51:29 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5372
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CRWM1OtVXZevXC9P47gO0uaW4BL2Npq9vj86vrL8OrayDrcwFEAEgwqbWG2CVsqmCsAegAbC6odcDyAEJqQIAdxmc1ESyPuACAKgDAcgDywSqBIUCT9Bw2YxQQyoCw37bly6z87aoH7mE...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225952855305177679%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.de%22,%22event_report_window%22:%2225920...

0
0

173ms
79ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225952855305177679%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214631453557654319985%22}&andc=true

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5952855305177679","debug_reporting":true,"destination":"https://kayak.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"14631453557654319985"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 21:03:55 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 21:03:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5952855305177679","debug_reporting":true,"destination":"https://kayak.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"14631453557654319985"}&andc=true
access-control-allow-origin: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5372 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:17:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5372 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:00:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D1A3 1 KB
643 B 41ms
39ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Sat, 18 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5372 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5372 0
0 48ms
47ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQf-ZHEQd3WMHaezZo-KfLENEQp7B61QL0erUzWcpOpxHBhJosgmdURlROzYSTMab_oTj0qzNF2SQ-sM4jGTc-NEEAQ-A
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5372 202 KB
64 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:54 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 5372 37 KB
16 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 09:24:49 GMT

GET
DATA 200
OK truncated
/ Frame 5372 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 5372
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

42ms
40ms

Image
image/png

2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:17:01 GMT
x-content-type-options: nosniff
age: 78414
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 23:17:01 GMT

Redirect headers

date: Thu, 16 Nov 2023 23:17:01 GMT
x-content-type-options: nosniff
server: cafe
age: 78413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 16 Dec 2023 23:17:01 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 9C20 196 KB
56 KB 171ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 02:37:57 GMT
age: 66358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 02:37:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 9C20 15 KB
5 KB 268ms
141ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 Nov 2023 05:14:53 GMT
age: 316142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Nov 2024 05:14:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 9C20 95 KB
29 KB 255ms
128ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 03:53:12 GMT
age: 61843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 03:53:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 9C20 5 KB
2 KB 253ms
125ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 01:14:32 GMT
age: 71363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 01:14:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 9C20 40 KB
13 KB 242ms
115ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 14:54:32 GMT
age: 108563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Nov 2024 14:54:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9C20 6 KB
779 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 21:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 19:43:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 21:03:54 GMT

GET
H3 200 container.html Show response
ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EAFB 6 KB
3 KB 42ms
42ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:54 GMT
expires: Sat, 16 Nov 2024 21:03:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA2E 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:54 GMT
expires: Sat, 16 Nov 2024 21:03:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A521 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:54 GMT
expires: Sat, 16 Nov 2024 21:03:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9C20 3 KB
3 KB 40ms
39ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:32:47 GMT
x-content-type-options: nosniff
server: cafe
age: 59468
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Sat, 18 Nov 2023 04:32:47 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9C20 344 B
368 B 41ms
40ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 29683
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 18 Nov 2023 12:49:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9C20 0
0 48ms
46ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBCnA-Fgb6RoTsUFj1g4yQtcF9wKxW-hS2KYtMLhcF448heByRKJtQW6yiRBumxhF-_tRAMcL_NgmoEKXV3CnekBFZoA
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9C20 0
0 82ms
81ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4vNsOtVXZezXC9P47gO0uaW4BLv62Z1069aavqcS9veOmK1BEAEgwqbWG2CVsqmCsAegAaiS1r8DyAEJqQJYc0eUhZmDPuACAKgDAcgDCqoE_wFP0OBa4x91Rf3IxE42xZM6R9ndBpo2miKpdoF7y8TtjV3f6a08nA_pK77gkLDSbQdsSXZLw9EuVZROaxdy3pWTMQAJMf_AJqsT2hBWHLaoY7QHP2xOZS4BHIUULJP2a9dKOvv3nR4AGlot6SKZQ-difo5ct6nLrsII3DmMveqeTsl0VgKT5NiwJAcmpt9fsWYI5Lg-mq0Od2pk0MCigX0hYy-L5h1byoJidh423Ksva9vVORIQvcsd2WwmJUOhmA_4hVqhBQIGPd8FF2hD6erDb2qFpZOwNGLOtJ1Z3Be56jW3yk5xu-cjakPB1vS0y8lQ0wmfn80K9HUJ4pdaZXPABOWvsti8BOAEAYgFjsnVpk2gBi6AB-PjzDSoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCciQvSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WJOj2sr3y4IDmgmGAWh0dHBzOi8vd3d3LmJvb3p0LmNvbS9kZS9kZS9kYW1lbm1vZGUvYmxhY2stZnJpZGF5P3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249ZGVfZ29vZ2xlZGlzcGxheV9ibGFja2ZyaWRheV8yMDIzgAoDyAsBogwQKg4KDOS0sQLutbECtbixAuINEwjX7trK98uCAxVTvHsKHbRcCUe4E-QD2BMDiBQF0BUBmBYBgBcBshceChwIABIUcHViLTcwMTkwOTEwOTQ4OTYyNjAY0sAW&sigh=MGlpQmeqLOk&uach_m=[UACH]&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSOwDICaaNlgTI2xS0d556OoIP1qgsnDKotuzH5Sw5A4dB14H8Py1HsRElFVpA-9namtrggy1SDuOZ7mvbGAE&template_id=484
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 47AF 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:16:17 GMT

GET
H3 200 1786844794747001316
tpc.googlesyndication.com/simgad/ Frame 9C20 5 KB
5 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1786844794747001316?w=195&h=102&tw=1&q=75

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37b84d35fd0bc35585312a9269873024faf7fe4c6d28cf3ee30f42b3460c7af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:37:30 GMT
x-content-type-options: nosniff
age: 15985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5350
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 16:29:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 16:37:30 GMT

GET
H3 200 17917038875666433235
tpc.googlesyndication.com/simgad/ Frame 9C20 1 KB
1 KB 47ms
47ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17917038875666433235?w=100&h=100&tw=1&q=75

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6e10d37aa93c7523e8563d83e3648ab8a47f03dc54e5b8486232251422522eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:06:30 GMT
x-content-type-options: nosniff
age: 140245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1108
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 12:20:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 06:06:30 GMT

GET
DATA 200
OK truncated
/ Frame 9C20 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7fe0c432d69abfce18ae5ed5e7cba031998da11bbc7aac438a73f40e5925f1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9C20 15 KB
16 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 15874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 16:39:21 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9C20 15 KB
15 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 20460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 15:22:55 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9C20 15 KB
15 KB 56ms
56ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options: nosniff
age: 336824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 23:30:11 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 30F9 111 KB
39 KB 168ms
39ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
Origin: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 05:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:44:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 30F9 11 KB
4 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N238002.2547732PRECISIONDISPLAY/B30158606.371294245;dc_ver=99.292;sz=160x600;u_sd=1;dc_adk=3799905114;ord=rkolle;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Deadc7262-7069-42d2-af44-bcd598bcd833%26ag%3Dtcvdzeq%26sfe%3D178f5539%26sig%3Dk_tgODef-KHpOFTO8mQFQJon7g8e_n2uYFjBtM8KJLA.%26crid%3D1u4bsv1h%26cf%3D5343417%26fq%3D0%26t%3D1%26td_s%3Dwww.tecmundo.com.br%26rcats%3D%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D142%26agsa%3D%26wp%3DZVfVOQAMN5wKe6AZAACphyWHQbW3rsmMfiDL5w%26rgz%3D48231%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-1712420989769758%26rlangs%3Dpt%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D2.6200000000000045%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EhZOb3J0aCBSaGluZS1XZXN0cGhhbGlhGgAiCVdhcmVuZG9yZjgBUAGAAQCIAQGQAQGwAQC6AQQIARgEwAHHoAPAAaKfA9ABx6AD2AK0EOACrAL4AgGAAwGIAwGQAwGYAwA.%26dur%3DCjYKHWNoYXJnZS1hbGxJbnRlZ3JhbFZpZXdhYmlsaXR5IhUI-P__________ARIIaW50ZWdyYWwKNgodY2hhcmdlLWFsbEludGVncmFsQnJhbmRTYWZldHkiFQj5__________8BEghpbnRlZ3JhbAo2Ch1jaGFyZ2UtYWxsSW50ZWdyYWxQYWdlUXVhbGl0eSIVCPX__________wESCGludGVncmFsCjcKHWNoYXJnZS1tYXhHcmFwZXNob3RDYXRlZ29yaWVzIhYIrP__________ARIJZ3JhcGVzaG90CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKRwonY2hhcmdlLWFsbElhc0Rpc3BsYXlWaWV3YWJpbGl0eVRyYWNraW5nIhwIpv__________ARINaWFzLXJlcG9ydGluZyoA%26durs%3D93XXYj%26crrelr%3D%26npt%3D%26fpa%3D167%26pcm%3D3%26said%3DkJEW1l%252BC0fVUG%252BnPzMldkA%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCmsEUOdVXZZzvMJnA7gOH04KYAaSjibdc58KD3O0FwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQngAgCoAwHIAwKqBL4CT9DRWVUnDMLUoqnPcLSsQzq-vLfFgwAUVbf3T-EHhnibhQPzyrXEIn7ElgF0iiyK84jlWxbkjTJYMfZHjcC9nhqC-7C6S0eh9y6_UyX6f5snLwAYjzZFuz9OAWSQ8giVR5gfn2zFSK2k77ycwa5rZysvURRgOckvNae43Oq73svKfgWqP9EQ9h7QvwBpd1w_it1stU6MB7tFnRtDEvr9d6aSjCwcn_ZW-yyXSjbOfs05Sp9tsEW9ppqbKaRbUCz7Yr7CU4Sg2euHXQblvpsm7ifxiwh9Y97FFtFj7PxjujxMz3AoOi773dLB6yubqv_7mV3zqOLjAYkahYW7Hei21f8LiRoxD3x-4q4OEDeOFaL2GGafR6WNEJ9QySLM4Re9eYq0GKJPlTVRQESq8181N3aLV7bW77eCoVcoRdHU4AQBgAaq5Jvzk4CwgS6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwiX1sPK98uCAxUZoHsKHYepABPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1GkUk2GIbdO03qvI_iIZz1VaSREA%2526client%253Dca-pub-1712420989769758%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.baixaki.com.br$2,https%3A%2F%2Fwww.tecmundo.com.br%2F$0;xdt=1;crlt=(UipVmYHRT;stc=1;chaa=1;sttr=69;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:35:01 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 30F9 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10727
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 18:05:08 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EAFB 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHpsqOtVXZe3XC9P47gO0uaW4BMme0rFc1Z2R93DAjbcBEAEgAGCVsqmCsAeCARdjYS1wdWItMTcxMjQyMDk4OTc2OTc1OMgBCakCAHcZnNREsj7gAgCoAwHIAwKqBP4BT9A2RUJJvuI63WY4f2E1-sRQ51Rli6uMaYr4g3UD69_eh1btdEABT65kJtuoxm8maIlAasMUfBEfMJ4iE-MnVZOeP0VH7jdyCFatK3ErS52dHc3Po0Qc-TEphfa2xdXei_SC1O3yyc1ThsxZm5_Zxn4dylV7bMfl4wgR0OlBZJ0xewueM85692MVOWW8uSP74xbNHrFxy9Dsy5tVFxc07AmkZiHODjR-5aN4uoCvDY8XrTrWLSSF7L3tzoE0X_CSDm_Yq5DyVWCuPkQrq1hASpvGQHsqLVsudlpS0ugD1urULHA2KqgpGzFw8NDWYfN3Yrt3Z3F36Vas-_nlO0vgBAGABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYk6PayvfLggOACgP6CwIIAYAMAeINEwjY7trK98uCAxVTvHsKHbRcCUfQFQGAFwGyFxwKGhIUcHViLTE3MTI0MjA5ODk3Njk3NTgY0sAW&sigh=oZydmpL33q4&uach_m=[UACH]&cid=CAQSOwDICaaNlgTI2xS0d556OoIP1qgsnDKotuzH5Sw5A4dB14H8Py1HsRElFVpA-9namtrggy1SDuOZ7mvbGAE
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame EAFB 0
0 149ms
49ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kOz_GOv_CsoH-gGdg2ICAgAAAB9WbrxBItW6EDnVV2WlsDF4-M3_wtJFAAASAAAKCkFRVUREd0VCRHc&wp=ZVfVOgAC6-0Ke7xTAAlctK8LkLPx2kKAi2IAvQ

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 151673
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 829D 212 KB
61 KB 109ms
108ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVfVOgAC6-0Ke7xTAAlctK8LkLPx2kKAi2IAvQ&u=%7CM4oPt2nQRDwUMAMgWAZ9LS%2FAp3%2FM9yUHKDCXrNUZBZU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF6S88U_parnddOln9oo_0N6JiK1k4rFtTc2HkATgykOlcU4lDaIvienmNZK933_AAgtp-3PVjJW6IbZL5mq8_As_WT5vPwOM_S7zI_EeE7q_sl-1O-sYrWKXUrgWdZFV3TorAGbXJQNgHfw4MfY-7lusBqsZDLuC8Wa7gOSieQkykiYI-rAO-FRWxVBak3HK99M10ticQqkXeBodATi361G3rq6F1oYwQ5EtrczvAiiQawtHYXnQ_a3Rsbl-wB3TqTapzWpgkTXlCLwRhr2tJzdil94jbBVAZmqEqY9O5yeF4FEjjPoLgEqrVH4J1nx8jKPpTA7vthNiTkANmwdy2-9hs7nX7pZwLO2Mmw-KtN9J2DNLHe15jZKBt2rFKKPmRc-9jCAD_2dRiZPLnjtQKVws4cRwGX-bz7Bvy4lqx9_PaYRWwjBEbS2DccG8KFhvQzRpPz4tVvsldPiQbpBHrMvxdY27S-BDQL_nuldkJ1_TQ61LKtullWOkeA2v29iRDEQ-CNbQKl-MdiOmPbeRdqRRD1Zh1QhNPurlGx1mGmIg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8Pp9OtVXZe3XC9P47gO0uaW4BMme0rFc1Z2R93DAjbcBEAEgAGCVsqmCsAeCARdjYS1wdWItMTcxMjQyMDk4OTc2OTc1OMgBCakCAHcZnNREsj7gAgCoAwHIAwKqBIECT9A2RUJJvuI63WY4f2E1-sRQ51Rli6uMaYr4g3UD69_eh1btdEABT65kJtuoxm8maIlAasMUfBEfMJ4iE-MnVZOeP0VH7jdyCFatK3ErS52dHc3Po0Qc-TEphfa2xdXei_SC1O3yyc1ThsxZm5_Zxn4dylV7bMfl4wgR0OlBZJ0xewueM85692MVOWW8uSP74xbNHrFxy9Dsy5tVFxc07AmkZiHODjR-5aN4uoCvDY8XrTrWLSSF7L3tzoE0X_CSDm_Yq5DyVWCuPkQrq1hASpvGQHsqLVsuNFhzQGiQBtdy_FfspojAvz9X-mbcT-v11nNKwYPI93q0YzNxG6Le6QfgBAGABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYk6PayvfLggP6CwIIAYAMAeINEwjY7trK98uCAxVTvHsKHbRcCUfQFQGAFwE%26num%3D1%26sig%3DAOD64_0Wm_voKbfCCZwR3HzoU6LakXIqcA%26client%3Dca-pub-1712420989769758%26adurl%3D

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9b91d7026d148839292a081a301b211557af448b4bc5b4c638c8b8681bed6c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=T7Igj1GlVMGrqaA9XsJ-RD3m7Kr4OlZRi9wzWFkYgdE097A2tDhzp61I5lBTw4qvd5Dt2OHgD4JpwCEt9oP8wfsio1E5X8exFzB0R_Aa2Xi1mxTpdzmSFAPoN6uzDzn60oQ2w-7DUR8wjw3jV1yBAkU6ddTAl1zL9oEzwY1vx-Y69QD-hOROzMUOLutD7iG3m0ud7z7BxOHJVFZ2pY0wBugX5kwDq94KnSNTmzRCQxbzv-NStkVZjG4PylT6l6UtB-iWvw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 60053056
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EAFB 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:00:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 84ED 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Sat, 18 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EAFB 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EAFB 0
0 50ms
50ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDx-rDoCUGyQBIe0XpbU1zX3cpGFdbyk5cTihFybjYHdYZmqaq5lOBwsseUHy1JKW8QndQtfjwomvZzVPTVKJcoX9Dbg
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EAFB 24 KB
6 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EAFB 202 KB
64 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:55 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AA2E 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBezkOtVXZe7XC9P47gO0uaW4BMme0rFc1Z2R93DAjbcBEAEgAGCVsqmCsAeCARdjYS1wdWItMTcxMjQyMDk4OTc2OTc1OMgBCakCAHcZnNREsj7gAgCoAwHIAwKqBPUBT9DkE2HjsarHEyFLy4pk_EvgA8QztkZho5a8FBjCRb20xra36bTmJAmtKzHdrHOR-wgfMA_-DEXuLc0o2MZfT8KiJtuNJJNNfybxp4b_5iw5nIXKu6qcsFaJ78n6oLeJpaGe6UUXTbV9Ik7zfbJPDLiO58TRnogPidDd-sl9XiUHZML-xSQt8_4InW895IKXJG9TWv9Z2Xe9JlPuu7yQ-99xpXj-Dy5t8gt4tY8z8P1Y3wk79fUlVoigGlpc_n9OvVlqQLC1tFrGcMQ5GmNfYTJktN7cBdxPr5uFhuxWVLpNquPnO3rLWwddl-TagQxDkF4wSz7gBAGABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYk6PayvfLggOACgP6CwIIAYAMAeINEwjZ7trK98uCAxVTvHsKHbRcCUfQFQGAFwGyFxwKGhIUcHViLTE3MTI0MjA5ODk3Njk3NTgY0sAW&sigh=fqqcbxuZMO0&uach_m=[UACH]&cid=CAQSOwDICaaNlgTI2xS0d556OoIP1qgsnDKotuzH5Sw5A4dB14H8Py1HsRElFVpA-9namtrggy1SDuOZ7mvbGAE
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame AA2E 0
0 85ms
43ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kOz_GI-lBKwC2ASdg2ICAgAAAB9WbrxBItW6EDnVV2WvuM0jM9gVPpwAAAASAAAKCkFRVUJBUUVCQVE&wp=ZVfVOgAC6-4Ke7xTAAlctCqmk-eQyxmqMmgnug

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 206780
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6904 200 KB
59 KB 136ms
133ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVfVOgAC6-4Ke7xTAAlctCqmk-eQyxmqMmgnug&u=%7CM4oPt2nQRDwBrEhK7DEBCgJlfetoHb4xUeoib3%2Bw%2FzI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1H2d8JJFfC7T9me-4wJNNusvUNPP9daZQXaZ7kwzz8hDu9ber1QMpN4Yishz-5XfnV7o-pzCL4grgCo6uw6rHIc9BYzFrXTbk74xHfAGXAheWFr8vBoMQIPeACwnIQavGBmkj3i9iCQdA1dM-RxH3I9kNC5RiYAFcomZ0UiWA5ilTOXmLBpGl1xF4ARJmSV6eFOfNXYBEcVJWU7zrfV1gdT4fiJfvTeKtaup1J1o1Te7osL2W0EgQtc8oYqM-7gCAWBvfjpNCg7uJxizOXpV-07FW52hRSB8BEo1oK8AFa32qAQunGxRHX1NB--6l77sDdfwf_ClC0FnGJRgazv6MizFtqnSc39QPHH0Ylkq_QER26hefHaeWD_fcfVEQ3iqkfOnwwDJELTaSlHG7VZdfOWGfliUZEzhy5YuPZoN6O_xG6LvtnnkQVip-YP29Wi0XTrHXmKQe1o9q9OJEjnSEPAyV0N-n7ygy4Py2rm3L88NehqXKk3-SCiv8MWgClz0BApADB4uOSsL2cXj5Ip5q6NSVvyT0luSIIoXXSq0k1gCd9yJkpRIq7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0qmOtVXZe7XC9P47gO0uaW4BMme0rFc1Z2R93DAjbcBEAEgAGCVsqmCsAeCARdjYS1wdWItMTcxMjQyMDk4OTc2OTc1OMgBCakCAHcZnNREsj7gAgCoAwHIAwKqBPgBT9DkE2HjsarHEyFLy4pk_EvgA8QztkZho5a8FBjCRb20xra36bTmJAmtKzHdrHOR-wgfMA_-DEXuLc0o2MZfT8KiJtuNJJNNfybxp4b_5iw5nIXKu6qcsFaJ78n6oLeJpaGe6UUXTbV9Ik7zfbJPDLiO58TRnogPidDd-sl9XiUHZML-xSQt8_4InW895IKXJG9TWv9Z2Xe9JlPuu7yQ-99xpXj-Dy5t8gt4tY8z8P1Y3wk79fUlVoigGlpc_n9OvVlqQLC1tFrGcMQ5GmNfIzBFJl5P1eHpf7xfCsy_8LRqoFXtFWJJ789gMRZlnyBbCJSka9dUMaXgBAGABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYk6PayvfLggP6CwIIAYAMAeINEwjZ7trK98uCAxVTvHsKHbRcCUfQFQGAFwE%26num%3D1%26sig%3DAOD64_25paL4l2cN8k5z1enl1Swr9vKdNA%26client%3Dca-pub-1712420989769758%26adurl%3D

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

935cf9b64b9d350194cee0bbd201b860d26be30b242411bab2d1fe9fc4be6092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=qj78QlGlVMGrqaA9hXWDAz-EWRTnp6P9mhSy_8IjqwEZIldDAszmR7Z1VMsuWsc7B-QcAlP3YScg3au289pv3P5wVJ8NM8RGxqTta9yH_oE-0JsBD3WmkIClr1XlFKiryPNUHDf8BRFNweadubgBxdKR-HJNBed1JzJPktPb8JU2G9Ej5kOXC3OWkMa5iSKhO-OQob_9yQMOB6f01phI4lk0BoVCiSvw82Pambkn5DdsC0uzpuZNI7W3mumzdWLwoPvsGQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 73195692
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AA2E 3 KB
1 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:00:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CCDA 1 KB
643 B 46ms
44ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Sat, 18 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AA2E 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AA2E 0
0 50ms
49ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2-q4oc2A5d2pCZs7EGl8EhJCGd-Z3jzMJiEqqzHhqtvAdVH67aAX3iOxYmGBP8JNgglbKcId7rmNQOVK7SB4yaDnEWw
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AA2E 24 KB
6 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA2E 202 KB
64 KB 72ms
70ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:55 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A521 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cjae2OtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT0AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljyvF2d9e99QbNlNJJ27bJS6n9MQljA9XVIeuVMtDtLlyUZQSr-5ngBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA4AKA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAbIXHAoaEhRwdWItMTcxMjQyMDk4OTc2OTc1OBjSwBY&sigh=M7CLc424g-U&uach_m=[UACH]&cid=CAQSOwDICaaNlgTI2xS0d556OoIP1qgsnDKotuzH5Sw5A4dB14H8Py1HsRElFVpA-9namtrggy1SDuOZ7mvbGAE
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame A521 0
0 145ms
50ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kmmyvzyxfcwmadmtkyb1nm57ekq58sqmqrmpvzvyy6zken9ttm0tgxm283x34qtpewar2ez6sk64wjky996r6y9bc4pgr288rnryd2vfcnrtxcmxm8dqgepxtxgymaxp5gxt654f7g0rfc58m3pf95t7vhweaj4q7x5f4b1hzayvzh8x0qtxyqnb0p4p69b15tjf58kwjwb2zh6c8pb4mgkw2tpf3gw0bc3qrkdh9k453bx0z7xhnteahma2bepr3a8q56j2ak00svknq4mg86nad8e91mcxa41a8yv6ewf2y4vxgt30amybe5mk3mztbhghq25s6ymwdy7t021g133fvtzf9c5gm58e2mcekc06j65nnmr0kkp5e8mwn2n1z3np3tzdr&b=ZVfVOgAC6-8Ke7xTAAlctFvUmiYXt-q82d-t3A
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 21:03:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame AB32 2 KB
3 KB 173ms
69ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gpgh5xk4eqwne1hg0k219rzr0avmfj1r3qf16c025dx9e12nta1k0z8aamfbpgznvbdmd39vdmm27x0mgqwbcy8zgyqx7yytxwb2nwkw1aqbtgphv03b391re7ykvecz1yt4fbmc58k4bzm98hcv2rybbn1sht6jfbz65vsdy21666wf6hwzqxqrmdqfh3jjn7vs819fs3yvxsb5z1htegah6eem8s48f6af5gg96czn96g9fds6kv96h5bbkwdg3sqy1dehpyw53m4j6gjwpx8kph2jpss3ma00t7n72rzten1df503tthf0trpgpskx85bgxcsa64hc54je7x187ym93f6e5yfhwm1pvcq3yabx7ndd5by8bdg7qahg2t0yfsx020kq4cgjs9gw8qn8fy5ya1xcmv8qb9hw727v55srdbr6c12&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%26client%3Dca-pub-1712420989769758%26adurl%3D

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3cf185f710fb08ab65510ba64c20ff8d68146350398c41c5bf5144a35a89470

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 827aec52abfb9a3f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:55 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A521 3 KB
1 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:00:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F538 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Sat, 18 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A521 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A521 0
0 47ms
46ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmtVneDPS7MC1h9OyRtr3QhJQkBlc--x4w5Tob5Lc3z4m5LS0mYH_3UmhW_MTj-877RLtfJvU7SvJN59RRTaJTK5WNxg
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A521 24 KB
6 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A521 202 KB
64 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:55 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D1A3
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBLYZZJw1U3SyW1c7W5_rRk&google_cver=1&google_push=AXcoOmQhlXZqzlS8cFTDc_cjwJK5DQnxabR6RKxLsvGzXEfsEdxD7O0OeXTw71UU5SzuZyyeh8zXM2MznGh3sJEixhMtIrOzyI2b&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBLYZZJw1U3SyW1c7W5_rRk&google_cver=1&google_push=AXcoOmQhlXZqzlS8cFTDc_cjwJK5DQnxabR6RKxLsvGzXEfsEdxD7O0OeXTw71UU5SzuZyyeh8zXM2MznGh3sJEixhMtIrOzyI2...

43 B
420 B

224ms
205ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBLYZZJw1U3SyW1c7W5_rRk&google_cver=1&google_push=AXcoOmQhlXZqzlS8cFTDc_cjwJK5DQnxabR6RKxLsvGzXEfsEdxD7O0OeXTw71UU5SzuZyyeh8zXM2MznGh3sJEixhMtIrOzyI2b&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQhlXZqzlS8cFTDc_cjwJK5DQnxabR6RKxLsvGzXEfsEdxD7O0OeXTw71UU5SzuZyyeh8zXM2MznGh3sJEixhMtIrOzyI2b%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 827aec54584c1992-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 307
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBLYZZJw1U3SyW1c7W5_rRk&google_cver=1&google_push=AXcoOmQhlXZqzlS8cFTDc_cjwJK5DQnxabR6RKxLsvGzXEfsEdxD7O0OeXTw71UU5SzuZyyeh8zXM2MznGh3sJEixhMtIrOzyI2b&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQhlXZqzlS8cFTDc_cjwJK5DQnxabR6RKxLsvGzXEfsEdxD7O0OeXTw71UU5SzuZyyeh8zXM2MznGh3sJEixhMtIrOzyI2b%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 827aec52ae3e1992-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D1A3
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEG1Z6KWLC_FLlykk2nrAR30&google_cver=1&google_push=AXcoOmRyNKGdJPpS4hnaQL81ljnBEMgTR-l9_qbP_buzXlNERNIYi8Wdb2YLPILxYKobBJ-pHwFttM5UoVHgMdj_jx9WE-Yi1f0
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34EC05656B0D485CBCF49A4ACF2D99CF&google_push=AXcoOmRyNKGdJPpS4hnaQL81ljnBEMgTR-l9_qbP_buzXlNERNIYi8Wdb2YLPILxYKobBJ-pHwFttM5UoVHgMdj...

170 B
232 B

51ms
51ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34EC05656B0D485CBCF49A4ACF2D99CF&google_push=AXcoOmRyNKGdJPpS4hnaQL81ljnBEMgTR-l9_qbP_buzXlNERNIYi8Wdb2YLPILxYKobBJ-pHwFttM5UoVHgMdj_jx9WE-Yi1f0

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34EC05656B0D485CBCF49A4ACF2D99CF&google_push=AXcoOmRyNKGdJPpS4hnaQL81ljnBEMgTR-l9_qbP_buzXlNERNIYi8Wdb2YLPILxYKobBJ-pHwFttM5UoVHgMdj_jx9WE-Yi1f0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 16 Nov 2023 21:03:55 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D1A3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN4DWPTsg2EVOOpC8LbRfco&google_cver=1&google_push=AXcoOmSNeZqOOpgUV3KafQ5sOrL74UZMmXDt9-zxcUiny2uD_tydH8hqpCURZFtdnVaf2qghtZteiBeF8UBIV-...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjUzOTc3MDE5MjMyODg2NA%3D%3D&google_push=AXcoOmSNeZqOOpgUV3KafQ5sOrL74UZMmXDt9-zxcUiny2uD_tydH8hqpCURZFtdnVaf2qghtZteiBeF8UBIV-2xzy...

170 B
329 B

51ms
51ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjUzOTc3MDE5MjMyODg2NA%3D%3D&google_push=AXcoOmSNeZqOOpgUV3KafQ5sOrL74UZMmXDt9-zxcUiny2uD_tydH8hqpCURZFtdnVaf2qghtZteiBeF8UBIV-2xzyRjZ6lufTKC

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjUzOTc3MDE5MjMyODg2NA%3D%3D&google_push=AXcoOmSNeZqOOpgUV3KafQ5sOrL74UZMmXDt9-zxcUiny2uD_tydH8hqpCURZFtdnVaf2qghtZteiBeF8UBIV-2xzyRjZ6lufTKC
Date: Fri, 17 Nov 2023 21:03:55 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame D1A3 43 B
363 B 136ms
38ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTGB-gvjK9S1a1NRooyjTT1YMJz95jKlTHJBBhK4BTbYippNs2F9uS5qOyPPnCJnv3tzvt_EQrP1OFa-sF-6S_IKvVHEkpP&google_gid=CAESEBC9E6hm_kBgzWAcSI-ZJU0&google_cver=1

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 190748
expires: Fri, 17 Nov 2023 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D1A3 0
166 B 166ms
42ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAe27HK9sIXifp4DHDauIps&google_cver=1&google_push=AXcoOmR4NAlv7gFHvoeSgB7LjkZQepUz691Nw5o8zJJy86sjpFiss-3CbLS1hUeH0mefZClRrLaPqzNSRbyhKM-RPhqkB32ghThB
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 17 Nov 2023 21:03:54 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 ebda
match.360yield.com/match/ Frame D1A3 43 B
199 B 251ms
109ms Image
image/gif 54.154.243.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEPkzLAkcvZABn67-v8Nq4Ro&google_cver=1&google_push=AXcoOmSMA5kbkzAmIb5qihL9NMwUP9jMYerBqWBubAdOeI_aDChVqSgze-fs9-Y7JOLyK9dqo5hhyTHLc3a5sDDLawE-TrOYAp4
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.154.243.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-243-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 21:03:55 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame D1A3 0
44 B 578ms
50ms Image
text/plain 217.182.178.229
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELDjlwttPS9yf9Dg5AnWsDY&google_cver=1&google_push=AXcoOmTWbpuXeiYd0TjA-60aNuHMbFZdbShI1kc5tD9b0YVv_-VvmCH-Svp05iXCwUveBFnxkX9SNoYTmm0IM2Wfny7lMZz-C11b
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.229 , France, ASN16276 (OVH, FR),
Reverse DNS: ip229.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D1A3 0
130 B 148ms
46ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBgdH7LITV2lTvO4WnIeVq09QLT5fT3eLYs15wh2rcF1SCQixuaR3taRQIFxhhDv2EiKin

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 main.19.8.460.js Show response
static.adsafeprotected.com/ Frame 30F9 212 KB
66 KB 57ms
48ms Script
application/javascript 2600:9000:20ab:c800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.460.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=923116&advId=tk3qp9q&campId=bnzq4wb&chanId=tcvdzeq&placementId=1u4bsv1h&pubId=&bidurl=www.tecmundo.com.br&uId=null&impId=eadc7262-7069-42d2-af44-bcd598bcd833&planId=google&adsafe_par
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:c800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbba7a0a828407bde3a0515ca668d1ef40acc6af29aab00fc406e09cca057b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:27:06 GMT
x-amz-version-id: j9JzYHB_H4GBzJz8aV8.4QtGR1pgZCoW
content-encoding: gzip
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 279410
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Nov 2023 22:15:44 GMT
server: AmazonS3
etag: W/"4d9d0e864ab105d8059c18b98a69d851"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: AHEcDETg1dtbadC-tKoVtbDFnD2pkypBJOUwGz_p3Qm8ZWN1-z03dw==

GET
DATA 200
OK truncated
/ Frame 5372 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2edf76fbedd3d7a450d861116529acee04cae81ee0e3b2e8fa44869f91653d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 188ms
77ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 21:03:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 30F9 43 B
215 B 118ms
117ms Image
image/gif 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1526752&asId=cfc022dc-bbb4-1d21-a6d2-8345d01df9e1&tv=%7Bc:ugtuxO,pingTime:-10,time:739,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700255035264%7C%7Ce1a443033d3e5ae9502553b969484bf0%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C43494bcc6cc147e31e6ef5b766bf59b9%7C%7C2c36dab655b72b1ce7ef485824a9a9a8%7C%7C11ed9242bbf9c12e07f2f143562a6a5b%7C%7C4786a76e78779ec73ca1e0b67582c9ba%7C%7Cd96a7cb210b7b43d30328aef3fa38636%7C%7C1663701684%7D
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 829D 2 KB
1 KB 47ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVfVOgAC6-0Ke7xTAAlctK8LkLPx2kKAi2IAvQ&u=%7CM4oPt2nQRDwUMAMgWAZ9LS%2FAp3%2FM9yUHKDCXrNUZBZU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF6S88U_parnddOln9oo_0N6JiK1k4rFtTc2HkATgykOlcU4lDaIvienmNZK933_AAgtp-3PVjJW6IbZL5mq8_As_WT5vPwOM_S7zI_EeE7q_sl-1O-sYrWKXUrgWdZFV3TorAGbXJQNgHfw4MfY-7lusBqsZDLuC8Wa7gOSieQkykiYI-rAO-FRWxVBak3HK99M10ticQqkXeBodATi361G3rq6F1oYwQ5EtrczvAiiQawtHYXnQ_a3Rsbl-wB3TqTapzWpgkTXlCLwRhr2tJzdil94jbBVAZmqEqY9O5yeF4FEjjPoLgEqrVH4J1nx8jKPpTA7vthNiTkANmwdy2-9hs7nX7pZwLO2Mmw-KtN9J2DNLHe15jZKBt2rFKKPmRc-9jCAD_2dRiZPLnjtQKVws4cRwGX-bz7Bvy4lqx9_PaYRWwjBEbS2DccG8KFhvQzRpPz4tVvsldPiQbpBHrMvxdY27S-BDQL_nuldkJ1_TQ61LKtullWOkeA2v29iRDEQ-CNbQKl-MdiOmPbeRdqRRD1Zh1QhNPurlGx1mGmIg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8Pp9OtVXZe3XC9P47gO0uaW4BMme0rFc1Z2R93DAjbcBEAEgAGCVsqmCsAeCARdjYS1wdWItMTcxMjQyMDk4OTc2OTc1OMgBCakCAHcZnNREsj7gAgCoAwHIAwKqBIECT9A2RUJJvuI63WY4f2E1-sRQ51Rli6uMaYr4g3UD69_eh1btdEABT65kJtuoxm8maIlAasMUfBEfMJ4iE-MnVZOeP0VH7jdyCFatK3ErS52dHc3Po0Qc-TEphfa2xdXei_SC1O3yyc1ThsxZm5_Zxn4dylV7bMfl4wgR0OlBZJ0xewueM85692MVOWW8uSP74xbNHrFxy9Dsy5tVFxc07AmkZiHODjR-5aN4uoCvDY8XrTrWLSSF7L3tzoE0X_CSDm_Yq5DyVWCuPkQrq1hASpvGQHsqLVsuNFhzQGiQBtdy_FfspojAvz9X-mbcT-v11nNKwYPI93q0YzNxG6Le6QfgBAGABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYk6PayvfLggP6CwIIAYAMAeINEwjY7trK98uCAxVTvHsKHbRcCUfQFQGAFwE%26num%3D1%26sig%3DAOD64_0Wm_voKbfCCZwR3HzoU6LakXIqcA%26client%3Dca-pub-1712420989769758%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 829D 2 KB
1 KB 43ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 829D 308 B
636 B 48ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 829D 293 B
621 B 48ms
48ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 829D 43 B
347 B 42ms
42ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=W3C1wlyemZjq7lQL1iOz-FzEELdqXrNHtxJQ84JGL5qLVq03Kjc3ogD0JpoCU3ifja70m5PkPah3Rl9OOS4-Frg2mIqe4tic-L1CN2Dd4_xd8KH7NZwonlpdDFKiVvzkyFh-nKR_mtrv-iOl3wKcU3MpruamX5dXddj9s4vyRqk2O3hvZFqnHSjvt4ERBoLFFjJqDQNwepu98cz_co0E1bWOmRcw5APU3GvcSB38GbNfE6ME_RaU8ZntMOI9qdtb207mPIYaVFxDLY5nQ82zXKS3OV49A15pIRj47RhULhUkxzeBxi6Jz-k7k6g9Ypag3S4KuMrXyx0mK3k3v4l7L6TGNR0DC9WBvCZEZLvtD2zIBIE75kTx5Ot50hTC5SK73vhKccWp2Fs3NMFWox-0Rg3Zc9DFMJdsqHMgNTJXKjWDBvhuVJYBLNBYOSt8LJ691ex8yQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1868380
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6904 2 KB
1 KB 43ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVfVOgAC6-4Ke7xTAAlctCqmk-eQyxmqMmgnug&u=%7CM4oPt2nQRDwBrEhK7DEBCgJlfetoHb4xUeoib3%2Bw%2FzI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1H2d8JJFfC7T9me-4wJNNusvUNPP9daZQXaZ7kwzz8hDu9ber1QMpN4Yishz-5XfnV7o-pzCL4grgCo6uw6rHIc9BYzFrXTbk74xHfAGXAheWFr8vBoMQIPeACwnIQavGBmkj3i9iCQdA1dM-RxH3I9kNC5RiYAFcomZ0UiWA5ilTOXmLBpGl1xF4ARJmSV6eFOfNXYBEcVJWU7zrfV1gdT4fiJfvTeKtaup1J1o1Te7osL2W0EgQtc8oYqM-7gCAWBvfjpNCg7uJxizOXpV-07FW52hRSB8BEo1oK8AFa32qAQunGxRHX1NB--6l77sDdfwf_ClC0FnGJRgazv6MizFtqnSc39QPHH0Ylkq_QER26hefHaeWD_fcfVEQ3iqkfOnwwDJELTaSlHG7VZdfOWGfliUZEzhy5YuPZoN6O_xG6LvtnnkQVip-YP29Wi0XTrHXmKQe1o9q9OJEjnSEPAyV0N-n7ygy4Py2rm3L88NehqXKk3-SCiv8MWgClz0BApADB4uOSsL2cXj5Ip5q6NSVvyT0luSIIoXXSq0k1gCd9yJkpRIq7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0qmOtVXZe7XC9P47gO0uaW4BMme0rFc1Z2R93DAjbcBEAEgAGCVsqmCsAeCARdjYS1wdWItMTcxMjQyMDk4OTc2OTc1OMgBCakCAHcZnNREsj7gAgCoAwHIAwKqBPgBT9DkE2HjsarHEyFLy4pk_EvgA8QztkZho5a8FBjCRb20xra36bTmJAmtKzHdrHOR-wgfMA_-DEXuLc0o2MZfT8KiJtuNJJNNfybxp4b_5iw5nIXKu6qcsFaJ78n6oLeJpaGe6UUXTbV9Ik7zfbJPDLiO58TRnogPidDd-sl9XiUHZML-xSQt8_4InW895IKXJG9TWv9Z2Xe9JlPuu7yQ-99xpXj-Dy5t8gt4tY8z8P1Y3wk79fUlVoigGlpc_n9OvVlqQLC1tFrGcMQ5GmNfIzBFJl5P1eHpf7xfCsy_8LRqoFXtFWJJ789gMRZlnyBbCJSka9dUMaXgBAGABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYk6PayvfLggP6CwIIAYAMAeINEwjZ7trK98uCAxVTvHsKHbRcCUfQFQGAFwE%26num%3D1%26sig%3DAOD64_25paL4l2cN8k5z1enl1Swr9vKdNA%26client%3Dca-pub-1712420989769758%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6904 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6904 308 B
636 B 44ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6904 293 B
621 B 43ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6904 43 B
347 B 42ms
42ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=flrhZqvIuY84Gz6LpYItE3diAs1CgTaqwtpLRs6ORafVr9hMIQguRiUBR5GlONK4qCr6DagfcnmVxeW5mD0q5HxxEEGNAJ9t4-xOVTUOVG4NTQUhnisMlbzKQSf7DL9pVerIauoWv1I93c73gr63_HkH9djjIDcvYqNwv-sivcfFYxM_sJcM6RyVdmSjZnXjXcPhuJCUkkCH7e9FAMo0V7c1xrldBo2wWD8X-mcrM6p-f2_mcMVQRa47DuK9RBVqEUOhpE5tjQnG0adJW1c5dcE42ADql6tpj-r2_wbeIVUzMFhb-jQLO9ADZvLCWA-EYr2J75oOGQzzK1jYNcXjfQ4rj4sZ-D7zpbWw1fMUw9YI_C23Is74CdVzy8OigDOtOeHuGlJhpneo0tZ5wO56erF6zxOSasZtO_i1ECtgetQ3IOQB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1681606
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5372 16 KB
16 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:45:25 GMT
x-content-type-options: nosniff
age: 368310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 14:45:25 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame AB32 115 KB
14 KB 54ms
52ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gpgh5xk4eqwne1hg0k219rzr0avmfj1r3qf16c025dx9e12nta1k0z8aamfbpgznvbdmd39vdmm27x0mgqwbcy8zgyqx7yytxwb2nwkw1aqbtgphv03b391re7ykvecz1yt4fbmc58k4bzm98hcv2rybbn1sht6jfbz65vsdy21666wf6hwzqxqrmdqfh3jjn7vs819fs3yvxsb5z1htegah6eem8s48f6af5gg96czn96g9fds6kv96h5bbkwdg3sqy1dehpyw53m4j6gjwpx8kph2jpss3ma00t7n72rzten1df503tthf0trpgpskx85bgxcsa64hc54je7x187ym93f6e5yfhwm1pvcq3yabx7ndd5by8bdg7qahg2t0yfsx020kq4cgjs9gw8qn8fy5ya1xcmv8qb9hw727v55srdbr6c12&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%26client%3Dca-pub-1712420989769758%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gpgh5xk4eqwne1hg0k219rzr0avmfj1r3qf16c025dx9e12nta1k0z8aamfbpgznvbdmd39vdmm27x0mgqwbcy8zgyqx7yytxwb2nwkw1aqbtgphv03b391re7ykvecz1yt4fbmc58k4bzm98hcv2rybbn1sht6jfbz65vsdy21666wf6hwzqxqrmdqfh3jjn7vs819fs3yvxsb5z1htegah6eem8s48f6af5gg96czn96g9fds6kv96h5bbkwdg3sqy1dehpyw53m4j6gjwpx8kph2jpss3ma00t7n72rzten1df503tthf0trpgpskx85bgxcsa64hc54je7x187ym93f6e5yfhwm1pvcq3yabx7ndd5by8bdg7qahg2t0yfsx020kq4cgjs9gw8qn8fy5ya1xcmv8qb9hw727v55srdbr6c12&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%26client%3Dca-pub-1712420989769758%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 501255
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkvfF4qo7FABQOHmdSuL%2FC6h3O0fHy%2Fu5iafnTsA5ozn3jVuoq0EvlNuaIowzNAw%2F8fi%2FKCijtosIJsKUV1uqd2r%2FFrsU0bHO3MumJC6k4ky42Aysmc2V%2FPXUJeAytvKzjJmlimRpN4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 827aec53bceb9a3f-FRA
expires: Sat, 18 Nov 2023 21:03:55 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame AB32 25 KB
10 KB 77ms
55ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gpgh5xk4eqwne1hg0k219rzr0avmfj1r3qf16c025dx9e12nta1k0z8aamfbpgznvbdmd39vdmm27x0mgqwbcy8zgyqx7yytxwb2nwkw1aqbtgphv03b391re7ykvecz1yt4fbmc58k4bzm98hcv2rybbn1sht6jfbz65vsdy21666wf6hwzqxqrmdqfh3jjn7vs819fs3yvxsb5z1htegah6eem8s48f6af5gg96czn96g9fds6kv96h5bbkwdg3sqy1dehpyw53m4j6gjwpx8kph2jpss3ma00t7n72rzten1df503tthf0trpgpskx85bgxcsa64hc54je7x187ym93f6e5yfhwm1pvcq3yabx7ndd5by8bdg7qahg2t0yfsx020kq4cgjs9gw8qn8fy5ya1xcmv8qb9hw727v55srdbr6c12&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%26client%3Dca-pub-1712420989769758%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 62063
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BimUtyHQ6r%2FwNJYa2oBMdNUsN8CX%2BaNHlUOcFmFeR3QqaI3%2B62jR6XJgi9qhwO98KvGuWhqrHi9rSLYf5QMiRBaSBHwFF7d1MQnDLPciaGkhUAzrlw9N8qxEszH4alQeepV5N8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 827aec53dd059a3f-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 Nov 2023 03:49:32 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 30F9 0
0 89ms
89ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYVnVOdVXZZzvMJnA7gOH04KYAaSjibdc58KD3O0FwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQngAgCoAwHIAwKqBLsCT9DRWVUnDMLUoqnPcLSsQzq-vLfFgwAUVbf3T-EHhnibhQPzyrXEIn7ElgF0iiyK84jlWxbkjTJYMfZHjcC9nhqC-7C6S0eh9y6_UyX6f5snLwAYjzZFuz9OAWSQ8giVR5gfn2zFSK2k77ycwa5rZysvURRgOckvNae43Oq73svKfgWqP9EQ9h7QvwBpd1w_it1stU6MB7tFnRtDEvr9d6aSjCwcn_ZW-yyXSjbOfs05Sp9tsEW9ppqbKaRbUCz7Yr7CU4Sg2euHXQblvpsm7ifxiwh9Y97FFtFj7PxjujxMz3AoOi773dLB6yubqv_7mV3zqOLjAYkahYW7Hei21f8LiRoxD3x-4q4OEDeOFaL2GGafR-ePMQ3PHtnEB-zpgkbH50ZVgT_5SmqyMrLhRIll5aj69ypwQl_O4AQBgAaq5Jvzk4CwgS6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAeINEwiX1sPK98uCAxUZoHsKHYepABPQFQGAFwGyFxwKGhIUcHViLTE3MTI0MjA5ODk3Njk3NTgY0sAW&sigh=vj3BbQ4X8iI&uach_m=[UACH]&cid=CAQSGwDICaaNVIcDum13ToabKwKUBF-xjA7y26oIvRgB&cbvp=2&vis=1
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 829D 12 KB
5 KB 147ms
51ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 664610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVIRf4KY9PhiXzeau5mgBWCR%2BNHjxIOLZro6P2NZKgpB42cKH5vbqujGZZ%2B3d6vuK8Rx4rc%2FRNoMCYo0NGorcMJAxwkh1G6ImKocmH%2F%2BfJ0B4hUm0nZMHboBMEfpMFrhwEyjavQy4M9CZxiVim2Xd0%2Fi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 827aec545fff914d-FRA
expires: Wed, 06 Nov 2024 21:03:55 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 829D 12 KB
6 KB 53ms
53ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6904 12 KB
5 KB 125ms
50ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 664610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maWZRjpDGljoM5O2TcvnEHGufjnSkeIF0ih%2BQgbtiThGtXfzeb62ALAHzeVhBeuhUXjs28BaFj7Wy%2B%2BqsI9d6CWvyiU%2B2a353IST2SoxYBdLObATwAzQIYRa0tZ7uwSg9xqCS8kCz34pNSSECQHOsHsv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 827aec545802914d-FRA
expires: Wed, 06 Nov 2024 21:03:55 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6904 12 KB
6 KB 47ms
46ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H3 200 container.html Show response
ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4596 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:54 GMT
expires: Sat, 16 Nov 2024 21:03:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 84ED
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEELPEHEAfvmYcNasTM3bhqc&google_cver=1&google_push=AXcoOmQfP8dhD96dgq1gYUmTg09f0BXhXZPw2WLB2VXfdEVmQa6PfG6mP86p5uJZbCQY_xVgvkdXpqyFT1zOPWGyiYeKFlNwlZXzcA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUxOTUzODgwMDk2MjQ5OTU5Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB9jZeKKOSpzj-DaiWedPQU&google_cver=1

43 B
398 B

53ms
44ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB9jZeKKOSpzj-DaiWedPQU&google_cver=1
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB9jZeKKOSpzj-DaiWedPQU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 84ED 43 B
395 B 335ms
329ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEBLYZZJw1U3SyW1c7W5_rRk&google_cver=1&google_push=AXcoOmTbgzPzHNH0jakgoxIZh4YiloKwZjb2OUtmwPbwI2DXut_9X2BKKa1GbRP3uu8XCdxXZDpSj4QaD-7Ud-lfe03KBoASKGSOrw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTbgzPzHNH0jakgoxIZh4YiloKwZjb2OUtmwPbwI2DXut_9X2BKKa1GbRP3uu8XCdxXZDpSj4QaD-7Ud-lfe03KBoASKGSOrw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 827aec5448391992-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 84ED
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEG1Z6KWLC_FLlykk2nrAR30&google_cver=1&google_push=AXcoOmSXroSIiFj3YqL4Vj72n-We-eCuc_UZYjEZSRFUxFG_Rx88U7NClTQV9Euu3_y0a9QqZwErOoHrbpefwRgtayaLyL33HtQeaA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34EC05656B0D485CBCF49A4ACF2D99CF&google_push=AXcoOmSXroSIiFj3YqL4Vj72n-We-eCuc_UZYjEZSRFUxFG_Rx88U7NClTQV9Euu3_y0a9QqZwErOoHrbpefwRg...

170 B
188 B

63ms
63ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34EC05656B0D485CBCF49A4ACF2D99CF&google_push=AXcoOmSXroSIiFj3YqL4Vj72n-We-eCuc_UZYjEZSRFUxFG_Rx88U7NClTQV9Euu3_y0a9QqZwErOoHrbpefwRgtayaLyL33HtQeaA

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34EC05656B0D485CBCF49A4ACF2D99CF&google_push=AXcoOmSXroSIiFj3YqL4Vj72n-We-eCuc_UZYjEZSRFUxFG_Rx88U7NClTQV9Euu3_y0a9QqZwErOoHrbpefwRgtayaLyL33HtQeaA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 16 Nov 2023 21:03:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 84ED
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN4DWPTsg2EVOOpC8LbRfco&google_cver=1&google_push=AXcoOmTOaz5-Y40UEx7GXFLcCOQWO11itYFqFJ3DyUrnPZbDdI8kbytT9-tZQpg9O8P2ukvclUPPkH63I0wn40...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjUzOTc3MDE5MjMyODg2NA%3D%3D&google_push=AXcoOmTOaz5-Y40UEx7GXFLcCOQWO11itYFqFJ3DyUrnPZbDdI8kbytT9-tZQpg9O8P2ukvclUPPkH63I0wn403VRB...

170 B
188 B

55ms
54ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjUzOTc3MDE5MjMyODg2NA%3D%3D&google_push=AXcoOmTOaz5-Y40UEx7GXFLcCOQWO11itYFqFJ3DyUrnPZbDdI8kbytT9-tZQpg9O8P2ukvclUPPkH63I0wn403VRB6w4FOAytKOfQ

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjUzOTc3MDE5MjMyODg2NA%3D%3D&google_push=AXcoOmTOaz5-Y40UEx7GXFLcCOQWO11itYFqFJ3DyUrnPZbDdI8kbytT9-tZQpg9O8P2ukvclUPPkH63I0wn403VRB6w4FOAytKOfQ
Date: Fri, 17 Nov 2023 21:03:55 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 84ED 43 B
362 B 46ms
41ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTKBsiq2aNlT1eC52c8PRsUF4ahyidFjxLVf94xHFd_d0TDkuTL9Oe3A9c2hw_xmSBdxCxA3Fz5jHERXXhGb6ZLdpzn1M79&google_gid=CAESEBC9E6hm_kBgzWAcSI-ZJU0&google_cver=1

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 240621
expires: Fri, 17 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 84ED
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEElsPnrp_4oWxVJseEo9gJs&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEElsPnrp_4oWxVJseEo9gJs&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEElsPnrp_4oWxVJseEo9gJs&google_hm=ZVfVO3IFLNabKqLTmo5JVwAABHYAAAAB&google_nid=index&google_push=AXcoOmQNZRB46gmqxMCyQhQ5OvkJZX2aGZtLB...

170 B
188 B

49ms
49ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEElsPnrp_4oWxVJseEo9gJs&google_hm=ZVfVO3IFLNabKqLTmo5JVwAABHYAAAAB&google_nid=index&google_push=AXcoOmQNZRB46gmqxMCyQhQ5OvkJZX2aGZtLBvULv17uJIOlIRLhPVDOVggHn-SitT9YrxUb_M5DOUdNR-LYmTiE29xiPQEQgWnA5w

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hti5cagxeM2Hq6X28xUv6%2B9FPfw5TQnjflJFALR3oI6NmRjF34yILHkDDJlToqjbC9y5eaZg3goPfEkzKcms6wUe2eOJ1CydYT9vx%2BcJgonBK2auM8VNNJ8OROPj9mTFi6H%2F4tFzFscggg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEElsPnrp_4oWxVJseEo9gJs&google_hm=ZVfVO3IFLNabKqLTmo5JVwAABHYAAAAB&google_nid=index&google_push=AXcoOmQNZRB46gmqxMCyQhQ5OvkJZX2aGZtLBvULv17uJIOlIRLhPVDOVggHn-SitT9YrxUb_M5DOUdNR-LYmTiE29xiPQEQgWnA5w
cache-control: no-cache
cf-ray: 827aec555d7a4522-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 84ED
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPOCzxrAyPJ0G57cqV8ZliU&google_cver=1&google_push=AXcoOmRng-Hx0oEtKAbgG4wZLfL_GDtCTKyD29ZykXR-jvOvsX1wbXrNiEVegfk4LJmbOSh5jU4zV_A3Sv2...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRng-Hx0oEtKAbgG4wZLfL_GDtCTKyD29ZykXR-jvOvsX1wbXrNiEVegfk4LJmbOSh5jU4zV_A3Sv2gkkwySablpJ8qkwiFJco
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

41ms
41ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 84ED 0
12 B 60ms
57ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDOUpGyxEodvn2wCOQ8wklJc3VNL6xo7_jzxsXz7nkC8vJRRInMO9vUqUV1ayCrAApzN6Qow

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame CCDA 35 B
464 B 185ms
42ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL89z4AnwxZvFMOFOPk3MQ8&google_cver=1&google_push=AXcoOmTiJALkVZDNifrCQe4sTgsOf2IwnXqR3t3Yvp_kEQ8vnev4G32HvDniqXhfSS9gzNFXkwsKPfmtNXnHP3ESsGeSrkD1z80nOA

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame CCDA 70 B
148 B 91ms
63ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBqbMcB1KhGdt_DW0RbF3lI&google_cver=1&google_push=AXcoOmTM383bf_4WYlS7rnhrNTeNbv-GQSx0B0HT7m_XOtcnQPe54UQM-QcHGlNVdXjrsG6bTpWFJZMmwGP7oeG0RcpHUonttXqxXw
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCDA
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEP5O9x_bZx4nLa-awoFW4kU&google_cver=1&google_push=AXcoOmTGeRIxIulk7us9atF0iZHXD1H1TLhk5La20YwqhcZQD0qpZTVg3FbeiQCs24Fr0fgVQdOkY46DOSc...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTGeRIxIulk7us9atF0iZHXD1H1TLhk5La20YwqhcZQD0qpZTVg3FbeiQCs24Fr0fgVQdOkY46DOScz8t5sG1WRVSEEzjdAjQ&google_hm=MRBxwauLTgayqmIz3A...

170 B
188 B

52ms
51ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTGeRIxIulk7us9atF0iZHXD1H1TLhk5La20YwqhcZQD0qpZTVg3FbeiQCs24Fr0fgVQdOkY46DOScz8t5sG1WRVSEEzjdAjQ&google_hm=MRBxwauLTgayqmIz3Aaa42g

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTGeRIxIulk7us9atF0iZHXD1H1TLhk5La20YwqhcZQD0qpZTVg3FbeiQCs24Fr0fgVQdOkY46DOScz8t5sG1WRVSEEzjdAjQ&google_hm=MRBxwauLTgayqmIz3Aaa42g
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame CCDA 43 B
362 B 49ms
48ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTeTuEDm8UOthPS9QRAkS9Aqaxwgjr2TTrEo3YBe0zYYFK1cjGIdzrW4Vux8tCpdyECpeFjgE0O7W-8nZHsmHQAOrpqe-cOpw&google_gid=CAESEBC9E6hm_kBgzWAcSI-ZJU0&google_cver=1

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 225834
expires: Fri, 17 Nov 2023 00:00:00 GMT

GET
H2 200 ebda
match.360yield.com/match/ Frame CCDA 43 B
198 B 63ms
62ms Image
image/gif 54.154.243.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEPkzLAkcvZABn67-v8Nq4Ro&google_cver=1&google_push=AXcoOmSNtIrCAZUMVd4JZJUel7P0HupOG8DsdhpDIjgnefmdGgDN-fEa-6KndIcy25zTrn5owGxZoPodR7D0TZqBuW7eArc7vUen
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.154.243.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-243-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 21:03:55 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

report
sync.teads.tv/um/ Frame CCDA
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEL8tYrlvUS5H...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQBxPNwRWu8XOkYsS1TGBrRXFz8UXvmh2RHhAEwdT1vumJacTO1sR4y0wbvxWMRfZpm3R8T5Y5Hg1-S43xS6OJK0iJ34uGdtw
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

69ms
69ms

Image
image/gif

23.35.233.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.35.233.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-233-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Fri, 17 Nov 2023 21:03:55 GMT
pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCDA
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=12a94e97-1723-47dc-864d-34bf47b6d412&google_cver=1&google_gid=CAESEGaQWqpLoeOtJaAqx8rhP_c&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

50ms
49ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=12a94e97-1723-47dc-864d-34bf47b6d412&google_cver=1&google_gid=CAESEGaQWqpLoeOtJaAqx8rhP_c&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRGojI2wJyzS2h0ngjkFMYJzuZaxjRKrmxNHo7hLHy59Lbw21j4m217EYX3TchXL0ATNpy08822kverskGw_Qa1gGSCrlXDyDk&gdpr=${GDPR}

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=12a94e97-1723-47dc-864d-34bf47b6d412&google_cver=1&google_gid=CAESEGaQWqpLoeOtJaAqx8rhP_c&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRGojI2wJyzS2h0ngjkFMYJzuZaxjRKrmxNHo7hLHy59Lbw21j4m217EYX3TchXL0ATNpy08822kverskGw_Qa1gGSCrlXDyDk&gdpr=${GDPR}
date: Fri, 17 Nov 2023 21:03:55 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CCDA 0
12 B 64ms
64ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITk5jK-7VmKBic_Y8Zr4PCwbHcUm6xiy_rBnvFzi1kekjDFPOoRMoIN3iAbN535mY8uCyyayQ

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F538
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN4DWPTsg2EVOOpC8LbRfco&google_cver=1&google_push=AXcoOmTDBq8oHlsEABGJRqF9j9uZr4dq4XCwSZBownGj_arJ2ajbIRe9YPaj9ZKlQJkNcoU4eY6rbFOHwSB63n...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjUzOTc3MDE5MjMyODg2NA%3D%3D&google_push=AXcoOmTDBq8oHlsEABGJRqF9j9uZr4dq4XCwSZBownGj_arJ2ajbIRe9YPaj9ZKlQJkNcoU4eY6rbFOHwSB63n-fyO...

170 B
188 B

50ms
50ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjUzOTc3MDE5MjMyODg2NA%3D%3D&google_push=AXcoOmTDBq8oHlsEABGJRqF9j9uZr4dq4XCwSZBownGj_arJ2ajbIRe9YPaj9ZKlQJkNcoU4eY6rbFOHwSB63n-fyOKQwg6agXE8

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjUzOTc3MDE5MjMyODg2NA%3D%3D&google_push=AXcoOmTDBq8oHlsEABGJRqF9j9uZr4dq4XCwSZBownGj_arJ2ajbIRe9YPaj9ZKlQJkNcoU4eY6rbFOHwSB63n-fyOKQwg6agXE8
Date: Fri, 17 Nov 2023 21:03:55 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F538 0
41 B 59ms
56ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAe27HK9sIXifp4DHDauIps&google_cver=1&google_push=AXcoOmQ3ZR59vRIdtaqBccbKRBFG5sRdjBchLIlKU1GHpiKhpcXWC58WnPxG0-p3M7JzWBKezrsfuxGGlfKv2SOInOxUyyg1qFiivg
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 17 Nov 2023 21:03:53 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F538
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL87tMRAEcRxVKQOoAd8sMU&google_cver=1&google_push=AXcoOmTTEAz-nEKiNM-Pvc-88lpAwyHWUAka59nw7lqleQLaNXbFflAm4ORju3gFk6_Rvs_N7Zng3AmlqyZ99HE5H...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL87tMRAEcRxVKQOoAd8sMU&google_cver=1&google_push=AXcoOmTTEAz-nEKiNM-Pvc-88lpAwyHWUAka59nw7lqleQLaNXbFflAm4ORju3gFk6_Rvs_N7Zng3AmlqyZ99HE5H...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTTEAz-nEKiNM-Pvc-88lpAwyHWUAka59nw7lqleQLaNXbFflAm4ORju3gFk6_Rvs_N7Zng3AmlqyZ99HE5HeI8MXe9nw6wbg&google_hm=HrFvrGZHIS-_ASPXQaWY...

170 B
188 B

50ms
49ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTTEAz-nEKiNM-Pvc-88lpAwyHWUAka59nw7lqleQLaNXbFflAm4ORju3gFk6_Rvs_N7Zng3AmlqyZ99HE5HeI8MXe9nw6wbg&google_hm=HrFvrGZHIS-_ASPXQaWYzBNn

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 21:03:55 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTTEAz-nEKiNM-Pvc-88lpAwyHWUAka59nw7lqleQLaNXbFflAm4ORju3gFk6_Rvs_N7Zng3AmlqyZ99HE5HeI8MXe9nw6wbg&google_hm=HrFvrGZHIS-_ASPXQaWYzBNn
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F538
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPOCzxrAyPJ0G57cqV8ZliU&google_cver=1&google_push=AXcoOmSYDCGkS3e86V_mNGLVrdRuqLGdxjjz8F9PehoqN5tnQyxSXWcTFSWdcjrc6oqJfihJtvIla50JU8Ze...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSYDCGkS3e86V_mNGLVrdRuqLGdxjjz8F9PehoqN5tnQyxSXWcTFSWdcjrc6oqJfihJtvIla50JU8Zeo6ZlxYDLIXxVaCik

170 B
188 B

52ms
51ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSYDCGkS3e86V_mNGLVrdRuqLGdxjjz8F9PehoqN5tnQyxSXWcTFSWdcjrc6oqJfihJtvIla50JU8Zeo6ZlxYDLIXxVaCik

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSYDCGkS3e86V_mNGLVrdRuqLGdxjjz8F9PehoqN5tnQyxSXWcTFSWdcjrc6oqJfihJtvIla50JU8Zeo6ZlxYDLIXxVaCik
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F538
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN4gVxsWtK7qq5cUhcELajU&google_cver=1&google_push=AXcoOmTNf_vEHHW8MTB1jPn_1UDqD9leTrPnls0Fb3gkKHSZt7uiGA8JoR4jn77YhwGA5Ov57uUpSuy9cVbZqDL-SPUs8tsgGs...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTNf_vEHHW8MTB1jPn_1UDqD9leTrPnls0Fb3gkKHSZt7uiGA8JoR4jn77YhwGA5Ov57uUpSuy9cVbZqDL-SPUs8tsgGsl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTkxOTAyNDY0MTg1NDUwMDU3MzQ3OA%3D%3D&google_push=AXcoOmTNf_vEHHW8MTB1jPn_1UDqD9leTrPnls0Fb3gkKHSZt7uiGA8J...

170 B
188 B

54ms
54ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTkxOTAyNDY0MTg1NDUwMDU3MzQ3OA%3D%3D&google_push=AXcoOmTNf_vEHHW8MTB1jPn_1UDqD9leTrPnls0Fb3gkKHSZt7uiGA8JoR4jn77YhwGA5Ov57uUpSuy9cVbZqDL-SPUs8tsgGslLhg

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTkxOTAyNDY0MTg1NDUwMDU3MzQ3OA%3D%3D&google_push=AXcoOmTNf_vEHHW8MTB1jPn_1UDqD9leTrPnls0Fb3gkKHSZt7uiGA8JoR4jn77YhwGA5Ov57uUpSuy9cVbZqDL-SPUs8tsgGslLhg
date: Fri, 17 Nov 2023 21:03:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame F538 0
45 B 188ms
50ms Image
text/plain 217.182.178.229
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELDjlwttPS9yf9Dg5AnWsDY&google_cver=1&google_push=AXcoOmSYHjDfHVSj9oWk4VS8TUNQk6ZgGkDAIZEBVsQqSlt52ykpxYLZy6BnONHt7sV8K9S4G5C4iImJ413NT0GDzqO4pe8OlyymLw
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.229 , France, ASN16276 (OVH, FR),
Reverse DNS: ip229.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F538
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEIByB_9rEQH-kZCiDF_NLWk&google_cver=1&google_push=AXcoOmTRjZyvfbD3a...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEIByB_9rEQH-kZCiDF_NLWk%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA4NDI5NzE5MDYwODIyNDgzMw%3D%3D&google_gid=CAESEIByB_9rEQH-kZCiDF_NLWk&google_cver=1&google_push=AXcoOmTRjZyvfbD3acNqxiW_xJYKAvyJKu...

170 B
188 B

51ms
50ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA4NDI5NzE5MDYwODIyNDgzMw%3D%3D&google_gid=CAESEIByB_9rEQH-kZCiDF_NLWk&google_cver=1&google_push=AXcoOmTRjZyvfbD3acNqxiW_xJYKAvyJKuOrclvAYAH_OuNff-C2R8xQ36yXkG9Svgk8tevEue7TCxJZMEaHGPZLeTrZXePwIY447g

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
an-x-request-uuid: 758addff-a539-44fb-854f-3ba9b2219746
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA4NDI5NzE5MDYwODIyNDgzMw%3D%3D&google_gid=CAESEIByB_9rEQH-kZCiDF_NLWk&google_cver=1&google_push=AXcoOmTRjZyvfbD3acNqxiW_xJYKAvyJKuOrclvAYAH_OuNff-C2R8xQ36yXkG9Svgk8tevEue7TCxJZMEaHGPZLeTrZXePwIY447g
x-proxy-origin: 80.255.7.104; 80.255.7.104; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F538 0
12 B 61ms
60ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IVLUcl9PgN0B9FlqNn4LalxFPzFm-4dEyqDPlcynTWtKFAiLZnz8DSxu7rvEEU367S1akAEg

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 61c90da1ec0d4c718567f65f4cfc2192_cpn_970x250_1.jpeg
static.criteo.net/design/dt/19906/4834108/ Frame 829D 145 KB
146 KB 74ms
62ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/19906/4834108/61c90da1ec0d4c718567f65f4cfc2192_cpn_970x250_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b5c5328532f3610f0cca2d3a16d41a87e14e4c85eb3baa9d3a669b618ee7772d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 14 Nov 2023 12:33:09 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65536905-244f8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 148728
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 18 KB
18 KB 65ms
53ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=19906&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F19906%2F190812%2F319a2d5469c04e068839667ed003cd32_logo4.png&v=3&w=356&rid=4&s=QgIYZ3WsWmSv4252L8XadgbW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0bb194863449e6a5bb8ae1b272c78d5f8b7919939cd3185e511467c4d91f8ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 17961
expires: Sun, 03 Nov 2024 05:28:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 3 KB
3 KB 64ms
52ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F40870135_1-202303151233.jpg&v=3&w=400&rid=4&s=QIk4RLAptw9P_bljwaAuyjv7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

530f5020b0cd16a7d4c7c845661068d7ad05977ae63614c70600746c12f9edf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2874
expires: Sat, 02 Nov 2024 18:01:28 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 4 KB
4 KB 84ms
72ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F29404894_28-202311071245.jpg&v=3&w=400&rid=4&s=DLBa2ouDRIJ78Vqu5KokInjQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e8d7c3dce7d03aaba0496b97463779b2cb65a94f7ca784d9f79c5d75881f1d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4168
expires: Sat, 02 Nov 2024 10:27:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 4 KB
5 KB 83ms
72ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2F19906%2Fbadgeupdate.png&v=3&w=400&rid=4&s=sFPYPwb7keL_Ew6_IWjCVNv_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4547
expires: Thu, 07 Nov 2024 09:55:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 15 KB
15 KB 70ms
59ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F49990444_2-202301302241.jpg&v=3&w=400&rid=4&s=0Ps7l7kJ-1jz8BM-flCa1vWo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b7786c642ca86768409f9ecc3c7261fa0e9b14279a8a47ccc0f447cbcc4a972b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 15066
expires: Mon, 21 Oct 2024 10:11:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 4 KB
4 KB 71ms
60ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F27400441_8-202310162234.jpg&v=3&w=400&rid=4&s=-6Q2NIfGeyxbdZRV-3M3qVxw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f6eac28efdab193d3db8ce453d2b8fd15a8b1ecd2b6108f72e9875ce3d2d1f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3950
expires: Fri, 11 Oct 2024 14:34:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 3 KB
3 KB 84ms
73ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12126311_2-202108130002.jpg&v=3&w=400&rid=4&s=L0oDTP2b8TwjcfDgCxE3O9qC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0c659c2351251346d80951411cf3e8704b382d17b990f900212543f96faaa44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3134
expires: Tue, 05 Nov 2024 03:33:20 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 4 KB
4 KB 84ms
73ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F23409137_11-202105041235.jpg&v=3&w=400&rid=4&s=LGXpcF5X-B0jUgQp_6A_Q5aL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a249cc9879cf7e7cd1f6609c3f3ca9008f60cdcdcfbfaf56e5cdb29de1bfa848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4022
expires: Sat, 02 Nov 2024 02:52:14 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 3 KB
3 KB 84ms
74ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F72477_4-202003032235.jpg&v=3&w=400&rid=4&s=6TIfLzcCb1eGLBGJU9UMQgaT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

51f7a0ace00540bdded49777aaf91ed45f3eacf54afb9be0eb4aaf9fbf04abb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3036
expires: Tue, 22 Oct 2024 18:16:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 6 KB
6 KB 85ms
74ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F23407005_2-202101222236.jpg&v=3&w=400&rid=4&s=AooNwJOP2pZ24f7PVX4Q4IQ-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f5b0588c84deaf8c686a053db33a151517e75b4e19f9f10d227c5c18ed127eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6086
expires: Sun, 03 Nov 2024 05:03:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 5 KB
6 KB 101ms
91ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F25408430_1-202010152157.jpg&v=3&w=400&rid=4&s=pyy2C5yD9Ut-Tkqo519X1fHS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

18810cc7f62acf01765366af6b41e3890fd2ea526b7a35ce622873468d0f39ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5502
expires: Sat, 02 Nov 2024 00:38:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 13 KB
13 KB 107ms
97ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F49990083_4-202301132234.jpg&v=3&w=400&rid=4&s=9l4SQRrGkY3_qJ2DI9FO095d&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

62f897bda9d7fcb2ae075c06066783cbc80549bd8cc2e40a33e2340c1260e895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 12976
expires: Sat, 02 Nov 2024 10:38:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 3 KB
4 KB 101ms
91ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F23402169_13-202008282250.jpg&v=3&w=400&rid=4&s=0UyUcwOjNsT-GeAxKgOcbWck&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fdb973535d609248e2dc328d9d5c7842ca9dbcefebbe9a5d98f52b68aa502b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3480
expires: Sun, 03 Nov 2024 05:01:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 9 KB
10 KB 109ms
99ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F813306_3-201905092033.jpg&v=3&w=400&rid=4&s=2tf9lywUoGZD1QVIccA9RMjw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0502b7b2c046294fdbade142db68d233519c0c04fc411ba8a87fb1487cf10f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9526
expires: Sat, 09 Nov 2024 18:12:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 11 KB
12 KB 110ms
101ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F812894_3-201811271517.jpg&v=3&w=400&rid=4&s=ef42TZ3g3Zi8vTLKFG5KjBKw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c9e42d37ab1e9a3c75cbda95a6c685753c3bbccc933e204a6b161c5282b33080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11628
expires: Mon, 04 Nov 2024 13:12:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 2 KB
2 KB 108ms
99ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F40401001_8-202305301245.jpg&v=3&w=400&rid=4&s=goFyLM7vgVRV4I9vt8zOD6Dq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

434e426804c71ff13f6aca4add1394784d700881d77fb767bddeea97eaa88aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 1866
expires: Sat, 02 Nov 2024 04:40:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 4 KB
4 KB 107ms
98ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F693085_2-202203112233.jpg&v=3&w=400&rid=4&s=PtSpyJSlXO3rJjSlfrB0Lkj7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

37f795d306181a38b0c682b41420f0e461d6d20a4c82f6d3b9208beabca7b8dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3924
expires: Wed, 06 Nov 2024 16:08:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 3 KB
4 KB 114ms
105ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F24407122_11-202308152236.jpg&v=3&w=400&rid=4&s=P9a0G9S63kyaKHaVtCsLN5UX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ffc517e472c722f2c7a333c10c3f7c458d3a53f7cec3746922559efd90166374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3556
expires: Fri, 11 Oct 2024 04:22:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 3 KB
3 KB 115ms
107ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F40840685_2-202310091239.jpg&v=3&w=400&rid=4&s=Z01IJN70vJPBN2PC3JAUPV16&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

06d192d9224c1e41a76a3c27e4802144f9d3387a23433071f543fc71ad31fe8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2892
expires: Wed, 06 Nov 2024 12:52:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 829D 3 KB
3 KB 116ms
107ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F40402815_9-202302282232.jpg&v=3&w=400&rid=4&s=UxryuYvs8jYZJPoKClZgvP0_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

476bd3b28e3d3cc9c9ded6aa948a1e4ae7bf29eb5fb81c981857181b00f9d80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2934
expires: Tue, 05 Nov 2024 06:21:13 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 829D 0
127 B 57ms
49ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=T7Igj1GlVMGrqaA9XsJ-RD3m7Kr4OlZRi9wzWFkYgdE097A2tDhzp61I5lBTw4qvd5Dt2OHgD4JpwCEt9oP8wfsio1E5X8exFzB0R_Aa2Xi1mxTpdzmSFAPoN6uzDzn60oQ2w-7DUR8wjw3jV1yBAkU6ddTAl1zL9oEzwY1vx-Y69QD-hOROzMUOLutD7iG3m0ud7z7BxOHJVFZ2pY0wBugX5kwDq94KnSNTmzRCQxbzv-NStkVZjG4PylT6l6UtB-iWvw&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 829D 2 KB
1 KB 55ms
48ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 829D 2 KB
1 KB 53ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30F9 202 KB
64 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:55 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3638633087173458953/ Frame D0FF 6 KB
2 KB 131ms
41ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3638633087173458953/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c034dcb7726bc6dc1070ba55274f31a016321818008ddee3e82887b8d35960e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16893
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1841
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 16:22:22 GMT
expires: Sat, 16 Nov 2024 16:22:22 GMT
last-modified: Wed, 12 Jul 2023 09:34:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 30F9 0
0 187ms
77ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNjPEiutBeL0F5ojneRUSQsstxzbQSOkTw3_igtYIFPh44ImC1xfeFOcfx3olAHWB-w6M70KKZdJUE0eOKBNGXsJqCbZBvoRJ6tA5IKxpurrTrnmiyVpIaZddU1s-zkUjUNth41VO4d4ZaZBpAUsX1vZDQeBnLgSFn7BHKmttRSb_v&sai=AMfl-YRQY3AP4YuWYeACZ8nxXMLL1HDPpKPmKs5FH-lsuJ1h-GL6oFaavDJEl7oDVSmO8iCGxhOANTtZzv-sgZ92lE5KQLsqhyWpdF6_sw&sig=Cg0ArKJSzI_dWtYsOU8hEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=499&cbvp=1&cstd=495&cisv=r20231109.57135&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 4 KB
5 KB 59ms
46ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2F19906%2Fbadgeupdate.png&v=3&w=400&rid=4&s=sFPYPwb7keL_Ew6_IWjCVNv_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4547
expires: Thu, 07 Nov 2024 09:55:04 GMT

GET
H2 200 1dc60b8aba8f40049194f18e3d2f38fc_cpn_300x600_1.jpeg
static.criteo.net/design/dt/19906/4834108/ Frame 6904 125 KB
125 KB 86ms
73ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/19906/4834108/1dc60b8aba8f40049194f18e3d2f38fc_cpn_300x600_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c2da1931efa197f2ad9f24394351e58109e89affb02a93ebbca87242361c46c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 14 Nov 2023 12:33:09 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65536905-1f439"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 128057
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 15 KB
15 KB 59ms
47ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=104&m=0&partner=19906&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F19906%2F190812%2F319a2d5469c04e068839667ed003cd32_logo4.png&v=3&w=596&rid=4&s=oGPY28g4qaXewGRwM4zJJMg8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

35b40f04792c8406a4d2fcd12d426b98f89677c8deff50d4ca847241c5d76df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 15142
expires: Sun, 03 Nov 2024 05:28:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 11 KB
12 KB 64ms
52ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F22408065_11-202310192235.jpg&v=3&w=800&rid=4&s=TDAUujniQ_HCVSwCvi9X4-Tk&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d846161acc693ba6649977d34722a7bff8c4cc4f87190ab2fb7e1166dce1bfa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11608
expires: Tue, 15 Oct 2024 23:06:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 36 KB
37 KB 71ms
59ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F23407005_2-202101222236.jpg&v=3&w=800&rid=4&s=0NU5nl0WMebtkLhn93GyovGf&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

38a4b51e06f91f45209a163c77f9197fda01b1447b6ab6791518d73a15a5f32a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 37198
expires: Sun, 03 Nov 2024 05:03:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 7 KB
7 KB 58ms
51ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12126311_2-202108130002.jpg&v=3&w=800&rid=4&s=Mw5We8smIC6uKAQTDS590v9n&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

86edf816bfe04c5e61b78786a15c8182049b2ff2cc656551d3f859cd9c290031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7208
expires: Tue, 05 Nov 2024 03:33:20 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 26 KB
26 KB 77ms
71ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F11524767_2-202110061234.jpg&v=3&w=800&rid=4&s=7lsML8L3gksHxwEh-Eqsvpz_&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

075b12936f70f404d2bcc23fc1f3d77efad6e67c3d4815c236b00bab783afd3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 26472
expires: Sat, 26 Oct 2024 05:01:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 16 KB
16 KB 58ms
52ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F27404375_3-202110252233.jpg&v=3&w=800&rid=4&s=C6FjO8uDORcyBnJ0ar8JYVIe&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ee945c5a50330cdb3ff0d1bcf2ca999ba85cc4fd7729a5f130ab096ef1e43f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 16224
expires: Sun, 03 Nov 2024 15:21:06 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 10 KB
10 KB 78ms
72ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F26404920_3-202103302234.jpg&v=3&w=800&rid=4&s=67TAkdYbUPWvK7px5kpa8DLY&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1a9d433f331ed59372cb1405afa5d8344ceab9981ad2974ac26a706e05eaac1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10440
expires: Fri, 08 Nov 2024 06:35:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 19 KB
19 KB 84ms
79ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F22400644_2-202303142234.jpg&v=3&w=800&rid=4&s=i8GXH7RNJokx2zhdPNawxtRY&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7bbdebd71802d0a76f769b796eb813bb4415de65529ab84c12504ce1a853ca17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 19080
expires: Tue, 05 Nov 2024 20:58:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 10 KB
10 KB 77ms
71ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F40401001_8-202305301245.jpg&v=3&w=800&rid=4&s=Mvx87aBwnjBB-Mpf_bGZDTHe&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

da0793cb6e1ab25dde567767fd2900f0e9cdd161b19acb63104855e3ed22e517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9856
expires: Sat, 02 Nov 2024 04:40:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 17 KB
17 KB 98ms
93ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F27404753_6-202308182238.jpg&v=3&w=800&rid=4&s=-kxMRktZ6cfNzI1910IH2Cxh&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0c0a611d2bbbd001ec4e91d5a3d58dcb55c832fbb43dabf5af0f27592dc4b5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 17396
expires: Mon, 14 Oct 2024 18:40:28 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 27 KB
27 KB 96ms
91ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12530853_5-202010230656.jpg&v=3&w=800&rid=4&s=GVN1RC36ETqmDu7iyg-EVlPr&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

33f486e56fab9f192e939e515f7a3647007ddcad9b17abb6146092184e4f76c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 27544
expires: Mon, 04 Nov 2024 06:42:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 7 KB
7 KB 96ms
91ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F40840685_2-202310091239.jpg&v=3&w=800&rid=4&s=GvWlEbP1cbApQC2SWpTs-jKD&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8e70d960e6d84a8684bf367e63e67f290ae07584cb90757a949fee8aaed3e284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7414
expires: Wed, 06 Nov 2024 12:52:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6904 18 KB
18 KB 85ms
80ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F20408102_14-202303241235.jpg&v=3&w=800&rid=4&s=ywOysLH9SbIPNx-obryGAQVe&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6d56a1933d59364dd2cf7b8174259c5582186aab79ebaf35e97787ea8fe3965c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 18674
expires: Wed, 09 Oct 2024 15:47:34 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6904 0
127 B 45ms
41ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=qj78QlGlVMGrqaA9hXWDAz-EWRTnp6P9mhSy_8IjqwEZIldDAszmR7Z1VMsuWsc7B-QcAlP3YScg3au289pv3P5wVJ8NM8RGxqTta9yH_oE-0JsBD3WmkIClr1XlFKiryPNUHDf8BRFNweadubgBxdKR-HJNBed1JzJPktPb8JU2G9Ej5kOXC3OWkMa5iSKhO-OQob_9yQMOB6f01phI4lk0BoVCiSvw82Pambkn5DdsC0uzpuZNI7W3mumzdWLwoPvsGQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 21:03:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6904 2 KB
1 KB 106ms
102ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6904 2 KB
1 KB 106ms
102ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:55 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B806 38 KB
13 KB 44ms
42ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 55175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 05:44:20 GMT
expires: Sat, 16 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EAFB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7da02314194d2b2f532edce64f3207c22f4172847062cf406c20c700789ee898

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A521 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345993263cf359a9b3e2ddb2e1ddfa55a06629200fda265ba06bae4eafa0fc15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AA2E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03919954da12591580ca4581b1b98f543cee4e506465b89deb63946e28d8cb70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame C1FC 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:16:17 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 4596 4 KB
671 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 19:45:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 21:03:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3667 14 KB
1 KB 58ms
58ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 19:53:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 21:03:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3667 2 KB
835 B 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:51:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 3667 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:17:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2318 143 B
166 B 41ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 20:58:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3667 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:00:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BFF5 1 KB
643 B 49ms
49ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Sat, 18 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3667 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3667 0
0 52ms
50ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwMdUC3yvUr9ctQnEg4_1cHfPlrr6Vc8FhjZMXLGx4eu2q0QCxUt9UtoFwleQPUT9I9qWgE6fibI3cVhyQyEgzCUdNKQ
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3667 202 KB
64 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:03:55 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 3667 37 KB
15 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 09:24:49 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 4596 21 KB
9 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 03:59:33 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4596 205 B
520 B 48ms
46ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 77819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Nov 2024 23:26:56 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4596 604 B
696 B 48ms
47ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options: nosniff
age: 336824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Nov 2024 23:30:11 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame A38D 91 KB
23 KB 48ms
47ms Script
application/javascript 2600:9000:20ab:c800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:c800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 7045007
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: kAgwV-qeaNY8hA68bloYWrkH8uyEONxPUrxTiGJma9tswjRrn7Dz9A==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 30F9 43 B
216 B 79ms
79ms Image
image/gif 52.51.176.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=923116&advId=tk3qp9q&campId=bnzq4wb&chanId=tcvdzeq&placementId=1u4bsv1h&pubId=&bidurl=www.tecmundo.com.br&uId=null&impId=eadc7262-7069-42d2-af44-bcd598bcd833&planId=google&adsafe_par&adsafe_url=https%3A%2F%2Fwww.baixaki.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.tecmundo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:413a7c6d-3009-36d2-d219-a6317c556ffe,c:ugtuJa,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7bc8d8d488-cfvkg,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:706,mot:0,app:0,maw:0,fm:tVU4R06+111%7C1121%7C113*.923116%7C1131%7C1132%7C1133%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C191%7C192%7C1a1%7C1a2%7C1b11%7C1b12,idMap:113*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:742,oid:d0fd7052-858c-11ee-8604-d69417886bfb,v:19.8.460,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.176.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-176-114.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
server: nginx
x-server-name: app18.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 hp_styles.css
s0.2mdn.net/sadbundle/3638633087173458953/ Frame D0FF 3 KB
921 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3638633087173458953/hp_styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3638633087173458953/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df76df6d33f812fe85a347aea816253a11bf2147eeb6460aaa2b261f90f5801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3638633087173458953/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 03:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150415
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 892
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 09:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 03:17:01 GMT

GET
H3 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D0FF 113 KB
39 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3638633087173458953/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3638633087173458953/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 21:03:56 GMT

GET
H3 200 CustomEase.js Show response
s0.2mdn.net/sadbundle/3638633087173458953/ Frame D0FF 14 KB
5 KB 145ms
145ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3638633087173458953/CustomEase.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3638633087173458953/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a30fc105419c6d4e451bf35ce8046b3023ab1a60e17e9f64b5c5edfb6096fc3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3638633087173458953/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68311
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4988
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 09:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 02:05:25 GMT

GET
H3 200 hp_main.js Show response
s0.2mdn.net/sadbundle/3638633087173458953/ Frame D0FF 9 KB
1 KB 41ms
41ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3638633087173458953/hp_main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3638633087173458953/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da47052ecc3e262cbc5fe691aa412026136bcb919b243a0869e4aea544732e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3638633087173458953/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 05:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1352
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 09:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Nov 2024 05:00:40 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 30F9 43 B
215 B 117ms
117ms Image
image/gif 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1526752&asId=cfc022dc-bbb4-1d21-a6d2-8345d01df9e1&tv=%7Bc:ugtuKz,pingTime:-2.1,time:1530,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1530,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1524~0%5D,as:%5B1524~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:371,fm:tVU4QON+111%7C1121%7C113*.1526752-72603760%7C12%7C13%7C14%7C15,idMap:113.413a7c6d-3009-36d2-d219-a6317c556ffe.98_923116%7C113*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:20,sinceFw:30,readyFired:false,sis:214%7D&br=c
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 30F9 43 B
215 B 119ms
118ms Image
image/gif 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=923116&asId=413a7c6d-3009-36d2-d219-a6317c556ffe&tv=%7Bc:ugtuKO,pingTime:-3,time:844,type:v,im:%7BpBlk:760%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:741%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:844,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:741,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B135~0%5D,as:%5B135~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tVU4R06+111%7C1121%7C113*.923116%7C1131%7C1132%7C1133%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C191%7C192%7C1a1%7C1a2%7C1b11%7C1b12,idMap:113*,rmeas:1,rend:0,renddet:IMG.us,siq:743%7D&br=c
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
server: nginx
x-server-name: dt29.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 30F9 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=923116&asId=413a7c6d-3009-36d2-d219-a6317c556ffe&tv=%7Bc:ugtuKP,pingTime:-6,time:845,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:845,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:741,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B136~0%5D,as:%5B136~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tVU4R06+111%7C1121%7C113*.923116%7C1131%7C1132%7C1133%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C191%7C192%7C1a1%7C1a2%7C1b11%7C1b12,idMap:113*,rmeas:1,rend:0,renddet:IMG.us,siq:743%7D&tpiLookup=ao:www.baixaki.com.br*%2Cwww.tecmundo.com.br*&br=c
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
server: nginx
x-server-name: dt31.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 6904 2 KB
899 B 48ms
48ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:56 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 6904 2 KB
900 B 43ms
43ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:56 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 829D 2 KB
899 B 42ms
41ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:56 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 829D 2 KB
900 B 43ms
43ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:56 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame AB32 3 KB
4 KB 150ms
50ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1383
x-guploader-uploadid: ABPtcPo1ykyq5_PZDMLk9it3QLPlG2jujIWv-3-zlv8WZ6Pv8084TfZr5DXcaSi9Aad2DnYJXPeK2vDQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3%2Fomlf8zqSCfjDfAK5DPGhJ0WnQFEiRzBrJWZfke9fIYLy6xI4vQt2J4Eaett7uFyEpPT2khEoYv9TXOBpNKkX0eZ0ToJaCjaxOw0mgZCO56has04TiJn2k35auV%2FIxgscbCGnZqGMPXp44P%2FlW53ef"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 827aec5848cb3647-FRA
expires: Fri, 17 Nov 2023 20:49:22 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 30F9 43 B
215 B 117ms
117ms Image
image/gif 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=923116&asId=413a7c6d-3009-36d2-d219-a6317c556ffe&tv=%7Bc:ugtuLG,pingTime:-2,time:898,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1165,beZ:1166,mfA:1872,cmA:1873,inA:1873,inZ:1877,prA:1877,prZ:1900,si:1908,poA:1909,bl:1926,poZ:1926,cmZ:1926,mfZ:1926,loA:2011,loZ:2014,ecZ:2058,ltA:2064,ltZ:2064,mdA:1166,mdZ:1266,idA:1926,idZ:2005%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:160.600,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1700255036073,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:741%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:898,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:741,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B190~0%5D,as:%5B190~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tVU4QON+111%7C1121%7C113*.923116%7C1131%7C1132%7C1133%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C191%7C192%7C1a1%7C1a2%7C1b11%7C1b12,idMap:113.cfc022dc-bbb4-1d21-a6d2-8345d01df9e1.61_1526752-72603760%7C113*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:743,sis:893,sinceFw:155,readyFired:true%7D&br=c
Requested by: Host: 03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 frame.html Show response
ad4m.at/ Frame 2200 2 KB
2 KB 51ms
51ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 325532
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 827aec57fd573669-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 21:03:56 GMT
expires: Tue, 14 Nov 2023 03:24:58 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDzWJDrKEhI3V6AorRa8oJC6cRZht1Y7wVjmb%2B5vFfsML37xHZZFKbtCanjhSEqR%2BTi8efKQKeK0QbnDrupaE%2Fu4RY%2Ff1RNUun8bY7GWDd0jhVVgTLQ5lHZlvT8EqZEic1YXG8w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
298 B 884ms
524ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.baixaki.com.br
Date: Fri, 17 Nov 2023 21:03:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame BFF5
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOFoRvSZeXE0ghvMR7GzXjo&google_cver=1&google_push=AXcoOmQl7g1FsLSJHIziP_1uj8ReqJ95YNhOsildRnoj05tibuh5NH2fdW1MB0W_4Z4FPDMJSIzXx7Vqe6cPBEkw3satol6GFoU
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUxOTUzODgwMDk2MjQ5OTU5Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB9jZeKKOSpzj-DaiWedPQU&google_cver=1

43 B
398 B

45ms
44ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB9jZeKKOSpzj-DaiWedPQU&google_cver=1
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB9jZeKKOSpzj-DaiWedPQU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFF5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELR0yWyEhdatFxfZhYPrxYQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELR0yWyEhdatFxfZhYPrxYQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MTVoR05mMmUxUjQ2MGs1&google_gid=CAESELR0yWyEhdatFxfZhYPrxYQ&google_cver=1&google_push=AXcoOmQYFCn9FdFlUXZde2QdnA2SGSvv79xgYRWa-SUcXCF...

170 B
188 B

51ms
51ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MTVoR05mMmUxUjQ2MGs1&google_gid=CAESELR0yWyEhdatFxfZhYPrxYQ&google_cver=1&google_push=AXcoOmQYFCn9FdFlUXZde2QdnA2SGSvv79xgYRWa-SUcXCFh8kMlc6n07qXK6MIEUU8popBvpfNPy4nlijCKQakK5gVOFpV5_VIT

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 21:03:55 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MTVoR05mMmUxUjQ2MGs1&google_gid=CAESELR0yWyEhdatFxfZhYPrxYQ&google_cver=1&google_push=AXcoOmQYFCn9FdFlUXZde2QdnA2SGSvv79xgYRWa-SUcXCFh8kMlc6n07qXK6MIEUU8popBvpfNPy4nlijCKQakK5gVOFpV5_VIT
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame BFF5 43 B
630 B 210ms
209ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESELSFzz3ePSl8O2oVw4gGRiM&google_cver=1&google_push=AXcoOmRFmjXSSoyx4OZm5eF1lOZ8QoUGr-sbvfkppcMRBOD0acG15sXGKAC9RWWvnLeRvPrOuB6B8ZmE2h0moAXsB1m5cgBQD1W2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRFmjXSSoyx4OZm5eF1lOZ8QoUGr-sbvfkppcMRBOD0acG15sXGKAC9RWWvnLeRvPrOuB6B8ZmE2h0moAXsB1m5cgBQD1W2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 827aec58bff018cd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFF5
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAgb-gLFreM3IlT8u6MlOxs&google_cver=1&google_push=AXcoOmRyMeIU0LHGS1wZ2HyxHFbkyts84Hno_Yi1htpv-4QU4gXtcBNliaO-skoQGTyKt15oXODtAi1FLAsrr4Vv...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VzaV8-hUSQEVeve4Imc4-A&google_push=AXcoOmRyMeIU0LHGS1wZ2HyxHFbkyts84Hno_Yi1htpv-4QU4gXtcBNliaO-skoQGTyKt15oXODtAi1FLAsrr4VvuWcQ4xr2vsPV

170 B
188 B

51ms
51ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VzaV8-hUSQEVeve4Imc4-A&google_push=AXcoOmRyMeIU0LHGS1wZ2HyxHFbkyts84Hno_Yi1htpv-4QU4gXtcBNliaO-skoQGTyKt15oXODtAi1FLAsrr4VvuWcQ4xr2vsPV

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 21:03:56 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VzaV8-hUSQEVeve4Imc4-A&google_push=AXcoOmRyMeIU0LHGS1wZ2HyxHFbkyts84Hno_Yi1htpv-4QU4gXtcBNliaO-skoQGTyKt15oXODtAi1FLAsrr4VvuWcQ4xr2vsPV
x-host: tde-deliveryengine-production-bb588bf9-ldvvf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFF5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELHi9MTIwn2IfsXbwKk4Iz8&google_cver=1&google_push=AXcoOmSj7QFRrfkuJYwfP6jC3rqu2axwMh6xZIQC5no_ZqKc4ZJoZJQyRJU3f-1FarljPPn7rDqbuBJt68TChQFISLkI0nM...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSj7QFRrfkuJYwfP6jC3rqu2axwMh6xZIQC5no_ZqKc4ZJoZJQyRJU3f-1FarljPPn7rDqbuBJt68TChQFISLkI0nM-fBOh&google_hm=eS1FRmFPTllCRTJwR2RkRm...

170 B
188 B

49ms
48ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSj7QFRrfkuJYwfP6jC3rqu2axwMh6xZIQC5no_ZqKc4ZJoZJQyRJU3f-1FarljPPn7rDqbuBJt68TChQFISLkI0nM-fBOh&google_hm=eS1FRmFPTllCRTJwR2RkRm5KOGwwY3JKYWExNUVZcUouUn5B

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 21:03:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSj7QFRrfkuJYwfP6jC3rqu2axwMh6xZIQC5no_ZqKc4ZJoZJQyRJU3f-1FarljPPn7rDqbuBJt68TChQFISLkI0nM-fBOh&google_hm=eS1FRmFPTllCRTJwR2RkRm5KOGwwY3JKYWExNUVZcUouUn5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame BFF5 43 B
362 B 40ms
39ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ2vDZ1foenFQGtNAzVtYbfh7CefSQF757SD-a5sdmHL6JO4bZdcNvIs1oP8lzQIABz5dfhrtJTtCN5Ab4_8khsldHdBAfw&google_gid=CAESEMCNEe6sE9BkfJh5t6mgh1k&google_cver=1

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 236175
expires: Fri, 17 Nov 2023 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame BFF5 0
41 B 42ms
41ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ-N8-DUVPsFXglSF7aJDJ0&google_cver=1&google_push=AXcoOmTgasBHQgyzgaiSaAGDSLUpey6EyMElIXK8JvByXcQZN8wUBZCEohB8RUoXzxhAlL3_gc-Ivmvv6xPYPouZPbgc_1BVJqTV
Requested by: Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 17 Nov 2023 21:03:55 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BFF5 0
12 B 47ms
46ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KeZQWDKEB0RDLUNE2-SgLpfNFsZxG8cLtNFj9Dm1lkqUT0nIXHwrWIp-yHKbUx_W_0hHYW

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B806 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 09:24:52 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2318
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
URL: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:56 GMT
expires: Fri, 17 Nov 2023 21:03:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 829D 16 KB
17 KB 181ms
90ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:56 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 6904 16 KB
17 KB 192ms
109ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 21:03:56 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 30F9 0
0 79ms
78ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNjPEiutBeL0F5ojneRUSQsstxzbQSOkTw3_igtYIFPh44ImC1xfeFOcfx3olAHWB-w6M70KKZdJUE0eOKBNGXsJqCbZBvoRJ6tA5IKxpurrTrnmiyVpIaZddU1s-zkUjUNth41VO4d4ZaZBpAUsX1vZDQeBnLgSFn7BHKmttRSb_v&sai=AMfl-YRQY3AP4YuWYeACZ8nxXMLL1HDPpKPmKs5FH-lsuJ1h-GL6oFaavDJEl7oDVSmO8iCGxhOANTtZzv-sgZ92lE5KQLsqhyWpdF6_sw&sig=Cg0ArKJSzI_dWtYsOU8hEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1179&vt=11&dtpt=680&dett=3&cstd=495&cisv=r20231109.57135&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 banner Show response
www.tecmundo.com.br/comparador/banner/view/ Frame 53F7 15 B
373 B 289ms
289ms XHR
application/json 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tecmundo.com.br/comparador/banner/view/banner?id_banner=371&d=1700255036337

Requested by

Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/static/production/js/plugins.min.js?v=1111

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Apache /

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept: */*
Referer: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Fri, 17 Nov 2023 21:08:56 GMT
date: Fri, 17 Nov 2023 21:03:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
server: Apache
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
content-language: pt-BR
cache-control: max-age=300
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 15
version: 2.10.13

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 53F7 16 KB
12 KB 89ms
89ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1389d2f247e8e69d438ec635664f4fbf6cb1a3cd7fd8661761d1d41bbc4af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12364
x-xss-protection: 0

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 107ms
62ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 827aec59ab0918da-FRA
content-length: 24
content-type: text/plain
date: Fri, 17 Nov 2023 21:03:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKpWUAJ79TH2cOv3bLy7UpgO1RTbbS%2F52LuG0g1XlC44gA6%2FPnGLH0JYlkezxxQ1bIB2tlkzOM0goBAqbtrEIpW%2FDxnQoxnzja%2BlwR7qx3TeuiTtIVQs2reUeVQngiLXDRvzV4M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-405x

POST
H3 200 rs Show response
ad4m.at/ Frame AB32 2 KB
2 KB 65ms
65ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bfb236958004c41e07dd8e1a6599c092ca25e5ca557ffdc9d96e6c06bdd5bf9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37ATpx%2B4OyNuWqFwu2lkTLdsAATCYVwebj56qHpFk7a7GLucDD90NHIepEMmxk3F0NvyM1ZnTADeLDky3rrag9yW80GX6NIDqK6wZiNTWecZgoGehwyn40Gt4iKrqdPybKhL67k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 827aec5a1b6718da-FRA
x-backend-server: aa-reachservice-group-europe-west1-qw10
alt-svc: h3=":443"; ma=86400

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 30F9 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=923116&asId=413a7c6d-3009-36d2-d219-a6317c556ffe&tv=%7Bc:ugtuQe,time:1180,type:e,im:%7BpLoad:1110,pWait:31%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1180,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:741,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B472~0%5D,as:%5B472~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:175,fm:tVU4QON+111%7C1121%7C113*.923116%7C1131%7C1132%7C1133%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C191%7C192%7C1a1%7C1a2%7C1b11%7C1b12,idMap:113.cfc022dc-bbb4-1d21-a6d2-8345d01df9e1.61_1526752-72603760%7C113*,rmeas:1,rend:0,renddet:IMG.us,siq:743,sis:893%7D&br=c
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C4A04B2C938E401EBFFA20C3FBA3FEF7&RedC=c.clarity.ms&MXFR=1DC42CC8510262A9133D3F0455026C82
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4A04B2C938E401EBFFA20C3FBA3FEF7&MUID=3D09EC861E7C62923095FF4A1FF763C9

42 B
444 B

59ms
58ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4A04B2C938E401EBFFA20C3FBA3FEF7&MUID=3D09EC861E7C62923095FF4A1FF763C9
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:55 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 350710870B8548A69A83D67D109C2C70 Ref B: FRA31EDGE0208 Ref C: 2023-11-17T21:03:56Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4A04B2C938E401EBFFA20C3FBA3FEF7&MUID=3D09EC861E7C62923095FF4A1FF763C9
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 89ms
88ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

586d2dba6e67d319084eecffbb7f4190c29fdc494e1022271bf182b53522bf25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12342
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame CAB3 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:16:17 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 53F7 17 KB
6 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 21:03:56 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=215414781&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fwww.baixaki.com.br%2F&el=10&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=29021821.1700255033&tid=UA-144680-1&_gid=1244210414.1700255033&gtm=45He3b81n81PLT9M46v848907248&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=2007223064

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 15:51:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18749
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=215414781&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fwww.baixaki.com.br%2F&el=25&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=29021821.1700255033&tid=UA-144680-1&_gid=1244210414.1700255033&gtm=45He3b81n81PLT9M46v848907248&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1342503322

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 15:51:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18749
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B806 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bm5a_OtVXZYHXOauk9u8PxIiSwAEAAAAAOAHgBAI&bg=!JySlJGvNAAZxrfrxUa07ADQBe5WfOEhOBnZLedsn7xQhcFeM6fPNgyyeUgmmRUr5sDQA6FZvhp6h_-0Wsg2iXcs3nqKXAgAAAGlSAAAABWgBBwoABVPcw78XmQMsHYNDR6NiHHqmctu7nNNV3-flIMwA25TOoyyYQ7BtfylrQNJQKrbmc1VDMcQHMaxAxshQW5FO74W6eNvH5KcZUyEiPUoJ6nOjMipuaUgRqTFofx9Io9LvgwwF78cIDBNTh-VOJ-9Z9-oXi3zHPOuPggMUJijyIaJsd35kPfKfX5L7JX8OHtMNXUKeA76jwreHzq4PPV46738HpLSxaL48ZC10A1Ty7CmdhujuEaBp1X1KT4kpFg12ssd41TZCrUosuAwc3ZbXKdDoJr6BnEs8TPuDH_xszeWr5YnA06l2U0Fv8qBdaKkst2Qi2WyGO46Sb11--sJYPhbGnLPHniquFmR7wsg2BfZjhUZMrb7pAK8oDNnEM06MhsV1juspXWxLkiMLaLfLeshjeX5FSHVYDELSl6ZlSFhlwRzjBpr658KEl5UaSHP9oIglHvvLQRJM-OyRtJWVPSXJH37Tn8nd38NXPf-xMsqpL3UlJBIKVDoAJYkqwf6bH_XKUYAoib47Wq7grULfDYRr2kTs42546ThSU3Yme-06Ap8PaiekNqB9HeiQoNqx_vcETGlr5ZTNiQif9F_pwZhNl21BGqmbtVhJaEgnSJLF3l3OPb9tJvXGLtZtOt743A42Fh72TN2HZgSgSVSQkNWJQCl6mS8t_knJnExPiep9W9X2gQhCXCf6J6XKaHAiS9nmtGdCYmB_eKEelNH6H_fOY1pPWVRFasW96mnk3RuNJcCN74ZnrNo3t7Z02bk6op37DZLkhs3nDM7zzxhNyYqALnSM8Y7_SEOZHgd1J4eCv-BIIWb0h5mCBqQehMaH6ucNYZXKpEOinH6rnIblqCYnHFBzOCfBGH-6_fjQvkdnLOf9lVfDzC0b7ISEu0-zjT2F4EeV8kJKEAMqfepwBU7233zeqDfh_G1CO0Qr1yQFLyhvcqeuAE5xTgto77oZdocFgibOJ99u4WDx-MlC0jAeyIBiO5QbKT8dsK6n9Ij3IVzH6v76cVHJFwozh5Vsye5euEeTgh_eyVHS0gHodew5nu34CQEtWISGVsmgNV_PL_rsU7O0xs5bIUZ463WMRYKR7JA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6862 0
127 B 43ms
43ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 21:03:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 21:03:56 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 6D4D 9 KB
4 KB 66ms
65ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=e7a53f204a8b411f6dc6935fb13f329a%2F8367502191538351043&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700255036457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx20m11371c07g2k827g6p8ngmpyymkayqk0c8ze168vb7vptb3n8eg3vky7fh3wx95w0nme8jp7wv2cx8phjdn6t65fc6anneee74xd13t1nhgad8wbkezh6vh4a2bwdvetrpmjrds5ehhrmd1e38g30pbes4ctmdgj9xceh3c3hvpechhsngdzx4mzmgp72cvvv2ba1g3acztf71f59xyqshpq4dpmsn9h293fh4snbpayznaxsyvasy700nvskc8v9wxcaxc2xa6cb50%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%2526client%253Dca-pub-1712420989769758%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31ee5e0ba52b2ce991a31f65af2951dd58e2af5be11a5239da91d30d6d44c9e6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gpgh5xk4eqwne1hg0k219rzr0avmfj1r3qf16c025dx9e12nta1k0z8aamfbpgznvbdmd39vdmm27x0mgqwbcy8zgyqx7yytxwb2nwkw1aqbtgphv03b391re7ykvecz1yt4fbmc58k4bzm98hcv2rybbn1sht6jfbz65vsdy21666wf6hwzqxqrmdqfh3jjn7vs819fs3yvxsb5z1htegah6eem8s48f6af5gg96czn96g9fds6kv96h5bbkwdg3sqy1dehpyw53m4j6gjwpx8kph2jpss3ma00t7n72rzten1df503tthf0trpgpskx85bgxcsa64hc54je7x187ym93f6e5yfhwm1pvcq3yabx7ndd5by8bdg7qahg2t0yfsx020kq4cgjs9gw8qn8fy5ya1xcmv8qb9hw727v55srdbr6c12&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%26client%3Dca-pub-1712420989769758%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 827aec5a8fc83669-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:56 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 30F9 43 B
215 B 118ms
117ms Image
image/gif 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=923116&asId=413a7c6d-3009-36d2-d219-a6317c556ffe&tv=%7Bc:ugtuT6,pingTime:-10,time:1358,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700255036584%7C%7C5173373c7c0efe5809d907fbafba81f4%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C50d75770fc49199f4a814eebfc9471c8%7C%7C98acb948cd4f5fc5364e54ddada0efd2%7C%7Cfce17d1f3136568814485e99fac53d2c%7C%7C13a1dd1968b66ceccb21f0f8c6e72d73%7C%7C80159c093d7e7ac972a5275c90e6a957%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:944a:86a4:e0e8:d17f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
server: nginx
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BCE9 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tecmundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 18:54:23 GMT
expires: Sat, 16 Nov 2024 18:54:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F9DE 829 B
558 B 51ms
50ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

08f4884d596d34f7dfb66890d264bae886bff5d2407a7c4dc179300cd3ca19bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-74lf005cs5FBT_lP5DnNrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tecmundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-74lf005cs5FBT_lP5DnNrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:56 GMT
expires: Fri, 17 Nov 2023 21:03:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 6D4D 115 KB
14 KB 52ms
52ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=e7a53f204a8b411f6dc6935fb13f329a%2F8367502191538351043&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700255036457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx20m11371c07g2k827g6p8ngmpyymkayqk0c8ze168vb7vptb3n8eg3vky7fh3wx95w0nme8jp7wv2cx8phjdn6t65fc6anneee74xd13t1nhgad8wbkezh6vh4a2bwdvetrpmjrds5ehhrmd1e38g30pbes4ctmdgj9xceh3c3hvpechhsngdzx4mzmgp72cvvv2ba1g3acztf71f59xyqshpq4dpmsn9h293fh4snbpayznaxsyvasy700nvskc8v9wxcaxc2xa6cb50%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%2526client%253Dca-pub-1712420989769758%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=e7a53f204a8b411f6dc6935fb13f329a%2F8367502191538351043&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700255036457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx20m11371c07g2k827g6p8ngmpyymkayqk0c8ze168vb7vptb3n8eg3vky7fh3wx95w0nme8jp7wv2cx8phjdn6t65fc6anneee74xd13t1nhgad8wbkezh6vh4a2bwdvetrpmjrds5ehhrmd1e38g30pbes4ctmdgj9xceh3c3hvpechhsngdzx4mzmgp72cvvv2ba1g3acztf71f59xyqshpq4dpmsn9h293fh4snbpayznaxsyvasy700nvskc8v9wxcaxc2xa6cb50%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%2526client%253Dca-pub-1712420989769758%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 739055
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnML1WlYarlWRLHDpJGRSIjJBcBWVCxnUK1JowIyloYSbLxgXrLpjlstTbsb52Y7BwGn4BgluBmeNY92txTQEhf6o1lbH8lscfqADiTTXnwz%2BNxtFKowYPQBYd5O%2Bg2KXzDf%2BfeYR8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 827aec5af82f3669-FRA
expires: Sat, 18 Nov 2023 21:03:56 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 6D4D 8 KB
8 KB 80ms
60ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=e7a53f204a8b411f6dc6935fb13f329a%2F8367502191538351043&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700255036457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx20m11371c07g2k827g6p8ngmpyymkayqk0c8ze168vb7vptb3n8eg3vky7fh3wx95w0nme8jp7wv2cx8phjdn6t65fc6anneee74xd13t1nhgad8wbkezh6vh4a2bwdvetrpmjrds5ehhrmd1e38g30pbes4ctmdgj9xceh3c3hvpechhsngdzx4mzmgp72cvvv2ba1g3acztf71f59xyqshpq4dpmsn9h293fh4snbpayznaxsyvasy700nvskc8v9wxcaxc2xa6cb50%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%2526client%253Dca-pub-1712420989769758%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 493988
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKMCM%2BJHpvy8WUnGWpqxeg2DVEsRfHz5DBb22GRutmrtXyb39p6DWecq3EvZTb%2BoN%2BS9H4GVJaVrfAGJfVAMM9dPkE275PniK9MXrpWig0g7DJYLvNNYqkNlVxEN%2FklWc5IDoR5%2BsqzgI8KE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 827aec5b1c109a3f-FRA

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 6D4D 20 KB
21 KB 84ms
64ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=e7a53f204a8b411f6dc6935fb13f329a%2F8367502191538351043&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700255036457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx20m11371c07g2k827g6p8ngmpyymkayqk0c8ze168vb7vptb3n8eg3vky7fh3wx95w0nme8jp7wv2cx8phjdn6t65fc6anneee74xd13t1nhgad8wbkezh6vh4a2bwdvetrpmjrds5ehhrmd1e38g30pbes4ctmdgj9xceh3c3hvpechhsngdzx4mzmgp72cvvv2ba1g3acztf71f59xyqshpq4dpmsn9h293fh4snbpayznaxsyvasy700nvskc8v9wxcaxc2xa6cb50%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%2526client%253Dca-pub-1712420989769758%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 400125
cf-polished: qual=85, origFmt=jpeg, origSize=23329
alt-svc: h3=":443"; ma=86400
content-length: 20802
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2023 16:54:32 GMT
server: cloudflare
etag: "e320c43993ae8577c544483e96756c59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NO5BQ8vg5Db70nOZ%2B1maziuigttr8XwVqJIDQi478KFAZsmkViDSRRMa3BqM9pT%2FEDvkEw8odkDW4x90KZNNdN%2BH5MrBduQosI7HhNEZSgh3g4fW7r%2FDWKmx2eMHRhOe0M6XBwxCQRNBS0p7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 827aec5b1c129a3f-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 6D4D
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CK-l8sv3y4IDFcuS_QcdXJULIQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023111722035690618131523X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

151ms
48ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023111722035690618131523X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023111722035690618131523X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=e7a53f204a8b411f6dc6935fb13f329a%2F8367502191538351043&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700255036457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx20m11371c07g2k827g6p8ngmpyymkayqk0c8ze168vb7vptb3n8eg3vky7fh3wx95w0nme8jp7wv2cx8phjdn6t65fc6anneee74xd13t1nhgad8wbkezh6vh4a2bwdvetrpmjrds5ehhrmd1e38g30pbes4ctmdgj9xceh3c3hvpechhsngdzx4mzmgp72cvvv2ba1g3acztf71f59xyqshpq4dpmsn9h293fh4snbpayznaxsyvasy700nvskc8v9wxcaxc2xa6cb50%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%2526client%253Dca-pub-1712420989769758%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 21:03:57 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023111722035690618131523X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023111722035690618131523X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Fri, 17 Nov 2023 21:03:56 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 6D4D 4 KB
5 KB 76ms
58ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=e7a53f204a8b411f6dc6935fb13f329a%2F8367502191538351043&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700255036457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx20m11371c07g2k827g6p8ngmpyymkayqk0c8ze168vb7vptb3n8eg3vky7fh3wx95w0nme8jp7wv2cx8phjdn6t65fc6anneee74xd13t1nhgad8wbkezh6vh4a2bwdvetrpmjrds5ehhrmd1e38g30pbes4ctmdgj9xceh3c3hvpechhsngdzx4mzmgp72cvvv2ba1g3acztf71f59xyqshpq4dpmsn9h293fh4snbpayznaxsyvasy700nvskc8v9wxcaxc2xa6cb50%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%2526client%253Dca-pub-1712420989769758%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615631
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7ggH3Likt7suOUSfbdSnrwudJnl34Oz8B2YLSHcGPHSGkJRKP9gbdmqYx9v1CQaB7SssD0P3kVVEHqpJT3HH%2Bh6V4s8vJH8j3mzRP3a6Vjh0np82qAVBZNmLrLpbBjorQxgZqA8sioXrp%2BK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 827aec5b1c119a3f-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 6D4D 15 KB
16 KB 77ms
59ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=e7a53f204a8b411f6dc6935fb13f329a%2F8367502191538351043&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700255036457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx20m11371c07g2k827g6p8ngmpyymkayqk0c8ze168vb7vptb3n8eg3vky7fh3wx95w0nme8jp7wv2cx8phjdn6t65fc6anneee74xd13t1nhgad8wbkezh6vh4a2bwdvetrpmjrds5ehhrmd1e38g30pbes4ctmdgj9xceh3c3hvpechhsngdzx4mzmgp72cvvv2ba1g3acztf71f59xyqshpq4dpmsn9h293fh4snbpayznaxsyvasy700nvskc8v9wxcaxc2xa6cb50%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%2526client%253Dca-pub-1712420989769758%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 737643
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsjp7qXrFpIMrvzwEWVaW27hjfAMspyp71leUwKK2OTZ1r8JqrZIiH6QIRu7UHgrDLFHX4NJe3Oljd%2B0qIgoz4QvU1fypt84hmaVN9ZbjIb%2FgZHH3LMKRgPA%2BMP%2FM8aDo8TdVA%2BAcrdNhBo1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 827aec5b1c149a3f-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 6D4D 43 B
702 B 224ms
86ms Image
image/gif 23.212.218.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=e7a53f204a8b411f6dc6935fb13f329a%2F8367502191538351043&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700255036457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx20m11371c07g2k827g6p8ngmpyymkayqk0c8ze168vb7vptb3n8eg3vky7fh3wx95w0nme8jp7wv2cx8phjdn6t65fc6anneee74xd13t1nhgad8wbkezh6vh4a2bwdvetrpmjrds5ehhrmd1e38g30pbes4ctmdgj9xceh3c3hvpechhsngdzx4mzmgp72cvvv2ba1g3acztf71f59xyqshpq4dpmsn9h293fh4snbpayznaxsyvasy700nvskc8v9wxcaxc2xa6cb50%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%2526client%253Dca-pub-1712420989769758%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-218-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 21:03:56 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 6D4D 2 KB
2 KB 78ms
60ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=e7a53f204a8b411f6dc6935fb13f329a%2F8367502191538351043&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700255036457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx20m11371c07g2k827g6p8ngmpyymkayqk0c8ze168vb7vptb3n8eg3vky7fh3wx95w0nme8jp7wv2cx8phjdn6t65fc6anneee74xd13t1nhgad8wbkezh6vh4a2bwdvetrpmjrds5ehhrmd1e38g30pbes4ctmdgj9xceh3c3hvpechhsngdzx4mzmgp72cvvv2ba1g3acztf71f59xyqshpq4dpmsn9h293fh4snbpayznaxsyvasy700nvskc8v9wxcaxc2xa6cb50%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%2526client%253Dca-pub-1712420989769758%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 313705
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLnEFkJxjIW0egUB2Kfii9Dp9nLXU3Zub3JXVM%2FFUmEnkBISiZaEEGpf762BaQmcqTTDUW1d43dP2v%2BsdeOQhr1DR39bmybxDnOwG5faPhKqmdL%2FIqug%2FJ3wzf%2F8AitU%2FT8Y9UMLcQDP1p1P"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 827aec5b1c139a3f-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 6D4D 23 KB
23 KB 78ms
61ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=e7a53f204a8b411f6dc6935fb13f329a%2F8367502191538351043&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700255036457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx20m11371c07g2k827g6p8ngmpyymkayqk0c8ze168vb7vptb3n8eg3vky7fh3wx95w0nme8jp7wv2cx8phjdn6t65fc6anneee74xd13t1nhgad8wbkezh6vh4a2bwdvetrpmjrds5ehhrmd1e38g30pbes4ctmdgj9xceh3c3hvpechhsngdzx4mzmgp72cvvv2ba1g3acztf71f59xyqshpq4dpmsn9h293fh4snbpayznaxsyvasy700nvskc8v9wxcaxc2xa6cb50%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmNVOtVXZe_XC9P47gO0uaW4BJDhgYRctqjCivACwI23ARABIABglbKpgrAHggEXY2EtcHViLTE3MTI0MjA5ODk3Njk3NTjIAQmpAgB3GZzURLI-4AIAqAMByAMCqgT3AU_QNBKzoJT6yI5Hkn2CkqvYkwk3_CW1cIC6jdjxNmGgSS45W68nT_NNe-OvlLpbJpMN6D6VrojYk7cx4mAiSWzc7w6K8PfSJnFOSuus52gXniM-KLr7LHa7WSA631fiVV7ntnOy1wq_05x3TJ3x9v_OjfZBNsi20jV4Mee9cR7Q_YDuV-H8Vfz8RPrk1QiO9MeAdT59xh4G6Ghx6ElvyXTMnDgF3FZ9pUpJMNplENjFrhv4qXLHLGUY92vdtTpOVHCJdndU9wn_fViYZMljiPNX5QBEckYFE5rfAf9buZDpO6RpLc0IoSncoCh5MHCMsNg0u1GmTtTgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliTo9rK98uCA_oLAggBgAwB4g0TCNru2sr3y4IDFVO8ewodtFwJR9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0f4A2K-k85GXcU5IppJ9LqCetfuA%2526client%253Dca-pub-1712420989769758%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 413451
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69kh%2BE15JZiH4TFZZN%2FBd08u5gXPpptCIIb3cfg5eVhNhMVzBUAgCaBeN0ikSD9P5wjmgNDA2B2%2Brnw9%2BGoUACkjWYKK1kVG9mHciDjChLnYmO%2BsaPoVR48l6CvemgBslIGqYrkJGX%2BZwgvN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 827aec5b1c159a3f-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 6D4D 43 B
702 B 227ms
90ms Image
image/gif 23.212.218.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-218-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 21:03:56 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5148 13 KB
5 KB 80ms
78ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 18:54:23 GMT
expires: Sat, 16 Nov 2024 18:54:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 21CE 829 B
562 B 50ms
50ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c48298fce2e446ed5419ccc15357985429cd16728a6522f8c7d3c06a7ea7bd83

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XZPtjRUnWz8ZSk5DJnhLyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XZPtjRUnWz8ZSk5DJnhLyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:03:56 GMT
expires: Fri, 17 Nov 2023 21:03:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F9DE 0
0 73ms
72ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311130101&jk=1628061074186824&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame BCE9 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 09:24:52 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5372 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswUbHl2_eM8inUzN9kbxyAyoWyHAIYCDJavaJ3Qt7Et0P5D_aD1eMbPJ9Z0OZS7vT0tQtuJAaKwf9q2kbnQ5-4BHgHaSerIwk5PL-F3tVeSiQl8ciJfpucKTjkb6K5RwKBVVOsseH7mMQz&sai=AMfl-YTVb6Ywks5XfW87TTUHt9koSkK_-Wu9QWU0e0LdTKM4tyjdAsef7vz0m1rH95L3P6gXfnd7JtmuMCRNrmjR4JJpbKh8yc0UbtSOP2LXVJFc9s62QEcIrKv9rtgvcHMLB8FFvBDlnQ&sig=Cg0ArKJSzODtl-G6SnaEEAE&cid=CAQSOwDICaaNlgTI2xS0d556OoIP1qgsnDKotuzH5Sw5A4dB14H8Py1HsRElFVpA-9namtrggy1SDuOZ7mvbGAE&id=lidar2&mcvt=1000&p=86,315,336,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3987075887&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700255034850&rpt=820&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 21CE 0
0 76ms
76ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3143800575038114&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 5148 39 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 09:24:52 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BCE9 0
12 B 39ms
38ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?e0H4qw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5148 0
12 B 39ms
38ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NMOQJA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 30F9 3 KB
2 KB 282ms
43ms Script
text/javascript 52.222.214.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=bnzq4wb_tcvdzeq_1u4bsv1h&w=160&h=600&c=tradedesk01cont1&js=pmw1&base=te-clr1-36c313b4-481e-4734-96c2-62e72120e447&sid=0

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=bnzq4wb_tcvdzeq_1u4bsv1h&c=tradedesk01cont1&js=pmw0&w=160&h=600&sid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-37.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

542d79cf6276d12b2fed3e456b565597c2d8c7deec07226ae9a9b4d73ae56412

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
age: 43890
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1175
x-xss-protection: 1; mode=block
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: y6BnmVccq37DuTOYB_wf8w_dY3f5zetR9uGUi76ARjaMafk6xuTFAw==
expires: Fri, 17 Nov 2023 09:52:27 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 30F9 43 B
978 B 375ms
136ms Image
image/gif 52.222.214.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=bnzq4wb_tcvdzeq_1u4bsv1h&w=160&h=600&c=1952

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-37.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
via: 1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=3600
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: CqZD1KJxU20KbxY9Sym7xBmsmcqs1P42mKfNGThSePe83CqVv6U_zA==
expires: Fri, 17 Nov 2023 22:03:57 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9C20 42 B
64 B 83ms
82ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv988LO0v-BOPZYH2kbmsmsGs8S-mCa-Yygo4JWcm1EkQOySAU63aIWGC6qlqT_qWZxcVyEzxLEZTC1ncpFyRMY39X4a39CdRBTDRQQqB-x8_L-JP345YLm6kEPrzIsH5-0V4NLJDMcZ9yZZgvYjQ20MXnk-GiU0OYSX4AC3WtsKDjXzs4oaE4ce4IsaNmFQhasBeQS1yY7vK2Xt4j2Yd9lFxI1N_mYD8YkAa8MZuKEidLaeNIm7wN76PlX1GvbHp69nJa1MJ-vtY8z-T8zlb0iFbQONb9kOMQ4GJixhCABGy0nx94I1ppSgB9tkRDpavLlM0jHguHe8zi3zX3d_yfDl--0P8WO90YH6_VUeFpYHfkxSyomNsm6xPxonXFuOP1iv4etw3irkytQ5N6eb33uRjHo5wg742z2C_U3wub1b6KwYMPSiZH_Wx0sAomd3V0WtyT4RHSMOKdWehuaDoO6Rfe8oB22ysbOcFW4hd0o-CJNQAcOCRtrPTto1fmG5yGx2KZM7sxaj1TFbcCG3DRUK_MtR7GRsUgleK91pkBlLNnIvOdOZgfDDZCmOFOVfpfi7PK_zPN6dD7zrVVwP0BY75-BV622eeHW7Iexrz9AKLUeVOwtBxskzUmGzVMbfdgIsyVHKqXq1VANAvt2q1y3Cf1dwqGx6OHmnP6LZvcCYJL_4WbNWA8_Eh6u9goGdwPZH5KXaC3VwdmRfsH5XSUXjVHXLBbMW4BeAkOmSUhK5fgo2yIWiX-luWo-Tdq1nYQ2Xsa3br0LCuM7bSGsak0-JRouJKDn0fQfSyjPLZBc89Ur_u4oufiuhKv5f28l2Ozb7ZEVWXcmBHuF2FOFEukEo4Z76kXVnPZ_QbyrqYyR0oAHp238xuvDTP0WWeycPhYrnvqThEoP_Jvnf_aaEUB_hOcUL_HF09VzkbdpQNJ_PtpC4z3xzCbwBc26ndAg8VxyyFBhF2E-GdRhI4urz_pFwSqIresQPZjNQEjexzEqdOMgwi2yMvpRc13heOTyDeU5FGJCm7tLFHlnGNSjQYfwDH1rKQ-UjnTncABHsUkkMl1qQFk2AiMv3yAQ9GVNe_gJV6lPYhHLYRnRjVdMKQoGqnAcF8BM34ePpRgebimJ8l3WCgLYFAibKfrKw520owbsQlTnpP2DhYm48Iz7muBameHFWAmV7Jk9eFEBVrJwVeP83fnkYrWhA3ykRIFkpmQOxDTRY2dkMiQ90tutfmiXUqlOWvhf3VRKp7TK_MZc-ZzG8dNkb0USKB4vPoqi54GRtYRTkg_Y8j-1iMLG3cqUTQkRDYgvwxDvoXfiU1JbKf6pQtDnAg5zmtg6UMLESv87F_tzwEW6uX4zGJHd0TLsfvlm3hzaCbh6iIgeZdfCoB4UT-Pl72g3k2snvCrMZ1whDAvcbCyr-noJLzUIK8r6gv9IIMuyxFX2mjTBOw&sai=AMfl-YSwmpHM38zRNPiUVNYe-LVcJDRlrTXvQaHySX5P4E2Gm9K9uAUpGf6Y0WfzpD3xbdB2IBl18TfqF4ckwDQZnub7VbRrB_vnIFVzlf-gMrKZtjb6WSSDAdPbKP0zSwOttpvn_ClFfYiaMQVyQgaNM3CkLnE&sig=Cg0ArKJSzAv8k1niw74OEAE&cid=CAQSOwDICaaNlgTI2xS0d556OoIP1qgsnDKotuzH5Sw5A4dB14H8Py1HsRElFVpA-9namtrggy1SDuOZ7mvbGAE&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1160&tls=2160&g=100&h=100&tt=2160&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 53F7 0
0 76ms
74ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311130101&jk=1628061074186824&bg=!QEOlQwzNAAZxrfrxUa07ADQBe5WfOAvHMqbp-NMf1h86WWVWsO55uyH6SUha2HVwR39pqfRm5EGA1V-MpMNolRWVXK_vAgAAAHVSAAAADGgBB5kC2Dxi2lSSOL1XuH_SxLfdtPGpStQm_SY15TRMTqYphuFEHQ_t7-z0Bfq0JsBOKdTmx-j5Td4CML1LVzssANcZLgjfexz-MPuBlJTL7EObnubqwnjCMghMc-SxXN68cZDjfn637y4UKCRFm8Z9P8ZhH9590EzFjSxXe-iMsF-5qSNdk30h7o9Gt8lR-P3U32gyNpUSJjJDDMTIUCWAnjv1Hu5AUX0H2gXMRv-4Aul5r0EzCZRl5E988uv2xLGgsn6l0BkJa-Or0J1QNL1SUGYDEI3f_Zeacveze-WCER_Gl6ryRDsR_p9xhP-Tkz400VQ5L8-qpoWk-hej0MY74rWg6oQQ3FODx7Zg85NW1-iMoy1nJpfHjfMhsJ9ss8hG_jVJHAo03Zl4KAkT9SjCcqNM7AtEP0Rxvc2UTaU398QFB9PGOGyg87u8YYjLvW4DS3v_ibrMhLq4b-z0I3_sUbjEak9X4ZMJ4aIIVg1uha1XquGWi4E5QunL-wX_C-m9rtc2vZG4-scqAyRSZxVrnUIKf15Jx9YNFLCdI8lzCjI3Teq_diskG2eGTlznnA19dbvK95jZLmzf72RUeDaUwN7ui3ZDjqWmvL-CSTjAauDGhAHng59bdJWbYSlVQG8Pi9AblqUzuxOMDdCzzYyqRwEelZBjGnYmHJLsfO4PNK5H_0c0ZZUS-5hBtLeE88vVLlE5mrAl2D0JWc1TO3qVIPnsBS_y6kuJOuR0eh7Ah0l6GB9LZA5VJha334meTGjKj4GywZoqcee58OOwYK1tnSxJfyNF6efggZ7SEKAyzMEp51Tv2k8ZvVr5WV3oriZUvvoXZuRmgeWUHHDQBU6ztZ7j6eQekfPS1ScL1bicsFYxJ2p3D6wRrwLdrQyaYrxH2DyM9huW_vtoDCUx-Wr9nTdQXtRyj0-KUC2657_EA3-EGEtf3mwGGFBe7RNwySwUVsndwa5eOoIq7-V6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tecmundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 get Show response
choices.trustarc.com/ Frame 30F9 20 KB
6 KB 41ms
41ms Script
text/javascript 52.222.214.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/get?name=pmw2.js
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=bnzq4wb_tcvdzeq_1u4bsv1h&c=tradedesk01cont1&js=pmw0&w=160&h=600&sid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-37.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0affa837a4669f475d1195dba5f0e3f054035f22e4c560992b71d0f298cedb89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:18:26 GMT
content-encoding: gzip
via: 1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 974731
x-cache: Hit from cloudfront
pragma: public
last-modified: Mon, 6 Nov 2023 03:03:44 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: XhC8W4U8l0V4wQWKAXxpS_a0Q-RY0hFhTmERW9yiev95HWL-AmH3dw==
expires: Wed, 06 Dec 2023 14:18:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 185ms
185ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3143800575038114&bg=!uLulu_TNAAZxrfrxUa07ADQBe5WfOHC9RzV4gvMddL99Ko8r3kiODpkb3K-jKK32epSaSOdtgD69TulUl9dLrVaDgOGjAgAAAHZSAAAAAmgBBwoANhZw4oNRv06drhFXr0s2J8yFoj63haizCvqc-cPbmXibB7Np0QGIIrv114-u0ZR2vooHlrkkepkCt2gDLdkV3YY_-3YLmMy7W_KsVgjkWSalzNrjBvLBFRJksPMX8hJeVvS6uIE_9EGcD88TMxLNPbEL6AdG7v4xQub05an9tfu1oryxbSFCustddHb_uIVTMUZz_PA1j8w_xxc671Eshy7tU682kVLpN98nLjcjRbAyHVHYV5no9HRf02lMREY1EbKlAleBIfQmz-Wu9LptJEzZSeVokSxAkTupnTgLsmdoAUlGZfmt7VBi3xOLxlrp9MNF89YWrA9CFTMEZyff92qy2guTRpBNCO5wvI5dt44VK5bxKDF0yOwQudoHxOJyma1pTizcuv5g925MhsdFBNP_w5YCfnXx1qBIx8Vh0EtQqwl_q2ddinyKMA9N2hg251a-_MFTGyf_DJZdpIfHUY7h4TlxFRTersyRBo6Ym1cYOcROAXmrn37g-kHrkmeUbmtwkHYWuIbVKj21E_veoW5V7D4Zqy30cL8CrfdJGIo6jFASG9LzTJ8t9Be0MB20Lsx2E8cS-f2MqIXYoxUCLWKACAt-dETq2zSiZUEjA_eH0UGC_55DVQne3lyoSH5UIze30CDmaopPb6XeeMWEK0ARz9xoil_fa29H5JLZlCR-fe0kywrS-c_jtnJK2cWpRVctCmISZTLwz0Y4rsdslF7Bq-VLs2sLzncpCP_2NhCG7jRFbt8nQKLaTAXjMFkaEOQqqcSlWYnhAdMeLaogFYyRCc-aYx1Xy5_FNc-4ggNPQ1qkqkliyvGN22J7Xad7j5BjzirucoF8QXrrkTG2dYnMv1koLrI1akLh4X-jBmqzotugetGEz0_By6hThO9K3m7Fu7Jba4ptmVVlnvpzYawzQF_J8efpvR7INB65aeZ7UkzoZectjJDUZFV7GTrRX1yKQw-wt7yhxzMcTB4YqBRX8OPH1kRaOMG--l-jwnum
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
298 B 1232ms
1232ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.baixaki.com.br
Date: Fri, 17 Nov 2023 21:04:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 48ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KDJP529EVF&gtm=45je3b81v874209990&_p=1700255032312&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=29021821.1700255033&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1700255032&sct=1&seg=0&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&_s=2&tfd=10476
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:03:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baixaki.com.br/	1970-01-21 01:53:35	Name: _ga Value: GA1.3.29021821.1700255033
.baixaki.com.br/	1970-01-20 16:19:01	Name: _gid Value: GA1.3.1244210414.1700255033
.baixaki.com.br/	1970-01-20 16:17:35	Name: _gat_UA-144680-1 Value: 1
www.clarity.ms/	1970-01-21 01:03:11	Name: CLID Value: 11afaaed88dd40848a1acc828a486b31.20231117.20241116
.baixaki.com.br/	1970-01-21 01:03:11	Name: _clck Value: 11o6ubo%7C2%7Cfgs%7C0%7C1416
.baixaki.com.br/	1970-01-20 16:19:01	Name: _clsk Value: 5vrfwl%7C1700255033526%7C1%7C1%7Cu.clarity.ms%2Fcollect
.navdmp.com/	1970-01-21 01:03:31	Name: ac3 Value: 1
.navdmp.com/	1970-01-21 01:53:35	Name: nid Value: 13a8149adeb4da9d2330e7f6aa10\|0\|347
.baixaki.com.br/	1970-01-21 01:03:11	Name: nav13767 Value: 13a8149adee100bd6a2c30690610_322
.adsrvr.org/	1970-01-21 01:04:37	Name: TDID Value: 47779dd9-133b-4c32-807b-14a63b677b45
.adsrvr.org/	1970-01-21 01:04:37	Name: TDCPM Value: CAEYBTgBQgQiAggB
.goadopt.io/	1970-01-20 17:43:59	Name: VisitorId Value: ca048ff1-6908-443d-8172-d76e6f45a65f
.baixaki.com.br/	1970-01-20 17:43:59	Name: AdoptVisitorId Value: MYQwDALAHAZjCMBaAbATjFREIGYAmiU8A7AEyJ7HICmyMEArCMgzEA==
.baixaki.com.br/	1970-01-21 01:39:11	Name: __gads Value: ID=5e8f29e7247e2b8b:T=1700255034:RT=1700255034:S=ALNI_MZQRkMX0XuJcGyw7-b2wP7GjWDlhA
.baixaki.com.br/	1970-01-21 01:39:11	Name: __gpi Value: UID=00000ccb70241ea8:T=1700255034:RT=1700255034:S=ALNI_MZipBmpOz1xvykKkE3xKmU5PF2hCA
.doubleclick.net/	1970-01-20 16:17:38	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 20:36:47	Name: APC Value: AfxxVi7si6EW_tsse09vRO2q_TspHRKyAOv-GANBWrrUHTqhQIZKnw
.doubleclick.net/	1970-01-21 01:39:11	Name: IDE Value: AHWqTUm277e983w_xl4APpRqPKrTCnpSjrADiDSDUzssZ7id7vmZgNH3GNBm8UYgts4
.adfarm1.adition.com/	1970-01-20 18:27:11	Name: UserID1 Value: 7302539770192328864
.simpli.fi/	1970-01-21 01:04:37	Name: suid Value: 34EC05656B0D485CBCF49A4ACF2D99CF
.googleadservices.com/	1970-01-20 18:27:11	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 01:03:11	Name: CMID Value: ZVfVO3IFLNabKqLTmo5JVwAA
.casalemedia.com/	1970-01-20 18:27:11	Name: CMPS Value: 1142
.casalemedia.com/	1970-01-20 18:27:11	Name: CMPRO Value: 1142
.baixaki.com.br/	1970-01-21 01:53:35	Name: _ga_KDJP529EVF Value: GS1.1.1700255032.1.0.1700255035.57.0.0
.3lift.com/	1970-01-20 18:27:11	Name: tluid Value: 1919024641854500573478
.quantserve.com/	1970-01-20 18:27:11	Name: d Value: EAsBCQG5KoEA
.quantserve.com/	1970-01-21 01:47:49	Name: mc Value: 6557d53b-b4ee4-ba5bd-e18c6
.ctnsnet.com/	1970-01-21 01:03:11	Name: cid_311071c1ab8b4e06b2aa6233dc069ae3 Value: 1
.ctnsnet.com/	1970-01-21 01:03:11	Name: gid_CAESEP5O9x_bZx4nLa-awoFW4kU Value: 1
.lijit.com/	1970-01-21 01:03:11	Name: ljt_reader Value: HrFvrGZHIS-_ASPXQaWYzBNn
.adnxs.com/	1970-01-20 18:27:11	Name: uuid2 Value: 9084297190608224833
.csync.loopme.me/	1970-01-20 18:30:03	Name: viewer_token Value: 12a94e97-1723-47dc-864d-34bf47b6d412
.turn.com/	1970-01-20 20:36:47	Name: uid Value: 4519538800962499597
.travelaudience.com/	1970-01-21 01:47:49	Name: _tracker Value: %7B%22UUID%22%3A%22573695F3-E854-4901-157A-F7B8226738F8%22%7D
.w55c.net/	1970-01-21 01:47:49	Name: wfivefivec Value: 15hGNf2e1R460k5
.tribalfusion.com/	1970-01-20 18:27:11	Name: ANON_ID Value: avnvQwtMPmFUTgUpyWVotCZccLq92iBgt5anZb3kVBr63bUkcEXtytBFRKQtZckxqL3xRIsQful2CsF9iYUdh7Aat7iexEHif6PmBRgFo5XfnP1wPDD
.w55c.net/	1970-01-20 17:00:47	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-21 01:03:32	Name: A3 Value: d=AQABBDzVV2UCEMIlCi1URMoykqX-rKo47qYFEgEBAQEmWWVhZQAAAAAA_eMAAA&S=AQAAApG2YoTlX3CnIsFbjkbpih0
.bing.com/	1970-01-21 01:39:11	Name: MUID Value: 3D09EC861E7C62923095FF4A1FF763C9
.c.bing.com/	1970-01-20 16:27:39	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:39:11	Name: SRM_B Value: 3D09EC861E7C62923095FF4A1FF763C9
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:39:11	Name: MUID Value: 3D09EC861E7C62923095FF4A1FF763C9
.c.clarity.ms/	1970-01-20 16:27:39	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:17:35	Name: ANONCHK Value: 0
.awin1.com/	1970-01-20 16:20:27	Name: awpv14702 Value: 412871\|1700255036\|d2782970-858c-11ee-84cc-223908f3a6a6
.awin1.com/	1970-01-20 16:20:27	Name: awpv20044 Value: 412871\|1700255036\|d278ecc0-858c-11ee-92fe-22394270969d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.o2online.de/	1970-01-20 16:27:39	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTcwMDI1NTAzN3ZsZWExZGUyMDIzMTExNzIyMDM1NjkwNjE4MTMxNTIzWDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/	1970-01-20 16:27:39	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 16:27:39	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023111722035690618131523X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTcwMDI1NTAzN3ZsZWExZGUyMDIzMTExNzIyMDM1NjkwNjE4MTMxNTIzWDEyMDIxMVYxMjI2MTMyNzAyT

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.baixaki.com.br/ Message: <link rel=preload> has an invalid `href` value
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

03d3ae083f85d458ce961e95fcab76f0.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
ads.travelaudience.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
bk.ibxk.com.br
c.bing.com
c.clarity.ms
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.navdmp.com
cdn.pn.vg
cdnjs.cloudflare.com
ce58c0eba03088006138e9d88694073b.safeframe.googlesyndication.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
csync.loopme.me
de2-bid.adsrvr.org
dis.criteo.com
disclaimer-api.goadopt.io
dsp.adfarm1.adition.com
dt.adsafeprotected.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
image6.pubmatic.com
imageproxy.eu.criteo.net
insight.adsrvr.org
match.360yield.com
match.adsrvr.org
onetag-sys.com
osp-assets.pn.vg
p.smrk.io
pagead2.googlesyndication.com
partner.o2online.de
ping.chartbeat.net
pixel.adsafeprotected.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync.teads.tv
tag.goadopt.io
tag.navdmp.com
tpc.googlesyndication.com
u.clarity.ms
um.simpli.fi
usr.navdmp.com
www.awin1.com
www.baixaki.com.br
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.tecmundo.com.br
www.telefonica-partner.de
104.18.36.155
108.156.60.116
13.95.152.229
142.250.185.194
142.250.186.38
167.233.13.224
172.217.16.194
178.250.1.6
178.250.1.9
179.191.182.65
18.245.60.107
185.89.210.180
198.47.127.19
2001:4860:4802:32::36
216.52.2.16
216.58.206.34
217.182.178.229
23.212.218.19
23.35.233.56
2600:1901:0:76b9::
2600:1f18:1aca:4280:944a:86a4:e0e8:d17f
2600:9000:20ab:c800:8:48e:53c0:93a1
2600:9000:2646:ba00:18:1fcd:353:c61
2606:4700:20::681a:71b
2606:4700:20::681a:ab
2606:4700:20::681a:ad1
2606:4700:20::ac43:4606
2606:4700:20::ac43:4637
2606:4700:20::ac43:4a81
2606:4700::6810:ff3
2606:4700::6811:180e
2606:4700::6812:18ad
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:800::2001
2a00:1450:4001:801::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2008
2a00:1450:400c:c06::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::c
2a05:d018:d29:3602:8101:fe84:3355:65
3.232.12.98
3.33.153.203
3.33.220.150
34.91.62.186
35.186.193.173
35.190.0.66
35.214.145.42
4.227.249.197
46.228.164.11
51.89.9.254
52.222.214.37
52.29.179.202
52.51.13.119
52.51.176.114
54.154.243.27
68.219.88.97
76.223.111.18
84.200.5.215
85.114.159.118
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02bbeda80ceeb8921f45a12d547bcd54e39948b71c7f172a4f0c825cdc6844db
03919954da12591580ca4581b1b98f543cee4e506465b89deb63946e28d8cb70
0502b7b2c046294fdbade142db68d233519c0c04fc411ba8a87fb1487cf10f42
053dc0b1a4cf06c65e6447715a0848e39197b11039e6d98246df3d25ff5f5e68
0602336e0a9d0caf9876031607786b5ebf33f3031722078fef6129a6110423e6
06d192d9224c1e41a76a3c27e4802144f9d3387a23433071f543fc71ad31fe8d
075b12936f70f404d2bcc23fc1f3d77efad6e67c3d4815c236b00bab783afd3a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08f4884d596d34f7dfb66890d264bae886bff5d2407a7c4dc179300cd3ca19bc
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0affa837a4669f475d1195dba5f0e3f054035f22e4c560992b71d0f298cedb89
0b5aa49b400f84b30a5cfb6ba1905f95c719db126e51bf83424b17c5b30eaf4a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb194863449e6a5bb8ae1b272c78d5f8b7919939cd3185e511467c4d91f8ea5
0bfb236958004c41e07dd8e1a6599c092ca25e5ca557ffdc9d96e6c06bdd5bf9
0c0a611d2bbbd001ec4e91d5a3d58dcb55c832fbb43dabf5af0f27592dc4b5d5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c659c2351251346d80951411cf3e8704b382d17b990f900212543f96faaa44d
0ce49ae1438bdd8ea031fd6de91baa573702699ec256bfce49616584df92c697
0d199267e69e6bfa9bdbeb33ceadd2e54f323160457e09c7b0ccadc02645da59
0e3124c571d42b81a3f179b9d9ebac0adeb9b8ed0034fd8b3d027d223c8642f3
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
111f449d476512956db10a51964d47ee4a3f6bbf24a76baa3e4f922a6c0c71f7
13f6f85860befcef4c9588120dc7d2027b7542a11469dbc17cc800681faad4e5
14a236777af102b71783f9eb9b9e2391130abfd04c87d28ddd773b18b1d8e474
157b0c2526e0f70d90786061cdc99fe46708e08e02740a4fcf996474c3a45954
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
175b616d38847e1451a8d93d960619befe774aefeffe27de39ac918fc6981d39
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18810cc7f62acf01765366af6b41e3890fd2ea526b7a35ce622873468d0f39ca
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1a6e351a889e733a8a4ac938e64858fd7b507375550819f4fde00a669baa3700
1a9d433f331ed59372cb1405afa5d8344ceab9981ad2974ac26a706e05eaac1f
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b4ab8263744686e9216e11aa5806f58c663f897c2664f81b8ece30ff9b02fe9
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d8198ecb56a757c0e632f50685fc63d575c4a6409685798652989a46f055c1b
1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61
20dc2a6a39f55cfab55e8a9b3fee0cc77748ee2ddea57d7ff99bbc8c0ac84a2a
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
25f2aa9d475ce40e3821665c081c30da7e85ae4cb4344e1e0b26bbaaf44a0337
26b6fe56ad4e8d293ef0f3f3aecdcbd57befae8b08812e9c98b64c0bb3edbeb1
26c13a1ba297b8f50ee03191bf446c00d28d0ba9dbcc142d22427494fe145b2e
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d5f19c67123e61b2ac783929a1cfafc470f248b5a240864d1449243bd73dc34
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3038c3fbf860a0c460ee0ad00e3f7f85c16403322972e5d8107ca72ff4607659
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ee5e0ba52b2ce991a31f65af2951dd58e2af5be11a5239da91d30d6d44c9e6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33efa183f212a940c132bab3a53c88b3adbf0044933a9b4a9a14cbd1c5b86e4b
33f486e56fab9f192e939e515f7a3647007ddcad9b17abb6146092184e4f76c8
345993263cf359a9b3e2ddb2e1ddfa55a06629200fda265ba06bae4eafa0fc15
35b40f04792c8406a4d2fcd12d426b98f89677c8deff50d4ca847241c5d76df7
36bbf4b3490c908ed266fa0da7fb15eb18e7278509c9bf4f9d8f958d7ce204a7
37b84d35fd0bc35585312a9269873024faf7fe4c6d28cf3ee30f42b3460c7af8
37f795d306181a38b0c682b41420f0e461d6d20a4c82f6d3b9208beabca7b8dd
383c0ebf36d7f49984d2e8e5772c7c987126b636e7f888010d1cac9d8c4d07cf
38a4b51e06f91f45209a163c77f9197fda01b1447b6ab6791518d73a15a5f32a
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3ad45ebf3c0ff695b7d6b90a8daf2a565af7783ac1f389351b7a24801359376f
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c53ad775bdb28fce9a0385cc600f8952d2054ef431b58a2be38faf7a9a32d78
3c9a00c2cd0e54ba2ea5898897ab0a23d1549653889faee464b1da81e70d853f
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3df76df6d33f812fe85a347aea816253a11bf2147eeb6460aaa2b261f90f5801
412009cef52e74ec92076bd93b8ce700d99f89ab14d07922f7f82c02542130a8
41512f475fbebdd88ac4631b7c88f1af0e2fd015e190dabed7e60d4c3ebb5e62
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42413772d3607ab5aa44b4b1eeaee98e932f9251724ddaecaf38d00809f9710d
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
434e426804c71ff13f6aca4add1394784d700881d77fb767bddeea97eaa88aea
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
443546b93e8143c9c77865a9d96fc92e48c36b60ac2f0ed43d380500146a15fa
443e354b86f086967e160ed266eff20cea7a1e0dce02fb789c48695a8c5da6e0
44f2351708b9074768a82aed3494b416aaf64101d9a5874901f6e337a7e81b9e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476bd3b28e3d3cc9c9ded6aa948a1e4ae7bf29eb5fb81c981857181b00f9d80c
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
481ac16a35740a6159c1b357029f5eada79ae03070c87d2fc232c4103612e525
483029fbbed00780659263fea22a08ff4b65193d2679fdf509c96aac743a3c15
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a251f9a6c32852117bf2a73abe92c9f2b38a62880b5da60ae500c99fc0da7f4
4c6b41fa6d7b12bbb62f08baa66a1da5c3e23f4de9a364b45e20c34a05b13cfb
4d23f3bae0ca00448172087bf2190cb832b476b82e741c5dd97a27c6374a4514
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec7bc84f7402eb4e7d330eea4a51282c0597775942acd4599ae304ced91d5f0
4ed9decb578b34e37091a7e9765db5b4295289d52f3bf92e03ef5f645c14c688
4fdf07e9109a2da0b506a51be1a5b3e64cb1e9d674a847f51f6fe6a1f1cad7a1
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51f7a0ace00540bdded49777aaf91ed45f3eacf54afb9be0eb4aaf9fbf04abb3
530f5020b0cd16a7d4c7c845661068d7ad05977ae63614c70600746c12f9edf4
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
542d79cf6276d12b2fed3e456b565597c2d8c7deec07226ae9a9b4d73ae56412
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5504382459f6ba7ed50a72936ea40ea4168323251c8315e633ec6dd1bbecb950
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
586d2dba6e67d319084eecffbb7f4190c29fdc494e1022271bf182b53522bf25
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c4d8c1d71cb3f06e376df4cb71bdcd950b29f9f84f7a6a7a278c220a480ccd4
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5d7a54081588dc8b006952403d7d06a227c6b40c04cd613adb5d71b39a4333b5
5e1f9788804e56603b28fd1c5f6d7921742d055c9d6410e70cc968ae26869b5c
5e227a59c2f841620003ec278d8476c48e8581babf017a144ba308c0f907e33e
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60af737c59104af32ed30ce00483c81beaa95b9488f886d09994b2d88e22f760
60b86d90ec1c3a36c99acdf40bbd3f7a65c2092dc9723c398ce71053d1e12c20
612e1798abdd89f6ebd02453e5f80f5bcee4583b21214c5f56470cc2a1fdabb1
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6221253ad9714c013d8ad0fe4630839bac19c58e88ea423d4cf2a1b9e0f79aac
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62ca6c183dde8b61ababbd2dbbed0d55eb0b56aff88f119475b4b00a4e6a3aaa
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
62f897bda9d7fcb2ae075c06066783cbc80549bd8cc2e40a33e2340c1260e895
66901c355d0ccf2c8e68df75f7223aeb5ba60f191b93bd2932b7cda5b07ac6eb
681af2e622c8759c97e9b12caf6b31e16a6849dce4e1567ae7be4a3c1e5e2f33
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
68d5ca5aa304636bbd4445292c0ce7b26a8d39d838d2fb90d2ff0edffffc51ab
6a61e2152bb0f50b52ed1d49a51f9095edcb2c8a11bc0ba5bc73516a0f3d0612
6afc65cd1dbf5d6450360c53dde94ae10d31b8c1dbd630a94f01e461c52b1320
6d56a1933d59364dd2cf7b8174259c5582186aab79ebaf35e97787ea8fe3965c
708df249df0671baab45d8d393633244062c6519ab7951f86d3d9ac6c56519f2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
7505d7e03d267b06f1f1ce1ab2aa2eeb168acbd9994049a24b42d2016e4c2751
75db0d81ecaef7357e8399d89b5274a42f5f2b8827c5141c68a15413c4cd6177
79ed2e084714116ec490bae4fda28bab0a0c793c9f76bd3ca7261b69ffd27899
7bbdebd71802d0a76f769b796eb813bb4415de65529ab84c12504ce1a853ca17
7d7521cf77aba41609cc4611f0fa174b979318499beae8eb39d58f380f6bec87
7da02314194d2b2f532edce64f3207c22f4172847062cf406c20c700789ee898
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7fb1a63c6cd7a363756f32358ecc30887694ad5bd04c16e1bf7a7b843a824f5d
7fede4ff92e45ef66034faea41d8c0bb3ec52e19a425481420a6914fe7a46a8c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e2c54cb06c6ddfac1d6e71767230f4488ac8e722af67c2fcb394bc0bbb6511
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fa7151be61bc8190b134ddbce1fb7cb902869f2864def2da2606e89d4f310f
86edf816bfe04c5e61b78786a15c8182049b2ff2cc656551d3f859cd9c290031
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
87b4f1657d1e30b19ee3b393c4678eeeac781512548b1bf19858c758d313ba53
8a657fe831072589b2cbb415c5f52c937c97927190f63cab58bff2f6b6aadb4a
8a996c3841fa2f801b54280b3f8ed138da44ce666fa015e864e4bf6d0261ddc5
8b691a3a4c86d48555528953745516052a37717cb47328314754ea81077f7aaf
8bd3bd8dbf5050ebd0673bf97ee05b98f6ab2f72fd555e4f63c879817dc809c6
8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7b3643b7d5c5a5cc315ae1c4c64351ca66c31884e6703833f17045471eca4d
8e70d960e6d84a8684bf367e63e67f290ae07584cb90757a949fee8aaed3e284
8e9f4df0f7d0bbb8361f39c090fd4438739ab2b83b3aa87a154834a98c63ffff
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
935cf9b64b9d350194cee0bbd201b860d26be30b242411bab2d1fe9fc4be6092
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449
952d99276d33e74adea74a2e7be9610226c8769951cafdb71882a3d7a3ddb7fd
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f10fa8c9eb97a27191baceaa3e35bef6f6556a026527cad91d31c46d6bb980
994468c0f21516dea0796c80a893e2183153db3b7250213844ce14c4c00c0903
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f617beff5554644a1ae88ff8a25eb42f7ea2373315d5f1ff5f11a9ff955932
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b91d7026d148839292a081a301b211557af448b4bc5b4c638c8b8681bed6c2f
9dbad73a13cd0f34233e0d0c731bd075bcc8a66dffb65769abd17a309977b4c1
9f1e2010ffc7b59273c6fa68a929b5317e41caaaa25809ee021f0b11eed7cd43
a00abff46408f55fc957f1f4ad379071c0c0f42c9aadfad18eb927e8c5861f9b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a249cc9879cf7e7cd1f6609c3f3ca9008f60cdcdcfbfaf56e5cdb29de1bfa848
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a30fc105419c6d4e451bf35ce8046b3023ab1a60e17e9f64b5c5edfb6096fc3f
a3e09d1bb70875f7caff071153acb9ed39a65d1bddd906826658895b5fc5f660
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
a4aa692f7c38464f7803ed2ce5c80b48c94bfaa369448780cec6a21a8694663e
a5eb836d138f870741033d328c33a3e4bb1fe57026c1b57466c37428e28c3a2b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
aaadcba60ae494e13ec2e8abc57dca8e614e86943782044fb387b7f91d9c3cce
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abc743f91e17e268db5587a9f2b1b0c9afb3a0ca7bd78ddd85d577db926b1f4a
abfb18200969bae5462d682c3a2bd44cb066bb820a70ecc9959a0acc6662452a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afddaa8a919a8a33ced38eeae1ee7bbe21d66458941b560561fe100938148c00
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0533929c94679e1764e59854df5b4c35f25e12f2441858f1387a13c80c13303
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5c5328532f3610f0cca2d3a16d41a87e14e4c85eb3baa9d3a669b618ee7772d
b6e10d37aa93c7523e8563d83e3648ab8a47f03dc54e5b8486232251422522eb
b7786c642ca86768409f9ecc3c7261fa0e9b14279a8a47ccc0f447cbcc4a972b
b841627f57b426c4f559b9afe7f38138d172705417552b9d6c0fb2e2f95d971e
b8fb8c87ad9bb7aa9d223693f8c0d1d3d671f6471cb0fb71c11247653217abfe
ba3c2c7f509173ab6a5052f8f2ce9fed59da307a1e1c3a3e0a29b5e3012b5d70
ba3e6f3c297951fb29ebc8f5e4c88d4267bfc00c94d1e685bdf6a5411ff55463
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bad1945ee4b97bcebce117a1f5288c21db80b06592ad2a160f77c474a31b8f7d
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c034dcb7726bc6dc1070ba55274f31a016321818008ddee3e82887b8d35960e7
c0ef2abbbd1a1057070e79ccf5cc3f569f1f1b621c65c718c030b67de8e5fbab
c2da1931efa197f2ad9f24394351e58109e89affb02a93ebbca87242361c46c9
c48298fce2e446ed5419ccc15357985429cd16728a6522f8c7d3c06a7ea7bd83
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c883a4fb6fe3a0d9103a7e972061e32fb94f1f5eb192b19a77c59fa40f7cfae5
c8934c75d7b6faf5e681a0d3fc7854a70876feebd7f613f792ffe35345486b16
c9cc59f1a54a6a15d83f64d4e84da2750cd868e7a37b1f2bcea7947d90b1e22a
c9e42d37ab1e9a3c75cbda95a6c685753c3bbccc933e204a6b161c5282b33080
c9eff84f192229df9e7d510b1d8d7111ec0a39287a68ad6391c565110fb3a8ef
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd11611c519a8292e00750c134608f8479e2720d244ebd77e12e6846a1dbfeae
cdd1c789e974fbfc4ca7d8545db65e1149e2154c1aa78398598f2d4fb16ae02c
ce0cab8045845ffbf253a8ad09c2957f114e082a60234b6848dbc9d7d08c9d2b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d03bf52989264bbd0fa6fb8e5a5a77278c8ab1364ae575509a233e56c32e29f2
d25c8dcb24ea7c520453c4345f7eb24d0b20a402aa02d0038f836814aae92c44
d4e474f1050d67e8203653858209ae1a670c9e13a343acfeab863111ccb4b165
d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7
d5285788583749d8febe815a785d8a784d981036519f143547f2863fe56af54b
d6e767d8ab7203cc31cd0e2deb23d30d2e2dbdb4221e645da511661b09de66d1
d846161acc693ba6649977d34722a7bff8c4cc4f87190ab2fb7e1166dce1bfa3
da0793cb6e1ab25dde567767fd2900f0e9cdd161b19acb63104855e3ed22e517
da47052ecc3e262cbc5fe691aa412026136bcb919b243a0869e4aea544732e30
dab6b2a6292dac8130d3d474487435360b7e99e8e3868d2dd1eb5c856dd3401d
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
dbba7a0a828407bde3a0515ca668d1ef40acc6af29aab00fc406e09cca057b8e
de18802894346c57fdea7cf687e7b422d33b6c07ddf0b19a958ffa5a064f0484
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0bad65aed0bb1433c7a0bc1504324712b2f5862a4f9aefaa5586976d4180a3b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e7329ebb006b74d985f1ccf79086b0ad32d2378c7bca32167e17713404e093
e470ce9d3528e853537125739960327ef964b2a5a397080630a12a8a8cd7f573
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5bdb144181525baf125d87f86282c568389d3d43d09db2a94baa210fe290d0e
e5d9b42644509e0035e0fc807ddef46ef15a3da90d12c8ebf93461123384570d
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e62c6c553d19ccd93af3fe6e8cc11be4c2a7317ca9b115bc97a12c9748952db1
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e8d7c3dce7d03aaba0496b97463779b2cb65a94f7ca784d9f79c5d75881f1d0b
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
eabd3e9e62dea0c3e2c7540f976cdf699a5ceb9e1592d41d29288666b804edde
eb26702f8f6453f01431da6b65c2b0e2a9851bd365bd1591ee8fec1e1d30fea9
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed40095cbb8a9422dc1720990f3ac67cd3752f0bf432db9feca0288045849369
ee945c5a50330cdb3ff0d1bcf2ca999ba85cc4fd7729a5f130ab096ef1e43f1d
ef1389d2f247e8e69d438ec635664f4fbf6cb1a3cd7fd8661761d1d41bbc4af6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef69eca203e040c5282878fa6a9641e5244da268537cb4a90b74c62ce716ee1c
efa531d3359b51bcb5daa6ed43ab538f05ded049199ac9e2a639725564d1793c
f0407e146bcebab46829dd76ad972189e6153391f9a2f2e30cff965b303d48a9
f1c8ccf2c6c00fea2c67436e338a08d5aa7c45720ccf8a9d609859879930d189
f1e0fee79d0e7f71cd351a14cc1fa636c96cab2b528b0f063a2f019f33afb0d8
f2edf76fbedd3d7a450d861116529acee04cae81ee0e3b2e8fa44869f91653d3
f3cf185f710fb08ab65510ba64c20ff8d68146350398c41c5bf5144a35a89470
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f5904bd549353572027cc444a4a12473c04717561b0a3bbe70f09bb26331227f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b0588c84deaf8c686a053db33a151517e75b4e19f9f10d227c5c18ed127eb2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6eac28efdab193d3db8ce453d2b8fd15a8b1ecd2b6108f72e9875ce3d2d1f29
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7fe0c432d69abfce18ae5ed5e7cba031998da11bbc7aac438a73f40e5925f1a
f805dd01878296d8d30d229360f2d27db297cc3dc9c66735962843e7786159f7
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fa001b35724882aa2decade92d44cfd39bd90da9018a0b9a984f4e710a8fc40a
fb96efc9b09625e10915122c15338c83e9c5213699b2a5408de6c30957587480
fc5e24bfc2b1d0ea7cf9983b92367e7b56354e70d1dd34f351aecc700d695e38
fcae625a5d2d855b472d4c7d01785da24fb33d6f5d44ba0a2e0ddee093a7c91d
fdb973535d609248e2dc328d9d5c7842ca9dbcefebbe9a5d98f52b68aa502b81
fec83bc9c8c355001a36a720d247a3d23de565dd6adb753f516ad5b42c950a26
ffa92dc331c410155a0c720e5c33d31928aee6769ee9a12b55d7cbf0ec2e2c1d
ffc517e472c722f2c7a333c10c3f7c458d3a53f7cec3746922559efd90166374

www.baixaki.com.br Open in urlscan Pro 179.191.182.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

449 Requests

94 %HTTPS

52 %IPv6

56 Domains

88 Subdomains

65 IPs

8 Countries

5267 kBTransfer

13573 kBSize

52 Cookies

26 Outgoing links

Page URL History

Redirected requests

449 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.baixaki.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Screenshot
Live screenshot

Full Image

449
Requests

94 %
HTTPS

52 %
IPv6

56
Domains

88
Subdomains

65
IPs

8
Countries

5267 kB
Transfer

13573 kB
Size

52
Cookies

449 HTTP transactions
11 data transactions